The Connector.

The Connector Podcast - DFS Digital Finance Summit - Approach - Cybersecurity for Fintechs: Protecting Digital Innovation

Koen Vanderhoydonk (The Connector) Season 1 Episode 77

How Approach Cyber helps fintech companies navigate cybersecurity challenges from integrated security development to regulatory compliance. Dorian Pacquet shares insights on evolving cyber threats, the role of AI in security, and the importance of managing data protection in the fintech ecosystem.

• Approach is a pure-play cybersecurity and privacy partner with over 100 professionals across Belgium and Switzerland offering 360° cyber resilience services
• Modern software development requires security integration at all stages, not just end-of-process testing
• Supply chain vulnerabilities are a growing concern as all software now relies on external libraries and dependencies
• Fintechs face increasing regulatory pressure not just directly but through their regulated customers
• AI is becoming integral to security tools including code generation, vulnerability scanning, and remediation
• Data protection compliance is equally challenging for organizations of all sizes with limited exceptions for SMEs
• Approach offers multidisciplinary expertise spanning technical, strategic, and legal domains to help navigate complex regulations
• 24/7 managed security services from their in-house Security Operations Center provide continuous protection

For more information about Approach Cyber's services, contact Dorian at dorian.pacquet@approach-cyber.com or visit their website at www.approach-cyber.com.


Thank you for tuning into our podcast about global trends in the FinTech industry.
Check out our podcast channel.
Learn more about The Connector.
Follow us on LinkedIn.

Cheers
Koen Vanderhoydonk
koen.vanderhoydonk@jointheconnector.com

#FinTech #RegTech #Scaleup #WealthTech

Speaker 1:

Welcome to the Connector podcast, an ongoing conversation connecting fintechs, banks and regulators worldwide. Join CEO and founder Cohen van der Hooydonk as you learn more about the latest available trends and solutions in the markets.

Speaker 2:

And here we are for another podcast in collaboration with Fintech Belgium and ourselves, the Connector and I've got with me Dorian from Approach. Dorian, what does Approach do?

Speaker 3:

and who are you, Hello Koen, and thanks for the invitation.

Speaker 2:

Oh, you're welcome.

Speaker 3:

I am Dorian Paquet, consultant in the security strategy and advisory team at Approach Cyber. I'm also responsible for the Fintech company portfolio and the SEMI go-to person there. I have an extensive experience and expertise in the financial services sector.

Speaker 2:

And can you maybe introduce Approach and maybe explain a little bit more what you guys do and how does that relate to the financial fintech world?

Speaker 3:

Yes, of course. Approach is a pure play cybersecurity and privacy trusted partner. We have more than 100 professionals working across four sites in Belgium and also Switzerland. With our 360 offering for cyber resilience and our 24-7 in-house SOC, we have become a one-shot for organization of all sizes all sectors from small and medium businesses to large multinationals.

Speaker 3:

We take care of companies' cybersecurity so they can focus on their business with complete peace of mind. We address today's rising cybersecurity challenges by helping companies to prevent, withstand and recover from cyberattacks, incidents and breaches, safeguarding basically their operations, ensuring compliance and protecting their reputation.

Speaker 2:

Now, kool, what I always think like when you talk cybersecurity and compliance. They're two difficult jobs to find, or to find people in the market, so how the hell do you get the best?

Speaker 3:

people Fully correct At Approach. We know that top talent looks more than just a job. They seek impact, grow and purpose. Our expert works on high-stakes cybersecurity projects with real impact, from developing and securing Belgium's leading authentication app to protecting NATO institutions or contributing to European cyber defense. Our Cyber Security Academy offers industry-leading certifications and our career counselors create tailor-made career coachings, ensuring our experts stay ahead of evolving cyber threats and continuously learn, grow and evolve in their career.

Speaker 3:

We foster a people-centered culture where everyone's contribution matters, driving innovation through collaboration and shared expertise. These commitments are reflected in approach three core values which define our culture and drive our success. First, top-notch we are recognized as a cyber security leader with 24 years of experience, handling more than 500 impactful projects annually, and deeply embedded in the cyber ecosystem. Secondly, human-centric thanks to a strong spirit of collaboration, we can offer our customers the full range of our skills and our combined energy to meet their needs. Internally, it's reflected by a fair and personalized HR management that gives importance to professional well-being and the flexibility we all need in our life. Finally, no nonsense. Our third value pragmatic and efficient. We empower on our consultants. We have real responsibilities and the full scope view of project, delivering concrete, effective solutions to both our clients and our teams. These values certainly give a shape to the support and services we provide to our client nice um, well, we are.

Speaker 2:

We're here with the fintech, so I think that a lot of fintechs also have issues to deal with cybersecurity and technology to help them. So how would you say that cyber threats sort of have evolved over the years in fintech?

Speaker 3:

Well, in the current landscape, no software is developed from the ground up. All software are built using external libraries.

