Fintech News
Data Republic website
Share on facebook
Share on twitter
Share on linkedin
Share on email

Cybersecurity Bites with Innopay

Cybersecurity’s complexity can leave many companies scratching their heads as to the best approaches to take on the matter. This is why Holland FinTech, in cooperation with Innopay, is organising an event on cybersecurity fundamentals on June 13th in Amsterdam. In preparation for this session, Holland FinTech sat down with Jelger Groenland, Innopay’s cybersecurity lead, to talk a bit about what cybersecurity is all about and why it is important.

It’s all about the CIA—confidentiality, integrity, and availability

In today’s digital world, cybersecurity is important because it stands at the core of business. “Trust is a fundamental part of doing business, and cybersecurity is an indispensable part of building this trust, whether it’s with customers or business partners,” Groenland says.

In cybersecurity, trust is built by providing services and structures that bolster confidentiality, integrity, and availability. Without trust, it is difficult to retain customers and foster fruitful business relationships, which in turn can affect bottom lines and undermine customer bases. “Just look at the recent Facebook-Cambridge Analytica scandal,” Groenland notes, “ their users could very well say they don’t trust Facebook with their data and take themselves to another platform.”

But building trust is easier said than done due to the complexity of both threats and the solutions available to respond to them.

Start with business needs, not tech

Solving the cybersecurity equation for most companies will involve implementing some type of technology, such as an identity and access management system or endpoint protection solution. And it’s easy to get caught-up in all the tech solutions that are available and providers out there trying to sell these products.

“But companies shouldn’t start with tech: they should start by understanding their business needs,” advises Groenland. This breaks down into understanding the risk profile and evaluating the maturity of an organisation in different cybersecurity areas. In terms of the latter point, for example, employees may not password protect their computers, or they may leave sensitive documents laying on their desks, meaning they are not completely aware of how these can be entry points for breaches.

In order for companies to understand their key threats, needs, and areas for improvement, they can apply security standards such as the ISO 2700 series and NITS 800-53. These standards cover the gamut of security needs, such as access control, data security, incident response, and cloud security.  The standards are also accessible to, and used by, smaller organisations as well as large financial institutions and can be used to direct companies’ cybersecurity efforts.

The road ahead—the perfect storm for cybersecurity

“We are currently in the perfect storm for cybersecurity,” says Groenland, speaking about how regulations, such as PSD2 and GDPR, reinforce and drive the need to have functioning cybersecurity measures in place for organisations. These regulations are driving requirements for robust cybersecurity, ultimately to foster trust in businesses and their digital organisation and processes.

Hear more about cybersecurity’s ins-and-outs on June 13that our Knowledge Bites event titled “Everything you always wanted to know about cybersecurity but never dared to ask.” You can find more information about the event and sign up here.

By Elliot Lyons, Research Analyst 


Share this Article
Share on facebook
Share on twitter
Share on linkedin
Share on email
Related Insights
Amsterdam Fintech Week
Take a look at our yearly fintech festival, Amsterdam FinTech Week. Go on the dedicated website to check out the 2021 wrap up!
AMLD5 Guide
A source for consulting PSD2 legislation coupled with commentary, tips & tricks, applicability, in collaboration with our member law firms.