Bankers are banding together to combat cybercrime and Chris Feeney wants to play a central role in keeping it a team effort.
Feeney recently joined the Financial Services Roundtable as president of BITS, its technology division. A 35-year veteran of financial technology, he has worked at software companies and financial services firms, including serving as chief information officer at LPL Financial, a large wealth management firm.
In an interview a few days into his new role, he shared with American Banker his take on what is working in cybersecurity, the difficulty of securing so many devices and how he plans to promote the open dialogue that bankers and others are having about how to protect the financial industry. (Though BITS itself doesn't lobby, the Financial Services Roundtable has been active in pushing lawmakers to consider the Cybersecurity Information Sharing Act, which would allow banks, the government, law enforcement and other firms to more freely share information to combat attacks.)What follows is an edited version of that conversation.
Whatattracted you to the BITS position?
We are at a confluence of a lot of important issues involving cybersecurity and fraud. We, and everyone else, are trying to deal with it all. I understand our members' concerns quite well because I've been a part of a member firm. It is a really interesting point in time.
What's the role that BITS plays in that conversation?
We do a few things. In cybersecurity, we spent time coming up with best practices and meeting with the other associations their administration and legal teams and our job is to understand and get in front of some of the issues to help our members figure out how best to combat the issues. Fraud is another area. We just held a conference about emerging payments platforms. Tech organizations, regulators, lawmakers and our members had a frank conversation on where payments are going. To me, that is one of the primary things we do. We bring people together around topics like that.
Are there certain areas in cybersecurity right now that you think work well?
What works well today is that even though people have their own point of view, there is the acknowledgement that this is a macro issue. Everyone sees the need to apply protections to offset the threat. It is an issue that supersedes local concerns. I'm not sure we are there entirely, but people are learning from other firms and this shift has occurred. There is a level of cooperation that is about the best you can expect.
But it all seems so reactive.
I think we are more proactive than people give us credit for. Companies really are active and proactive. They've deployed the latest technology and tried to put the best controls in place to process effectively and securely, but the environment has changed. With mobile and so many devices, there is just more opportunity to attack the industry. Firms are always going to be reactive, too. But it is about how quickly you can remediate and eradicate, because criminals are changing all the time. It is an active environment; criminals are always coming up with creative ways to breach systems.
Bankers like Jamie Dimon have talked about the collegial nature so far of tackling cyber security issues is that really the case? How do they make sure it stays that way?
It is and it is really good. In order for it to stay that way you always need to be open to how someone else solved a problem. We all benefit from that. I think it is a shift to get people in the same room and have direct and transparent conversations. It is something everyone values and truthfully, it is a big part of what we do and it is a place where we are going to spend a lot of our time.