Source: Finance Derivative
Change is often difficult, time-consuming and expensive. But ignore it at your peril. For years, business change of course has centred around digital transformation, what else? Here, the banking sector is not the first thing that springs to mind, nor is it the definition of cutting edge. The truth is that banks have reached a crossroads and need to seriously adapt their businesses now or, over the next few years, some brands may disappear altogether. As the old cliche says: change or die.
It’s time for action
A report from The Financial Times Focus (FT Focus) illustrates the urgency for banks to modernise their offering. Not only do two in three banks expect to lose market share unless they embrace digitisation, but 58% of respondents predict they will cease to exist completely in the next five to ten years, if they fail to change their business models. Wow, that’s a frightening prediction and one that I don’t believe exists in any other sector, making it the ultimate driver for change.
The report goes on to say that with 74% of respondents predicting that technology giants such as Amazon and Google will hold the largest market share of the banking industry within just five years, now is the time for action. I do wonder which brands will fail to achieve enough change and be lost to history.
Making change actually stick
One major obstacle as banks transform digitally is the fact that they cannot let go of their outdated legacy systems. They look even further behind when you consider the likes of Apple, Airbnb, Amazon, Google, Netflix and Uber and how they are actually transforming modern life for all of us. And that customer viewpoint is an important consideration for banks as they have many neo-banks and fintech apps snapping at their heels ready to hoover up their customers if they are perceived to have made the slightest slip.
What is still holding banks back? With constantly shifting goalposts due to changing markets and expectations, reaching that ‘digitally transformed state’ is in reality unachievable. Rather, it becomes a process of continuous evolution as new systems/projects are introduced over the short, medium and long term.
Some banks are grabbing the headlines, for example JP Morgan Chase is moving as much as 50% of its applications and data to the cloud in 2022. Given increasing customer demands and market pressures, as well as the need to respond to world events, it makes sense that banks need to start thinking like technology companies, that’s why the same bank invests $12 billion per year on technology.
Covid sped up the digital transformation process in banking ‘a great deal’ (60% according to Statista) but it is still lagging way behind other sectors with Technology (78%), perhaps predictably topping the list, but also Healthcare (74%), Retail & Ecommerce (70%), and Manufacturing (65%).
Not only do banks appear slow to react to such a crisis, but they are still just dipping their toes in the digital water, with only 27% launching a digital transformation strategy last year.
Furthermore, according to Cornerstone Advisors, seven in 10 banks don’t plan to replace their core systems as part of their digital transformation. In addition, few have deployed—or plan to deploy—core integration/middleware platforms or payment hubs. Without these platforms and without replacing the legacy systems, the promise of real digital transformation will be difficult to attain.
It paints an even bleaker picture when we consider that 70% of transformation projects within financial institutions fail altogether and deliver no meaningful return on investment. Clearly it’s time for them to up their game and use the technology shifts in the market to their advantage.
What does Digital Transformation mean for banks?
When done right, the billions being invested in digital initiatives makes good business sense and delivers a win-win for both customers and banks. Customers enjoy better experiences and the convenience of accessing services across multiple devices; while banks see improved process efficiency through automation.
With customers able to do more online safely and securely, trust in the brand grows, and they can enjoy a more personalised offering with better customer engagement.
Banks benefit in a number of ways too. Not least, increased revenue and client satisfaction due to 24/7 always-on services. Acquisition of new customers becomes cheaper and easier. Better customer engagement stems from leveraging client data. Account management and support become easier via digitised paperwork. Digital transformation enables organisations to build an environment of ongoing innovation and adaptability vital for future growth.
Ultimately, what this means operationally is a huge number of efficiencies, not least: elimination of paperwork; less time spent servicing clients; increased productivity; organisational transparency; effective teamwork; lower operational costs; and risk reduction in core activities.
The challenges facing banks
Bank CIOs and Digital Transformation Leaders clearly do not have an easy job. But with massive budgets on the table surely they can buy their way out of this?
