Alex - Fotolia

Information security key to digital era business models

Security will become increasingly important as industries seek to collaborate and use each other’s capabilities to enable new business models, with the banking sector leading the way

In the digital era, boundaries between the various industry sectors are becoming blurred as they begin to collaborate for mutual benefit, according to Laurens Hamerlinck, innovation manager at ABN AMRO.

Traditionally, banking institutions have been large, closed organisations that developed and managed a huge range of products themselves, but that is changing as some seek to work more collaboratively.

The open banking movement is a response to the fact that the world is now connected in a digital way, which has led to the use of open application program interfaces (APIs) to enable third party developers to build applications and services around financial institutions.

“Some banks are adapting to operating in an ecosystem of partners, customers and other partners by establishing a collaborative platform for co-creating solutions for financial needs,” said Hamerlinck.

“In the ‘bank as a platform’ approach, you reframe the whole model. The best way to operate in an open, connected and digital ecosystem is to reorganise in a similar fashion to enable collaboration, both technically and culturally. It is a whole different view of what a bank should look like,” he said.

But this spirit of collaboration is already spreading to other sectors such as media and telecoms, and he predicts that eventually every sector will adopt a similar approach.

Like the banking sector, Hamerlinck expects the energy sector is likely to be the next to become a more “peer to peer” sector, where in the future, excess electricity generated by private solar panels can be exchanged with other consumers for example.

“This emerging open and digital economy offers a lot of opportunities, but also has a lot of challenges – so information security will become a very important capability,” he told Computer Weekly.

Read more about digital economy

Tapping into the benefits of this new economy typically requires a change in mindset to transition from being closed to being collaborative organisations.

This will result in organisations becoming a lot more collaborative and open by looking to capitalise on what they can offer other organisations participating in the digital economy.

“But in this future collaborative economy, security is likely to become a completely different ball game and require organisations to change the way they think about security,” said Hamerlinck.

“Likewise, security companies currently selling products for specific sectors probably need to rethink their future business model,” he said.

Using banks as a business model

Just as banks are moving to offering capabilities to third parties through open APIs, Hamerlinck said security suppliers should consider a business model for providing security capabilities in a similar way.

“The banking sector is already way more collaborative than it was a just a few years ago, particularly with fintech partners. The approach of every bank doing everything for themselves is long gone,” he said.

Instead, banks are implementing technical measures to enable greater collaboration and make it easier, faster and more agile.

“You see banks organising hackathons, setting up accelerator programmes and establishing investment funds to speed up collaboration and make the bank a more attractive platform,” said Hamerlinck.

“You also see banks investing in new capabilities and aiming to attract people with a broader spectrum of skills as they move from being closed enterprises to adopting a more open platform approach,” he said.

This approach could also have a positive effect on cyber security capabilities in sectors outside of banking, which is typically more advanced in most aspects of cyber security and data protection.

“Third parties working collaboratively with banks will be able to benefit from and learn about the information security best practices that are well established in the financial sector,” said Hamerlinck.

“Banks are often one of the first adopters of new technologies and were among the earliest investors in digital security. Consequently, they have a deep knowledge of what security in a digital organisation should look like,” he said.

The importance of data protection

The same is true when it comes to data protection, which is set to become increasingly important as organisations step up preparations to comply with the EU’s General Data Protection Regulation (GDPR) from 28 May 2018.

“On the surface, the open banking paradigm shift may seem at odds with the GDPR, but it could be an opportunity for banks because they are used to dealing with and safeguarding client data, unlike many other organisations that will soon have to comply with the GDPR,” said Hamerlinck.

“If you think of a bank as a platform, benefiting from a its unique capabilities and expertise, you can think about ways banks could help companies outside the banking sector comply with the requirements of the GDPR,” he said.

Hamerlinck is to explore this topic in a presentation entitled Bank as a platform: exploring a new role in the age of technology at the European Identity & Cloud Conference in Munich from 9-12 May 2017.

Read more on Hackers and cybercrime prevention