Trustmi Talks

Where Cybersecurity and Fintech Meet: 4 Trends for 2024

The Trustketeer
10 min
Cybersecurity and Fintech Trends for 2024
Cybersecurity and Fintech Trends for 2024

As 2024 rapidly approaches, we’re seeing that the field of cybersecurity is evolving rapidly in a number of areas that are in dire need of more comprehensive protection. Cyberattacks are everywhere these days, popping up in the news so frequently it’s unsettling, and these threats are posing major challenges to current security approaches.  Similarly, Fintech has exploded in recent years in every direction, evolving at a break-neck pace. New financial tools are disrupting traditional business models and creating new opportunities for enterprises and individuals alike.  

But one of the most interesting developments is the intersection of cybersecurity and fintech. These two disciplines naturally go together. Fintech technologies support and enable financial services spanning the gamut from banking to financial transactions and everything in between. Because there’s so much money at stake in fintech, cybersecurity is absolutely essential to protecting these financial tools and activities. Similarly, cybersecurity developed in large part as a response to scams resulting in financial losses. In a way, the two disciplines are interdependent.  

Trustmi sits at the confluence of cybersecurity and fintech, and our collective experience is deeply rooted in both. It is for that reason we decided to examine trends for 2024 through a lens that considers how both disciplines intersect with and influence each other. On that note, below are some of the primary trends we expect to see emerge, evolve, and explode in 2024 at the convergence of cybersecurity and fintech.

1. Business Payments Struggles

When our co-founders, Shai Gabay and Eli Ben Nun, founded Trustmi, they took the time to dig deep and explore the biggest business problems companies struggle with today and what kind of solution could deliver immediate value in that area.  As part of their process for shaping a vision for the company, Shai and Eli spoke with hundreds of business leaders to understand the most critical pain points and blind spots they were dealing with.  As a result of these conversations, these two original Trustketeers discovered that fintech, specifically business payments, presents a unique set of challenges that are being exacerbated by cyberattacks. And it’s only getting worse.

Since our launch in July, we’ve seen the market’s interest in business payment security erupt. Enterprise companies are urgently compelled to protect their B2B payments today because of the direct impact it has on the financial health of a business. There may have been a time in the past when losses resulting from cyberattacks and errors were seen as a cost of doing business. However, in today’s world where budgets are steadily shrinking and regulations for financial activities are escalating, it’s no longer an option to admit that a percentage of your budget was lost to fraud or human error. Cyberattacks are on the rise and business payments are a juicy target for bad actors. Similarly, B2B payment processes are antiquated, manual, and complex, which together create a breeding ground for errors.  More businesses are not only seeing the size of the problem but also realizing that a solution like Trustmi is necessary to solve it. With demand coming out of our launch growing exponentially, we expect more businesses to prioritize solving the challenges of business payment security in 2024.

 

2. Artificial Intelligence: For Bad or Good

Yes, we’re aware that AI is a buzzword no one can avoid or ignore these days.  There are several implications here when it comes to the cross-section of fintech and cybersecurity, and there are multiple trends we’re seeing emerge in this area. Let’s level set: AI is a double-edged sword.  It can be used to facilitate work, create efficiencies through automation, analyze copious amounts of data, empower teams to move faster, save money for businesses, and much more.  But it can be equally egregious.  Just as a human mastermind can be good or evil, so can AI. It’s no surprise, and clearly is a given, that the way people use AI for cybersecurity will evolve in 2024, especially as businesses seek to better protect themselves against harmful generative AI tools.  

Let's hone in on business payments. We’ve discussed in the past the ways in which AI can threaten your business payment process, and how criminals are using AI to heighten the fidelity of their attacks. We know you can only fight AI with AI to beat bad actors at their own game, which is why our solution is powered by an AI engine. We leverage advanced tools to look across the entire payment process to detect attacks and errors. We’ve trained the system to know what an attack on business payments looks like so organizations and vendors can be alerted to a breach. Similarly, the nuanced way we trained our engine means that there are no false positives.  When fully trained and calibrated, the system can be trusted to alert you when there’s a real threat in real time, without raising false alarms and wasting your time.  We’re excited to continue iterating and developing our AI to apply it further across business payments, vendor management, and the entire procure-to-pay cycle.  