Arguably banks are simply playing catch-up, making investments and changes that should have been made five (or more) years ago.
Not helping the matter is the significant developer skills shortage, which makes it difficult for firms to hire the right technical resources to support projects, and the fact that some projects can take up to 18 months to complete with a traditional development approach.
Furthermore, by the time one area has been tackled, the market has often moved on once again, and the ‘new’ solution is no longer quite as new.
How low-code can help
Business Process Automation is of course vital for banks to achieve any sort of digital transformation. One solution that will help banks meet current, and future, challenges is using low-code in their automation. In fact, Gartner analyst Milind Govekar predicts that 70% of new applications will be developed using low-code or no-code techniques by 2025.
A low-code platform enables organisations to achieve a rapid rate of change with minimal effort, coupled with fast delivery. This is because low-code enables the building and updating of process applications with reduced coding. The traditional hand-coding approach is replaced with an intuitive visual development style. Here, drag and drop user interfaces are used to add different types of elements, such as connection to databases, other software applications or logic elements, and even blockchain implementations.
This reduction in code requirements drastically accelerates development timelines, both for new application builds and change requirements to existing processes. The organisation becomes more agile as a result, and is able to achieve significant gains in operational efficiency without any breaks in governance. In other words, low-code makes complex automation easy and accessible, in a highly streamlined and comprehensive workflow.
CEC Bank, one of the largest financial institutions in Romania, used the Aurachain low-code platform to accelerate digital transformation in three critical areas: an integrated system for monitoring and maintenance of the bank’s ATM and POS fleet, a fully digital onboarding process for new SME customers, and the digitalization of online trade finance solutions for SMEs. Key benefits include an automated platform that achieves high reliability, availability and maintainability of key business services for ATM/POS. In addition, the new onboarding process automates complex workflows, incorporating business rules and actions; implements a single user interface across systems and processes; can be quickly tailored to incorporate internal or regulatory governance processes.
Customer-First Priority Areas
How should banks focus their considerable budgets now to ensure digital transformation success?
The first step is vital to get right: the strategy must focus first and foremost on the customer. Here, automating processes to create a seamless CX plays a major role. In addition, customer data must be used to create more personalised services and products.
Delivering an omnichannel offering is not only important, but expected by customers. Significant technology investments are required to compete with new fintech companies, online banks and challenger banks – as well as meet ever-climbing customer expectations. Not surprisingly, finding specialised business transformation talent to develop such solutions is critical.
Within financial institutions that think they’re three-quarters of the way through their digital transformation strategy (or more), just 39% implement Robotic Process Automation; and way less are using chatbots or machine learning (according to Cornerstone Advisors). Given the fact that low code is so critical to intelligent business automation, how can they seriously be moving towards a digital future without using these technologies? There seem to be some major discrepancies, implying institutions are in fact further away from their goals than they believe.
One thing is clear. With the alternative being possible death, banks need to change now.
Those that step up and put the tech and cultural foundations in place today, including using low-code to achieve process automation, will find themselves well-positioned in the future.
As opportunities arise with more emerging technologies, these organizations will be ready to forge ahead while many others will be falling further behind in the catch-up game.
‘Tis the Season to be Wary: How to Protect Your Business from Holiday Season Hacking
The holiday season will soon be in full swing, but cybercriminals aren’t known for their holiday spirit. While consumers have traditionally been the prime targets for cybercriminals during the holiday season – lost in a frenzy of last-minute online shopping and unrelenting ads – companies are increasingly falling victim to calculated cyber attacks.
Against this backdrop of relaxed vigilance and festive distractions, cybercriminals are set to deploy everything from ransomware to phishing scams, all designed to capitalise on the holiday haze. Businesses that fail to prioritise their cybersecurity could end up embracing not so much “tidings of comfort and joy” as unwanted data breaches and service outages well into 2024.
