Guest blog: Safety in numbers: Security in the Public Cloud

Guest blog by Guy Griffin, Client Partner, Banking & Capital Markets, DXC Technology

Guest blog by Guy Griffin, Client Partner, Banking & Capital Markets, DXC Technology

In his latest guest blog, Guy Griffin, Client Partner, Banking & Capital Markets, DXC Technology, lays out the key critical elements banks and building societies should consider to become best-in-class public cloud-first companies.

The convention of security as a building surrounded by barbed wire and dogs with big teeth is a well-founded one. It is natural to consider something secure if you can see it, lock it, and direct a camera at it, safe in the knowledge you’ve paid for the right security people and chosen somewhere unlikely to be hit by a meteorite or an earthquake.

However, there is also the convention of safety in numbers. We know that being part of a large herd makes you statistically safer than going alone. Nobody wants to be the lone wildebeest.

The trouble is that if you’re in a competitive market then you may not wish to share the same safe patch of ground with your competitors, including customer data. For banks and building societies, there is the added complication of operating in a highly regulated industry with customers who wish to consume products and services in an ever-increasing number of ways.

One possible answer to the dilemma is to return to the well-worn adage that ‘banks (and building societies) do banking’ and ‘tech companies do tech’. There’s a lot of truth in these statements, however, if that means handing over infrastructure operations up to and including processing sensitive data, it’s easy to see why there could be hesitation.

To help make sense of this is to consider not just one’s own organisation but the market in total. Even the largest tier-one banks are not able to invest in security at the same level of the hyperscalers of this world and they do so for dozens of sectors, not just financial services.

With this kind of scale, it’s not only investment cloud attracts, but also talent. The diversity of challenge and dynamism of strategy that comes with working for a hyperscaler has brought some of the best in the business to the fore.

Despite the obvious benefits of herd mentality, journeying to the cloud needs to have a clear strategy. Without proper modernisation, the widely advertised cost advantages can sometimes fail to materialise and flaws in connectors emerge. These can impact customer and colleague interactions and put the security of the operation at risk.

Further, there are risks associated with handing over too much data over to a third-party entity to safely house and process. This must be strongly considered by all regulated entities, and clients must always have command and control over any critical infrastructure in the organisation, regardless of where and how it is hosted.

Getting the balance right enables organisations to reap the benefits of security in the cloud, with its leading resilience protocols and top-flight talent, without losing sight of the criticality of the customer journey.

The challenge is to understand how making an organisation more secure might mean not knowing precisely where parts of the operation is housed and handing it over to a third-party company who many not even have the keys to it themselves. In that scenario, it’s easy to see why the forces behind security threats find the cloud a less attractive target.

DXC works with more than 60 financial services organisations in the UK, helping them get the most out of their journey to the cloud from managing cost to ensuring resilience.

For more information visit www.dxc.com


The views, opinions and positions expressed within guest blogs are those of the authors and do not necessarily represent those of the BSA.

You may also be interested in...

BSA Card
  • BSA.IndustryResponse Industry Response
  • Conduct Risk & Regulation

BSA responds to FCA CP25/17 - Targeted Support

The BSA welcomes the opportunity to respond to this consultation, which gives a use case of consumers with significant savings held in cash, and some ...

BSA Card
  • BSA.Event Event
  • Mortgages & Housing

Shaping the Future of the Mortgage Market: Insights on DP25/2

Join PwC and the Building Societies Association for a timely discussion on the FCA’s recent Future of the Mortgage Market discussion paper (DP25/2). ...

BSA Card
  • BSA.Event Event
  • Audit & Taxation

What Labour’s Autumn 2025 Budget means for financial services

A free webinar hosted by BSA Associate, MHA With Chancellor Rachel Reeves set to unveil Labour’s Autumn 2025 Budget by early November, this promise...

BSA Card
  • BSA.Event Event
  • Audit & Taxation

HMRC 3rd party data reporting requirements

A free webinar hosted by BSA Associate, PwC We will provide an update on the 3rd party data consultation that was announced in the Spring Statement...

BSA Card
  • BSA.Event Event
  • Audit & Taxation

Risk, regulatory, audit and accounting seminar

After a successful in-person event in 2024, and responding to delegate feedback, this year's annual update will once again take place in Birmingham. ...

BSA Card
  • BSA.Event Event
  • Mortgages & Housing

Annual meet-up for mortgage professionals

The 2025 Annual Mortgage Meet-up will be taking place in London on Thursday 25th September. Exploring some of the biggest issues shaping the futu...

BSA Card
  • BSA.Event Event
  • Conduct Risk & Regulation

Secretaries seminar

The role of a society secretary can be very broad. Beyond the core duties of preparing for board meetings and AGM and minute taking, secretaries are i...