CW500 Interview: Jonathan Moreira, CTO of PrimaryBid.com
Digital transformation is a topic most firms are currently engaged in, and with plans for introducing or increasing the use of digital in an organisation, a discussion surrounding cyber security is not far behind. When it comes to digital transformation, IT leaders must be aware of the security challenges and opportunities that may present themselves when adopting new technologies, as well as how to secure emerging technologies when bringing them into an organisation.
In this CW500 video, Jonathan Moreira, CTO of PrimaryBid.com, gives a fintech startup’s perspective on the security challenges small businesses can face when adopting new technologies.
As pointed out by Computer Weekly editor-in-chief, Bryan Glick, smaller firms do not necessarily have the downside of dealing with legacy systems when trying to build and grow digital capabilities.
But, as put by Glick, most of what startups use are emerging, third party or out-of-the-box technologies, all of which come with the potential of new threats and problems.
Moreira answers questions posed by Glick such as:
What are the big security challenges that come with with bringing new, emerging technologies into an organisation?
What are the key ways internally you can go about making sure your organisation is secure?
If you if you have the opportunity now then to talk to, you know, security leader, you know, maybe at a bigger organization, who who's looking to introduce some of the sort of technologies that you use, you know, who are looking to start a digital transformation program.
If you could give advice to the security leader of a larger organisation as they set out to introduce new technologies to their firms you many already be using, what would that advice be?
Some of this session’s key takeaways for those looking to securely implement digital technologies include:
When using open source technologies that are likely to introduce gateways for hacking, use scanners or other types of software that allows you to mitigate any possible security loopholes introduced alongside digital solutions.
Startups are more likely to use cloud technologies and open source software, so every tool helps. Moreira points out firms “can't be completely bulletproof” so any tool that can help keep on top of scanning code, such as automated scanning systems, can help add a layer of protection. This can include third party or cloud-based tools, which are “massively important” to smaller organisations.
Good management and good coding practices embedded in an organisation from the very beginning are extremely important to keeping it secure. Education and communication between developers and the rest of the organisation is also important, and developers should be constantly reading to ensure they are using the best coding practices.
Do not miss out on out-of-the-box solutions which may offer the same protection as security providers, but at a much lower price.
Moreira’s parting advice is: “Check your use cases, check your firewalls, check your code, and do not overspend because there is no magic wand.”
As part of the same CW500 event, Computer Weekly also spoke to Paddy Francis, CTO, Airbus CyberSecurity.