With the usual winter disruptions about to kick into overdrive, opportunistic hackers are aiming to exploit organisational turmoil this holiday season. Industry research consistently indicates a substantial spike in cyber attacks targeting businesses during holidays, particularly when coupled with the following factors:
- Employee Burnout: Employee burnout is rife around the holidays. Trying to complete major projects or hit targets before the end of the year can require long hours and intense workweeks. Overwrought schedules combined with the seasonal stressors of Christmas shopping, family politics, travel expenses, hosting duties etc., can lead to a less effective and exhausted workforce.
- Vacation Days: The holiday season is a popular time for employees to use up their vacation days and paid time off. This means offices are often emptier than usual during late December and early January. With fewer people working on-site, critical security tasks are neglected and gaps in security widen.
- Network Strain: The holidays also mark a period of network strain due to increased traffic and network requests. Staff shortages also reduce organisational response capacity if systems are compromised. The result is company networks that are understaffed and overwhelmed.
Seasonal Cyber Attacks
There are many ways bad actors look to exploit system vulnerabilities and human errors to breach defences this time of year. But rather than relying solely on sophisticated hacking techniques, most holiday-fueled cyber attacks succeed through tried and true threat vectors:
- Holiday-Themed Phishing and Smishing Campaigns: Emails and texts impersonating parcel carriers with tracking notifications contain fraudulent links, deploying malware or capturing account credentials once clicked by unwitting recipients trying to track deliveries. A momentary slip-up is all it takes to unleash malware payloads granting complete network access.
- Fake Charity Schemes: Malicious links masquerading as holiday philanthropy efforts compromise business accounts when donated to.
- Remote Access Exploits: External connectivity to internal networks comes with the territory of the season. However, poorly configured cloud apps and public Wi-Fi access points create openings for criminals to intercept company data from inadequately protected employee devices off-site.
- Ransomware Presents: Empty offices combined with delayed threat detection gives innovative extortion malware time to wrap itself around entire company systems and customer data before unveiling a not so jolly ransom note on Christmas morning.
Without proper precautions, the impact from misdirected clicks or downloads can quickly spiral across business servers over the holidays, leading to widespread data breaches and stolen customer credentials.
Essential Steps to Safeguard Systems
While eliminating all risks remains unlikely and tight budgets preclude launching entirely new security initiatives this holiday season, businesses can deter threats and address seasonal shortcomings through several key actions:
Prioritise Core Software Updates
Hardening network infrastructure is the first line of defence this holiday season. With many software products reaching end-of-life in December, it is critical to upgrade network architectures and prioritise core software updates to eliminate known vulnerabilities. Segmenting internal networks and proactively patching software can cut off preferred access routes for bad actors, confining potential breaches when hacking attacks surge.
Cultivate a Culture of Cybersecurity Awareness
Cybersecurity awareness training makes employees more resilient to rising social engineering campaigns and phishing links that increase during the holidays. Refreshing employees on spotting suspicious emails can thwart emerging hacking techniques. With more distractions and time out of the office this season, vigilance is more important than ever! Train your staff to “never” directly click a link from an email or text. Even if they are expecting a delivery they should still go directly to the known trusted source.
Manage Remote Access Proactively
Criminals aggressively pursue any vulnerabilities exposed during the holiday period to intercept financial and customer data while defences lie dormant. Therefore, businesses should properly configure cloud apps and remote networks before the holiday season hits. This will minimise pathways for data compromise when employees eventually disconnect devices from company systems over the holidays.
Mandate Multifactor Authentication (MFA)
Most successful attacks stem from compromised user credentials. By universally mandating MFA across all access points this season, retailers add critical layers of identity verification to secure systems. With MFA fatigue setting in over holidays, have backup verification methods ready to deter credential stuffing.
Prepare to Respond, Not Just Prevent
Despite precautions, holiday disasters can and do occur. Businesses need response plans for periods of disruption and reduced capacity. Have emergency communications prepared for customers and partners in case an attack disrupts operations. The time to prepare is before vacation schedules complicate incident response. It’s important to know how and when to bring in the right expertise if a crisis emerges.
