Fintech is taking on the giants. In terms of industry disruption, they are the cutting edge, fighting hundreds of years of banking and insurance ”dynasties and monarchies”. In order to do so, they have to constantly innovate and find new ways of doing things that have been done the same way by those long-standing establishments for all these years.
The main disruption and innovation of the fintech industry is democratization; giving the power to the people and away from these monarchies. Giving us, the people, the power to decide where to invest, how to save, how to buy your house and how to use the stock market responsibly.
More than a technological innovation it is a cultural one, which requires fintech to rethink how they view and treat their clients. Rather than a nuisance, fintech needs to understand that clients are the engine and that we have a say: we have a say about how our hard-earned money is handled and of-course, also how our other currency, our data, is used. We expect transparency and honesty from our service providers. Transparency of what our data is being used for and how it is being safeguarded, and honesty when something goes wrong. We expect no more smoke screens.
To innovate, fintech must remain at the forefront of technology and continuously develop and fine tune their offerings. They cannot wait for things to be perfect before they go live. This combination of the need to constantly release new products and versions, being a prime target for hacking groups and the obligation for real transparency and honesty towards their clients, means that fintech needs to change the security paradigm and take a different approach.
At the core of the paradigm shift is the question of responsibility and accountability for security. If until today, organizations had the internal security function to lean on as a crutch, we now understand that this function no longer has the tools to assist tech centric organizations secure their ever changing product. We now understand that security should be owned by the different functions in the organization; Developers need to develop secure code, DevOps need to ensure a secure perimeter and so on.
