The essence of “Security by Design”

private

With great new possibilities come great new security and privacy challenges and threats for the financial sector. Systems are increasingly connected, increasingly complex, increasingly open and increasingly under threat of criminals and cyber vandalists. The proof of this can be read in the papers almost every day. The growth of financial high-tech is faster than ever, bringing new security possibilities and issues, and at the same time there is still a large base of legacy that is not going anywhere, also bringing challenges with respect to security risks.

Software plays a large role in these threats because it is central in the processing of information. It is with good reason that in the new “PCI DSS 3.2” it is now explicitly required that the source code should be reviewed by experts prior to releases. This is essential to really find the weaknesses buried in these systems that cannot be found using the regular security tests. These weaknesses require 100 times more effort to fix than to build it right in the first place, which is why it is so important to practice “security by design” as early as possible in the development process.

New privacy regulations, especially the GDPR, require that – apart from securing personal data – the way of processing this data also needs close attention. Regulation fines are higher than ever.

In this key track session, we will take you through observations we made during the many software security & privacy assessments that we performed, to show you and share with you the pitfalls of unconscious incompetence. Next we will analyze why we are seeing the same mistakes over and over again. This allows us to address the root causes to come towards a ‘set of steps’ that is essential for your daily practice to secure your business and your clients interest and trust.

Related interesting reads:
1. Web – Escape from legacy mountain

2. eBook – The Seven Deadly Sins of Insecure Mobile Apps

  • @EuroPaySummit

    European Pymt Summit European Pymt Summit @EuroPaySummit Ant Financial launches core #banking product https://t.co/GRvKaOqTuj via @Finextra 6 weeks ago
    European Pymt Summit European Pymt Summit @EuroPaySummit RT @bottomlinetech: Who knew Formula 1 racing had so much in common with #payments? Great insights from @neirajones on the impact of #mach 6 weeks ago
    European Pymt Summit European Pymt Summit @EuroPaySummit RT @swiftcommunity: National Settlement Depository, #Russia’s central securities depository (CSD) has become the first CSD to sign up for #… 6 weeks ago
    European Pymt Summit European Pymt Summit @EuroPaySummit RT @PayCompliance: Consumer and privacy watchdogs have criticised the draft law to facilitate the launch of open banking in the country, wh… 6 weeks ago
    European Pymt Summit European Pymt Summit @EuroPaySummit RT @Finextra: RBI fines Indian banks over Swift compliance failures https://t.co/dExl5kMa47 #fintech 6 weeks ago
    European Pymt Summit European Pymt Summit @EuroPaySummit BRICS countries to create own #payment system to cut dependence on West — RT Business News https://t.co/QvaDbaEQIZ 6 weeks ago
    European Pymt Summit European Pymt Summit @EuroPaySummit Swift combines with Asia Pacific institutions on DLT for proxy voting https://t.co/2kewbi6ui4 via @Finextra 6 weeks ago
    European Pymt Summit European Pymt Summit @EuroPaySummit RT @SustainableDFS: Government plays a central role in the progress of any #financialinclusion campaign. They are primarily responsible for… 6 weeks ago
    European Pymt Summit European Pymt Summit @EuroPaySummit German startups @figo and @finreach to merge https://t.co/nnKgGWl4UH via @Finextra #banking #API 6 weeks ago
    European Pymt Summit European Pymt Summit @EuroPaySummit RT @cbpaymentsnews: "Interoperability can unlock the potential of digital financial services (DFS) and advance financial inclusion" - via n… 6 weeks ago
    European Pymt Summit European Pymt Summit @EuroPaySummit RT @cbpaymentsnews: Open banking coming to #NZ - Payments New Zealand releases #API standards for #Payment Initiation and Account Informati… 6 weeks ago
    European Pymt Summit European Pymt Summit @EuroPaySummit Today, we have our eyes set on the great insights shared at the European Future of Payments Conference, organized b… https://t.co/jYBWmfM03x 6 weeks ago
    European Pymt Summit European Pymt Summit @EuroPaySummit RT @PayCompliance: BREAKING NEWS: European authorities confirmed that recurring card payments can be initiated by the payee, exempting thos… 6 weeks ago
    European Pymt Summit European Pymt Summit @EuroPaySummit RT @nsureio: API Standards Reveal Puts New Zealand On Cusp Of Open Banking - PaymentsCompliance https://t.co/l0U4pK5Q2D 6 weeks ago
    European Pymt Summit European Pymt Summit @EuroPaySummit RT @ebaclearing: ECB report finds that #SEPA migration has provided the foundations for facilitating an interoperable, efficient and compet… 6 weeks ago
    European Pymt Summit European Pymt Summit @EuroPaySummit RT @Irish_TechNews: eBay partners with Enterprise Ireland to open global window of opportunity for Irish SMEs https://t.co/kJ6MzndF7x 6 weeks ago
  • Also interesting
    Meet the Florin Awards Europe 2019 Nominees
    Written on 17 April '19 by
    READ MORE
    David Birch, Consult Hyperion: "We need national strategies to manage the transition to cashlessness"
    Written on 16 April '19 by
    READ MORE
    Emerging Business Models Powered by Industry Changes
    Written on 11 April '19 by
    READ MORE
  • News