By following best practices to prevent cybersecurity standards slipping before peak winter months, companies can enjoy the holidays without becoming victims of calculated cyber attacks. With swift and decisive action there is still time for businesses to prepare defences against holiday season hacks.
Transforming unified comms to future-proof your business
By Jonathan Wright, Director of Products and Operations at GCX
Telephony is not usually the first thing SMBs think about when it comes to their digital transformation. However, push and pull factors are bringing it up the priority list and leading them to rethink their approach.
Indeed, it is just one year until PSTN (the copper-based telephone network) will be switched off by BT Openreach. With a recent survey showing that as many as 88% of UK businesses rely on PSTN, many organisations’ hands are being forced to review their communications ahead of the deadline.
But even if this change for some is being forced upon them, the benefits of building a more future-proofed unified communications strategy far outweigh the associated challenges. Nearly three-quarters of employees in UK SMEs now work partly or fully remotely, indeed the highest percentage of any G7 country. Voice over Internet Protocol (VoIP) telephone systems are much better suited to distributed workforces as the phone line is assigned on a user basis, rather than to a fixed location.
And with more companies now integrating AI capabilities to augment their products and services – like Microsoft Teams Pro which leverages OpenAI for improved transcription, automated notes generation and recommended actions – the productivity-boosting benefits for users are only improving.
Making the right choice
For those companies that are seizing the opportunity to change their unified comms in 2024, what should they consider when making their decision?
- Choose platforms that will boost user adoption – User adoption will make or break the rollout of a new IT project. So due consideration should be given to what products or services will have the path of least resistance with employees. Choosing a service or graphical user interface (GUI) users are already used to, like Zoom or MS Teams, is likely to result in a higher adoption rate than a net new service.
- Embrace innovation with AI capabilities – While some of the services leveraging AI and Large Language Model (LLM) to enhance their capabilities are more expensive than traditional VoIP, the productivity gains could offer an attractive return on investment for many small businesses. Claiming back the time spent typing up meeting notes, or improving the response time to customer calls with automatically-generated actions, will both have tangible benefits to the business. That said, companies should consider what level of service makes sense to their business; they may not need the version with all the bells and whistles to make significant efficiency gains.
- Bring multiple services under a single platform – The proliferation of IT tools is becoming an increasing challenge in many businesses; it creates silos that hamper collaboration, leaves employees feeling overwhelmed by the sheer number of communications channels to manage, and leads to mounting costs on the business. Expanding the use of existing platforms, or retiring multiple solutions by bringing their features together in one new platform, benefits the business and user experience alike.
- Automate onboarding to reduce the burden on IT – Any changes to unified comms should aim to benefit all of the different stakeholders – and that includes the IT team tasked with implementing and managing it. Choosing platforms which support automated onboarding and activation, for example, will reduce the burden on IT when provisioning new tenants, as well as with the ongoing policy management. What’s more, it reduces the risk of human error when configuring the setup to improve the overall security. Or, in the case of Microsoft Teams, even negates the need for Microsoft PowerShell.
- Consider where you work – Employees are not only working between home and the office more. Since the pandemic, more people are embracing the digital nomad lifestyle, while others are embracing the opportunity to work more closely with clients on-site or at their offices. This should be considered in unified comms planning as those companies with employees working outside the UK will need to choose a geo-agnostic service.
- Stay secure – Don’t let security and data protection be an afterthought. Opt for platforms leveraging authentication protocols, strong encryption, and security measures to safeguard sensitive information and support compliance.
Making the right switch
As many small businesses start planning for changes in their telephony in 2024 as the PSTN switch-off approaches, it is important that take the time to explore how the particular requirements of their organisations and how the changes to their communications could better support their new working practices and boost productivity.
Will your network let down your AI strategy?