Now we’ll look beyond business payments at another trend in cyber-fintech. It’s easy to categorize AI as “good” or “bad” when talking about cyberattacks, but there is another AI conundrum that sits in a murky grey area that is important to keep in mind as a trend. We see “good” AI innovations currently in existence that require AI solutions to remedy the problematic side effects they cause. Data exposure is a prime example, and it’s already a big topic of conversation. For context, as more professionals use generative AI tools to boost efficiency and productivity, they inadvertently share information that helps to train the AI.  When AI technology receives inputs from users, it now has access to use this information as outputs as well in the future, thus exposing potentially sensitive and confidential information to external parties, including bad actors. Technologies to plug this data leakage and layer on additional controls are very important, particularly to security and finance teams that are responsible for owning the most critical and confidential business information at a company. In sum, as another one of our 2024 trends related to AI, we anticipate an increased number of startups and tech companies to develop solutions that will help organizations control and protect against data exposure.

3.  Supply Chain Vulnerability

We're hearing stories about supply chain attacks every day these days.  And according to a new report, security professionals are more concerned with supply chain attacks than they are with generative AI risks. We recently wrote extensively on the trouble with the supply chain and how vulnerable it is to cyberattacks, and this area is squarely at the juncture of finance and security. Ensuring the vendor supply chain is secured is a core necessity for protecting B2B payments.  

At Trustmi we’ve seen a lot of attacks that target third-parties in the supply chain because vendors are so vulnerable to security breaches. A common type of supply chain attack is vendor impersonation and attacking systems to change vendor information in order to redirect payments.  Vendors, especially smaller ones, are alluring targets for bad actors because they are easier to compromise than big organizations with stronger security measures in place. And if an attacker can compromise a small vendor with weak security, now they have access to their client’s network, data, and information in addition to that of the vendor. Also, because a vendor typically has multiple clients, a breach of that vendor means an attacker can gain access to many other organizations.  And that’s the real money maker for fraudsters right there.  To make matters worse, the current approaches to enforcing supply chain security aren’t working. Third-party risk management isn’t comprehensive enough and doesn’t follow through to the extent that it should in order for the supply chain to be fully protected. The unprotected process of onboarding and managing third-party vendors requires an overhaul.

We’re intrigued by how supply chain security will evolve in 2024.  We’ve been working to stay ahead of the curve with our vendor onboarding module, new bank account validation solution, and vendor management lifecycle offering, in addition to our core payment security solution. While cybersecurity professionals comprehend the size of the risk, we expect that finance teams will as well in 2024 and seek to proactively find ways to mitigate the challenges.

4. Rules, Rules, and More Rules

We recently discussed the evolving landscape of rules and regulations in cybersecurity on our blog. Going into effect imminently on December 18th, the new SEC rule on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure will mean that organizations reporting under the Exchange Act of 1934 will need to disclose cybersecurity information and “material cybersecurity incidents” within four days of occurrence.  Business payment fraud falls neatly into this category of “material cybersecurity incidents,” so there are compelling reasons for businesses to eliminate cyberattacks and errors on their vendor payments process sooner rather than later.  

This is one example of a new ruling in place that now dictates how public companies manage their cybersecurity risks and how they work through incidents as they occur. It also demonstrates the heightened awareness around regulation for cybersecurity on a larger scale. With all the recent supply chain attacks and attempted breaches that have taken place, we know there will be even more increased attention turned toward cybersecurity controls and regulations in 2024. The attacks that plague the supply chain will continue to become more commonplace, too. And when there are attacks, there are severe consequences.  To address the repercussions, more legislation will go into review for reporting these attacks, domestically and internationally.  

Organizations need to get the ball rolling in identifying where they are most vulnerable and in finding solutions that provide proper protection. Business payments and vendor management are among the most susceptible areas to hacks and compromise because it’s where the money is. If enterprises continue to lose funds to fraudulent payments or their supply chains continue to get hacked, more regulations will follow, which means more work on internal teams to provide reporting to meet compliance standards.

We’d like to think that organizations are planning to eliminate their security gaps in 2024 and there won’t be a need for more rules in place governing incident reporting (wouldn’t that be grand?). It’s better for teams, especially in finance and security, to start planning today for better B2B payment security so they can be fully compliant and not worry about adhering to all the new rules and regulations to come.

What the Future Holds

We hope these trends will provoke businesses to reflect on the challenges listed here that directly impact their bottom line and financial health. And as we're seeing, cybersecurity and finance can't be seen as completely separate functions. They naturally go together. We’re expecting (as an additional bonus trend) that these intersections will become more apparent to teams and enable closer collaboration. There are a number of macro factors that are we believe will help strengthen the relationship between both disciplines.  More on that in a future blog post.

As for us at Trustmi, we’re looking forward to continue our journey in delivering value to enterprises everywhere, offering protection for payments and the supply chain, and helping to eliminate human errors. This year was a milestone year for us already with our launch, and we have plenty more in store for 2024!