IBM and CSA help financial services manage risk and regulations
IBM has revealed that it is working with the Cloud Security Alliance (CSA) to further advance security and risk management of cloud within financial services.
Building on IBM’s mission to reduce risk for the industry with security, compliance and resilience at the fore, the IBM Cloud Framework for Financial Services is designed to help clients automate their security and compliance posture.
The framework is central to IBM Cloud for Financial Services, a cloud with built-in security and compliance controls to help clients as they work to reduce risk, tackle ongoing regulations and accelerate cloud adoption.
It is mapped to the Cloud Security Alliance’s Cloud Controls Matrix (CCM) – a cybersecurity control framework for cloud computing, which can help customers drive innovation faster while addressing third- and fourth-party risk in cloud.
With the alignment, organizations that have adopted CSA’s controls can now use services or transact with SaaS providers on IBM Cloud for Financial Services with confidence.
“As global regulations continue to evolve, it is critical for all organizations to meet changing requirements while operating in a secure cloud environment – but it is even more critical for highly regulated industries such as financial services,” says Jim Reavis , CEO of CSA.
“With its long history and deep expertise working with some of the world’s best-known financial services organizations on their modernization journeys, IBM understands the importance of establishing a highly secure hybrid, multi-cloud architecture that can allow organizations to scale workloads to host wherever they have to. be. Together, we aim to help financial services organizations drive growth and reduce systemic risk with a more secure cloud landscape and by empowering them to address evolving regulations globally – from DORA to data sovereignty,” continued Reavis.
Collective intelligence aims to reduce financial services risk
Designed for financially regulated industries, IBM Cloud for Financial Services was launched in 2019 in collaboration with partner banks including Bank of America and BNP Paribas. It aims to help financial services organizations address the industry’s cybersecurity, regulatory and operational requirements, while providing the benefits and flexibility of the cloud in a secure environment.
Leveraging the collective intelligence of the IBM Financial Services Cloud Council – a network of more than 120 financial services CIOs, CTOs and risk and compliance officers such as Banco Bradesco, Nationwide, Banco Sabadell, Virgin Money and MUFG – the platform includes industry insights and built-in controls that can help financial institutions meet their security and compliance requirements of this highly regulated industry.
These industry informed controls are not IBM’s – they are the industry’s collective controls. While IBM Cloud has implemented these controls as part of IBM Cloud for Financial Services, it has also made them available for customers to use on multiple clouds (public or private) – by managing workloads with IBM Cloud Satellite and their compliance through the IBM Cloud to monitor Security and Compliance Center.
“As organizations strive to keep up with the latest regulatory requirements and evolving data sovereignty laws, security and compliance are at the heart of our approach. We are on a mission to be the world’s most secure, stable and resilient cloud, which is why many of the world’s largest financial services organizations have worked with us over several decades,” said Howard Boville, head of IBM Cloud Platform. said.
“IBM Cloud for Financial Services is specifically designed for highly regulated workloads, enabling financial services and other regulated industries to confidently host applications and workloads in the cloud while addressing third- and fourth-party risk throughout their supply chains. As we continue our mission to help reduce risk in financial services, through our work with the Cloud Security Alliance, we can today demonstrate alignment with their Cloud Controls Matrix, a globally recognized industry standard,” added Boville .
Lead with security and compliance as the stringent regulatory landscape evolves
With regulations continuing to evolve, financial services organizations must prioritize security and compliance to keep up with the demands of new requirements. However, maintaining security and compliance requirements should not come at the cost of innovation.
The IBM Cloud Security and Compliance Center aims to help financial services reduce the amount of time and money spent maintaining compliance by enabling them to monitor and demonstrate their compliance efforts in the cloud and enable them to free up resources to drive innovation.
The offering includes security posture monitoring capabilities with built-in controls and profiles to help customers meet industry requirements such as CSA’s CCM and enables customers to proactively monitor their compliance posture.
IBM Cloud for Financial Services also includes IBM’s confidential computing capabilities and encryption technology to ensure that clients’ data remains just their data – even IBM can’t access it.
IBM will continue to work with organizations, such as the CSA, to help customers drive innovation while monitoring their regulatory and security posture.