Rob Quickenden, CTO at Cisilion
As companies start to evaluate how they can use AI effectively, there is a clear need to ensure your network is up to the challenges of AI first. AI applications are going to require your data to be easily accessible and your network will need to be able to handle the huge compute needs of these new applications. It will also need to be secure enough at all points of access for the different applications to end users’ different devices. If your network isn’t reliable, readily available and secure it is likely going to fail.
In Cisco’s 2023 Networking Report 41% of networking professional across 2,500 global companies said that providing secure access to applications distributed across multiple cloud platforms is their key challenge, followed by gaining end-to-end visibility into network performance and security (37%).
So, what can you do to make your network AI ready?
First, you need to see AI as part of your digital transformation, then you need to look at where you need it and where you don’t. Jumping on the bandwagon and implementing AI for the sake of it isn’t the way forward. You need to have a clear strategy in place about where and how you are going to use AI. Setting up an AI taskforce to look at all aspects of your AI strategy is a good first step. They need to be able to identify how AI can help transform your business processes and free up time to focus on your core business. At the same time, they need to make sure your infrastructure can handle your AI needs.
Enterprise networks and IT landscapes are growing more intricate every day. The demand for seamless connectivity has skyrocketed as businesses expand their digital footprint and hybrid working continues. The rise of cloud services, the Internet of Things (IoT), and data-intensive applications have placed immense pressure on traditional network infrastructures and AI will only increase this burden. AI requires much higher levels of compute power too. The challenge lies in ensuring consistent performance, security, and reliability across a dispersed network environment.
Use hybrid and multi-cloud to de-silo operations
According to Gartner’s predictions, by 2025, 51% of IT spending will shift to the cloud. Underscoring the importance of having a robust and adaptable network infrastructure that can seamlessly integrate with cloud services. This is even more important with AI as it needs to access data from different locations and sources across your business to be successful. For example, AI often requires data from different sources to train models and make predictions. A company that wants to develop an AI system to predict customer churn may need to access data from multiple sources such as customer demographics, purchase history and social media activity.
IT teams need to make sure that they are using hybrid cloud and multi-cloud to de-silo operations to bring together network and security controls and visibility and allow for easy access to data. Where businesses use multiple cloud providers or have some data on-premise, they need to be reviewing how that data will be used and so how to access it across departments.
Install the best security and network monitoring
It’s clear that as we develop AI for good, there is also a darker side weaponizing AI to create more sophisticated cyber-attacks. Businesses need end-to-end visibility into their network performance and security and to be able to provide secure access to applications distributed across multiple cloud platforms. This means having effective monitoring tools in place and the right layers of security – not only at the end user level but also across your network at all access points.
Being able to review and test the performance of your SaaS based applications will also be key to the success of your AI solutions. AI requires apps to work harder and faster so tasting their speed, scalability and stability, and ensuring they are up to the job and can perform well under varying workloads is important.
Secure Access Service Edge
The best way to ensure your network security is as good as it can be is to simplify your tools and create consistency by using Secure Access Service Edge (SASE). This is an architecture that delivers converged network and security as service capabilities including SD-WAN and cloud native security functions such as secure web gateways, cloud access security brokers, firewall as-a-service, and zero-trust network access. SASE delivers wide area network and security controls as a cloud computing service directly to the source of connection rather than at the data centre which will protect your network and users more effectively.
If you haven’t already, extending your SD-WAN connectivity consistently across multiple clouds to automate cloud-agnostic connectivity and optimise the application experience is a must. It will enable your organisation to securely connect users, applications and data across multiple locations while providing improved performance, reliability and scalability. SD-WAN also simplifies the management of WANs by providing centralised control and visibility over the entire network.
As we head towards the new era of AI, cloud is the new data centre, Internet is the new network, and cloud offerings will dominate applications. By making sure your network is AI ready, by adopting a cloud-centric operating model, having a view of global Internet health and the performance of top SaaS applications, IT teams will be able to implement their company’s AI strategy successfully.