Antwerp Management School (AMS) research involved 120 respondents from 10 financial institutes in a large study to improve regulatory approaches. Karthik and Erwin will highlight the main findings and conclusions in this talk. Prof. Yuri Bobbert who supervised this work will explain WHY such research is vital in order to improve the overall cybersecurity market.
The information security requirements from the regulatory bodies overseeing the financial industry lack information on how these requirements and guidelines can be implemented in an Agile/DevOps environment and the (cloud) infrastructure supporting it. Working per these requirements is a prerequisite for maintaining a banking and insurance license. Besides the business necessity of maintaining the license, the risks of working in an Agile/DevOps environment are similar to working in a more traditional environment; thus, not mitigating those risks would lead to an unacceptable risk position. Upcoming regulatory requirements in the Financial Industry bring extra complexity. This talk examines the DevOps and Agile dynamics, the regulatory requirements and what is lacking in the current approaches. The presenters finish with some Nuts and Bolts of the current way of working in supervision and achieving real security and compliance for the financial industry.
After this talk, you will:
- Have good insights into the reserach findings of the shortcomings in the regulator’s approaches
- Insights on how you can learn and apply the findings and advisories
- Knowledge of how industry collaboration can be done “together” with the regulator
- How the regulator (DNB) responded to the results of this research
- How AMS as research vehicle manages to do large-scale and global reserach and market consultations to improve the industry and enrich the Body of Knowledge
