With CIO Academy Asia’s reThink CIO Forum: Finance-as-a-Service just two days away, we bring to you this exclusive interview with Pee-Beng Ong, the Vice President and Senior Business Leader for Corporate Security at MasterCard, where we discuss how cyber security concerns could slow down the juggernaut of the FinTech industry.
By CIOAA staff writer
The FinTech startup ecosystem is thriving globally. According to Antony Eldridge, Financial Services and FinTech Leader, PwC Singapore, FinTech is changing the Financial Services (FS) industry from the outside in. “We estimate within the next 3-5 years, cumulative investment in FinTech globally could well exceed US$150bn, and financial institutions and tech companies are stepping over one another for a chance to get into the game,” he said in PwC Singapore’s Global FinTech Report (March 2016).
Because of FinTech’s constant rise and increasing relevance to finance in a digital age, Singapore is also playing a key part in nurturing its growth. Last year, the Monetary Authority of Singapore (MAS) laid out a vision for a Smart Financial Centre, where innovation is pervasive and technology is used widely. To make this vision a reality, MAS has been working closely with the financial industry, FinTech start-ups, the institutes of higher learning and other stakeholders.
However, there are cybersecurity challenges that might create vulnerabilities in this ecosystem. According to the PwC report, financial institutions cite numerous challenges in dealing with FinTech companies citing regulatory uncertainty (69%), differences in business models (54%) and IT security (38%) as the top challenges facing their business.
Will cyber security challenges throw a spanner in the works, and slow down the juggernaut of the FinTech industry?
FinTech and Cybersecurity: The Challenges
To know more about cyber security and FinTech, we spoke to Pee-Beng Ong, who is the Vice President and Senior Business Leader for Corporate Security at MasterCard, and is based in Singapore. He has more than 16 years of professional experience in operations, assurance and consulting across various industries. He manages an international team of security managers who specialize in both cyber security and physical security. Pee-Beng’s job responsibilities include driving security programs and initiatives to support GRC, data protection, employee safety and security, security threat detection and management, incident management, regulatory and industry partnerships, etc.
“Cybercrime will surely follow the money trail in the FinTech space,” Ong told CIOAA. “As more financial services go online, we would expect more exposure to security risks and challenges. This is largely due to the increased attack surfaces and connected end points. Financial companies still need to continue to manage and monitor the risks associated with the use of any technology, against the value to its customers and the rewards they bring.”
One of the remarkable roles that FinTech is playing is that it is enabling millions of previously unbanked people gain access to the financial services ecosystem. According to KPMG, in 2016, only 27 per cent of Southeast Asia’s population had a bank account. That’s leaves some 438 million unbanked. Globally the numbers are even bigger—according to McKinsey, there are 2.5 billion unbanked (2010 data). In this context, FinTech companies could bring financial access to 438 million in Southeast Asia alone. However, it has huge implications for security as well. Will bringing the unbanked into the banking system through digital tools create weak links in the system, and pose security challenges?
“It is inevitable that the risk associated with FinTech would increase with its deployment in new services to better serve customers,” Ong said. “Therefore, it is important that FinTech service providers measure and scale up their security controls and governance in accordance to the risk they could detect in their environment.”
No matter what new technology comes along, the fundamentals of good governance and implementing security best practices do not change. “The ability to constantly monitor, timely detect and manage security incidents would be critical since the security of most technology is not perfect on Day One. We shall not forget that while the external threat increases in FinTech solutions, the risk of insider threat remains, or could increase accordingly as well,” he said.
Machine Learning and Cyber defense in the FinTech industry
Even though cyber security will continue to be a hot topic within the FinTech space, experts are already talking about deploying machine learning to thwart the security challenges.
We asked Ong if he thought machine learning would play a larger role in cyber defense and cyberattacks against FinTech solutions.
“I see machine learning to pick up in order to drive efficiency and consistency in the management of cyber defense,” he said. “With recent development of Artificial Intelligence (AI) in driverless cars in the automobile industry and online customer service chats, I expect to see increasing use of smarter technology in the lower levels cyber defense tools. However, I do not think we are at the stage to replace humans completely and we would still need to rely on trained professionals to analyze and make decisions at the higher level.”
Ong’s conclusion is that the “tug-of-war” between cyberattacks and cyber defense will continue with every new technology.
Cyber security is one of the key topics to be discussed at the reThink CIO Forum: Finance-as-a-Service on the 23 February 2017.
Visit our event website to learn more about our programme. Registration is still open to CIOs, CISOs, Head of Technology or Operations from the financial services industry.