Financial Services Stakeholder Platform

Latest ResearchRequest to Join
Cloud Usage in the Financial Services Sector
Cloud Usage in the Financial Services Sector

Download

Financial Services Stakeholder Platform
The world of IT banking has changed considerably in the past four years in terms of the adoption and usage of cloud computing technology. The finance industry has moved from “dipping their toe” in the cloud, through experiments and proof of concepts, to material and structural use cases supporting key products and services. A shift in the concerns of financial institutions is visible. The focus has moved from technical issues to regulatory and contractual concerns. Themes like education and skill set have come to the fore (perhaps in part driven by adoption of agile practices as exemplified by DevOps).

What is CSA’s role in helping secure financial services?

The Financial Services Stakeholder Platform reaches a global audience and brings together financial service institutions, financial supervisory authorities, data protection authority, and other national regulatory bodies. This group hosts monthly knowledge sharing sessions with its members; and when able, hosts face-to-face meetings in conjunction with industry conferences.

Together our members discuss and identify commonly acceptable best practices that will help manage the technical security risks related to cloud adoption, and facilitate compliance with laws and regulations. Unlike other CSA working groups, participation in this group is limited to individuals from organizations who are CSA Corporate Members.

Find out about upcoming projects and initiatives planned for this group by downloading the working group charter 

Financial Services Stakeholder Platform

The main objective of this working group is to identify and share the challenges, risks and best practices for the development, deployment and management of secure cloud services in the financial services industry.

Next Meeting

No Meetings Currently Scheduled



Working Group Leadership

Craig Balding Headshot

Craig Balding

Jim De Haas Headshot

Jim De Haas

Sean Gray Headshot Missing

Sean Gray

William Izzo Headshot

William Izzo

Cloud Security Research for Financial Services

CSA Research crowd-sources the knowledge and expertise of security experts and helps address the challenges and needs they’ve experienced, or seen others experience, within the cybersecurity field. Each publication is vendor-neutral and follows the peer review process outlined in the CSA Research Lifecycle. We recommend getting started by reading the following documents.

Blockchain DLT Use Cases

Blockchain DLT Use Cases

Innovative technologies of blockchain and other systems of distributed ledger technology (DLT) have proven their ability to increase security of data during transactions and provide immutable long-term data storage. While blockchain technology is primarily associated with Bitcoin cryptocurrency, many other business models are currently taking advantage of blockchain technology. This paper covers nine use cases beyond cryptocurrency for blockchain.

Cloud Octagon Model

Cloud Octagon Model

In this document CSA provides an approach to assess risk in SaaS cloud computing. The Cloud Octagon Model stems from an approach conceptualized and implemented by the Cloud Security Group within the Technology & Engineering department, Corporate Information Security Office (CISO), ABN AMRO Bank NV (Netherlands). It counts such aspects as procurement, IT governance, architecture, development and engineering, service providers, risk processes, data classification, and country. The model provides practical guidance and structure to all involved risk parties in order to keep pace with rapid ...

Cloud Usage in the Financial Services Sector

Cloud Usage in the Financial Services Sector

This survey analyzes the level of adoption of cloud solutions and requirements from financial institutions’ perspectives. The study analyzed the cloud usage of financial institutions across three main areas of interest: security concerns, regulatory requirements, and governance aspects.

Develop Custom Research with CSA

Work with CSA to develop custom research that aligns with your organizations internal initiatives. Oftentimes there are topics or domains of security that are lacking current best practices or guidance. Ensure your internal initiatives align with the latest developments within the cloud security community by collaborating with CSA. This benefit along with others, are open to CSA Enterprise Members.

“DTCC is proud to be a member of the Cloud Security Alliance, working across industries and geographies in advancing the adoption of secure cloud technology. Cloud offers continued great potential for financial services but it must be adopted in a way that supports the industry’s robust risk management requirements. We are pleased to be working with the CSA and its members to develop security best practices and standards to promote a robust, secure environment for cloud implementations.”  - Stephen Scharf, CSO at DTCC.

Webinars & Resources

Cloud: Real-World Use and Challenges Across Financial Services

Cloud: Real-World Use and Challenges Across Financial Services

In this webinar Craig Balding, Co-Chair for the Financial Services Working Group will discuss: current cloud use in the financial sector, main security concerns such risk management, threat monitoring and technical controls, ie, key management, and established practices for secure and compliant cloud adoption.

How Financial Services can Leverage the Cloud Securely to Drive Business

How Financial Services can Leverage the Cloud Securely to Drive Business

In this session, our presenters will use case studies and personal experience to outline key steps that can be taken to secure financial technology innovators, and explain how traditional, cloud and potentially even blockchain technologies can be used by corporations to ensure the security they need to drive business forward.

DLT Security Framework for the Finance Industry

DLT Security Framework for the Finance Industry

Distributed Ledger Technologies introduce a multitude of value propositions for the financial services industry. The pace of innovation is aggressively picking up in use cases pertaining to finance such as digital assets, tokenization and cryptocurrency. However, the security measures are significantly inadequate to support innovation. There is a growing need for increased vigilance and an industry-standard security framework.

Blog Posts

Five Actions to Mitigate the Financial Damage of Ransomware
CSA CCM & Association of Banks in Singapore Cloud Computing Implementation Guide 2.0 Controls
Understanding the Complexities of Securing a Remote Workforce

Press Coverage