Speaker 3:

The development of secure applications can no longer be viewed as a standard quality control or being pen-tested at the end of the development process. Instead, security must be integrated into all stages of the development process, without compromising the adaptability, interconnectivity and speed that fintechs require. There has been an increasing utilization of tools and software that rely on external dependencies, such as infrastructure as code, to streamline the continuous integration and delivery process, also known as CICD. Given the critical nature of these tools and dependencies, it is imperative to conduct regular reviews and implement robust security measures to safeguard against potential supply chain attacks. Regulatory pressures on software development are also increasing. Development teams must now demonstrate the ability to not only identify vulnerabilities in their code, but also to track all dependencies so they can quickly respond when a new flow is discovered. And, looking ahead here, what are the innovations and what are the new sort of capabilities that companies should take into account?

Speaker 3:

Fintechs are usually suppliers of institutions which are highly regulated. One of the topics that regulators watch more and more is the supply chain security. In that regard, fintech should truly invest into new innovative solutions in the areas of code review, being static or dynamic. Another area to look at is as fintech leverages cloud solutions to deliver SaaS, the cloud posture security management, which detects in real time misconfigurations or weaknesses in the configuration of cloud services in multi-cloud environment. Likewise, fintech can become primary target for cyber criminals. Therefore, investing into model detection and response capabilities leveraging AI is a must nowadays to stay ahead of the game. Yeah, obviously, approach is also delivering XDR solutions, meaning real-time monitoring and incident extended detection and response solutions, and can also enrich this with new dark web monitoring and attack surface management solutions.

Speaker 2:

It is a fast-changing landscape, especially with what's happening in the world today, so what do you see as being the trend within this realm of cybersecurity?

Speaker 3:

AI. Ai is definitely becoming an integral part of all software development tools. This integration can include a variety of applications, such as AI-powered code generation, vulnerability scanners that use AI to detect and exclude false positives and generate remediation code. The creation of secure software necessitates the expertise of trained developers, as well as security champions and cross-domain experts in fields such as AI, data privacy and compliance. At Approach, we have a comprehensive, 360-degree view of the cybersecurity landscape, providing our clients with unparalleled expertise in this field.

Speaker 2:

I'm a bit surprised that we talk about cybersecurity for the last eight minutes and we have not mentioned the word data. So where does data come in and how can actually companies sort of protect their crown jewels being data?

Speaker 3:

Yeah, correct. One of the main challenges for fintech firms is the compliance obligations they face regarding data protection, which apply equally to both large and small organizations.

Speaker 1:

Everyone.

Speaker 3:

Yeah, indeed, we have only minor adjustments for very small businesses and SMEs in Belgium. This requires significant effort and resources, particularly when additional obligations arise from GDPR, dora, nistu, the AI Act, etc. Which is.

Speaker 2:

The other thing we did not talk about is regulations. We'll come to that in a minute.

Speaker 3:

Indeed, even if a fintech firm is not directly within the scope of this regulation, compliance is driven by customers who are and who, in turn, impose this requirement on their supply chain. Most of the time, it is necessary to appoint a data protection officer to manage all those issues. That's quite a difficult job and an expertise that is hard to find. Given the complexity of those topics and the risk, it's advisable to turn to specialist firms.

Speaker 2:

So let me bring up then regulations, because you mentioned DORA GDPR. How does that influence a company and how can you potentially help to stay compliant?

Speaker 3:

Approach is committed to provide the right resources, the right tools and a real expertise, which is crucial in the field. Role in helping FinTech companies navigate state of regulatory challenges and compliance requirements by providing specialized expertise and structured frameworks. We are multidisciplinary, as we can offer technical, strategic and legal expertise. We aim to build trust with customers and regulators by addressing cybersecurity challenges and developing solutions tailored to organization-specific needs. Our strong technology partnerships enable us to deliver advanced, integrated solutions that simplify the management of security. Finally, Approach Cyber offers a comprehensive portfolio of solutions spanning the entire cybersecurity value chain. Portfolio of solutions spanning the entire cybersecurity value chain. We implement, support effective solutions seamlessly within the organization through specialized services, including advisory, grc, privacy and data protection, ethical hacking, cloud security, trade detection and response awareness programs, technology integration and secure software development. Our 24-7 managed security services deliver from our in-house security operating center. Security operations center provide continuous monitoring and rapid on-site interventions, keeping organizations secure around the clock. Nice.

Speaker 2:

Well, thank you very much, Dorian, for sharing all this information about yourself and your company. So I've got one last question before we close this podcast. Where should people contact you?

Speaker 3:

First they can contact me at my email address dorianpaquet at approach-cybercom.

Speaker 2:

Okay.

Speaker 3:

You can also reach our website wwwapproach-cybercom. Okay, great.

Speaker 2:

Thank you very much for sharing your insights. Thank you for the invitation.

Speaker 3:

You're much welcome. It was a pleasure.

Speaker 2:

Thank you also to the audience and please stay tuned. More news from our fintech industry. Thank you so much.

Speaker 1:

Thanks for listening to another episode of the Connector podcast. To connect and keep up to date with all the latest, head over to wwwjointhekonnectorcom or hit subscribe via your podcast streaming platform.