At BAE Systems we are proud to be part of London Technology Week. London is a hotbed when it comes to startups and finance, highly deserving of its reputation as the fintech capital of Europe.
At BAE Systems we are proud to be part of London Technology Week. London is a hotbed when it comes to startups and finance, highly deserving of its reputation as the fintech capital of Europe. Fintech and cyber security are closely connected, with financial organisations throughout the world seeing cyber security as a huge priority in the future
We have learnt a huge amount from CyLon, the cyber security accelerator that we partnered with last year. Fast and with lean development methodologies, startups are natural breeding grounds of innovation, pivots to solving problems critical for businesses and their customers.
One mantra that startups have is 'fail fast’ – that they shouldn't worry about failing because it's better to realise something isn't working and move on. However, this can be a problem if the startup handles sensitive data. And they must consider whether they're carrying toxic data – sensitive information that has a monetary value, including Payment Card Information (PCI), Patient Health Information (PHI), Personally Identifiable Information (PII) and Intellectual Property (IP).
The danger of having toxic data
Having toxic data is dangerous. In the hands of a cybercriminal, it could lead to consumers having their financial accounts compromised, or identities used for cyber fraud, while businesses themselves could certainly hit the headlines if they fall victim to a data breach, resulting in the considerable reputational damage.
In particular, fintech startups mustn't build minimum viable products that aren’t secure from the beginning. They should focus on cyber security by design – making cyber security part of the overall mind set from the application process to the production delivery process. A fintech startup should, by its nature, have cyber security as part of its culture and DNA. If cyber security is only seen as a final step, all it’s doing is retro-fitting it to the application process.
Fintech companies carrying toxic data must handle it in a secure way and be thoughtful to the consumer and relevant business regulation. It's challenging, even with a great idea, to be heard above the noise and as a result cyber security can become a secondary consideration. But cyber security can be a great enabler and differentiator for a startup, rather than a constraint. There are some useful lessons here to learn for all companies – even multinational financial service organisation using start-up techniques to solve problems in new ways.