In the latest episode of our podcast series, “Embedded Finance: Unplugged,” we delve into the critical realm of information security with Andaria’s Chief Information Security Officer, Malcolm Portelli. We explore the unique security challenges presented by Embedded Finance and how Andaria stays ahead of the curve to protect its clients and their customers, securing the future of Embedded Finance.
The evolution of information security
We began our conversation with Malcolm sharing his daily responsibilities and how his role has evolved over his two and a half years at Andaria. As the company has grown, so has the complexity of its security landscape. Malcolm oversees the entire information security strategy, ensuring systems are secure, monitoring for anomalous behaviour, and strategising for future security needs.
The rapid growth of Andaria and its increased recognition have made it a more attractive target for attackers. Malcolm explained that as the company’s footprint expands, so does the need for more sophisticated security measures.
Navigating security in Embedded Finance
Embedded Finance introduces additional layers of complexity compared to traditional financial models. Malcolm highlighted that dealing with the end customer directly provides more control over security measures. However, adding an intermediary layer – which is typical in Embedded Finance – requires enhanced controls to protect not just the end user but also the intermediary partners.
Malcolm discussed the importance of implementing security best practices, such as multi-factor authentication, which is crucial across all industries but especially vital in financial services. He emphasised that while these practices are mandatory for financial institutions, they should be adopted universally to enhance security.
Collaborative security measures
To effectively integrate Embedded Finance solutions, Andaria works closely with clients to ensure they implement necessary security controls. At Andaria, we provide a comprehensive list of requirements and guidelines to clients, ensuring compliance with financial regulations and data protection laws like GDPR.
This collaborative approach extends to ongoing risk assessments. Malcolm’s team conducts thorough evaluations of service providers, internal systems, and clients to ensure robust security practices are in place. These assessments are crucial in maintaining a secure ecosystem, particularly given the ever-present risk of supply chain attacks.
Staying ahead with technology
The conversation turned to the impact of emerging technologies on security. Malcolm pointed out that while generative AI poses risks by enabling more sophisticated attacks, it also offers opportunities to enhance security measures. AI can improve the detection of phishing emails and other anomalies, helping to automate and streamline the security process.
It’s imperative to use top-tier technology to protect our infrastructure, data, and people. We constantly evaluate and update our security tools to stay ahead of potential threats.
Preparing for the future
Looking ahead, Malcolm identified two major challenges and opportunities: the ongoing evolution of AI and the emergence of quantum computing. Both have the potential to significantly impact the security landscape. Staying informed about legislative changes and technological advancements is essential to ensure Andaria’s security measures remain effective.
Our commitment to security in the Embedded Finance space is clear. By implementing best practices, collaborating closely with clients, and leveraging advanced technologies, we ensure a secure and compliant environment for financial transactions.
Want to learn more about our Embedded Finance solutions? Contact us today to explore our services and discuss your specific needs.
Listen to the full interview with Malcolm on our YouTube or Spotify.
