“Security is an enabler because it is ultimately the factor that allows us to improve the user experience.”
Insightive.tv: Can you begin by discussing the cybersecurity priorities at Mediobanca, and any new projects you have embarked on to facilitate these priorities?
Giuseppe: Mediobanca is currently working on three categories of projects: business channel security, internal user security and security threat awareness. We are working hard to prevent breaches of our business channel by understanding, monitoring and refusing access to data and device threats. By utilising tracking software, creating awareness among users and remaining vigilant, Mediobanca plans to stay on top of today’s digital transformation. If you complete just one of these steps, you are helping the bank protect data, but it is an incomplete solution. It is through tackling all of these areas simultaneously that any company can remain on top of security concerns.
Insightive.tv: Do you have thoughts on the GDPR?
Giuseppe: I look at it as a positive step towards enforcing security priorities I already believe in strongly. Regardless of the business’ sector, the first priority, when developing a new product or service, should be embedding security. This regulation enforces that. Until now, there weren’t any regulations that asked for mitigation regarding privacy and data protection. The paradigm has changed. I am glad to see these practices becoming regulatory standards.
Insightive.tv: Does that mean that you look at GDPR as an opportunity?
Giuseppe: Some customers will be aware of the GDPR and, therefore, Mediobanca’s compliance and extra steps towards increased security. This is an opportunity to show customers that we believe in security and are working to protect their data. But for those customers who are unaware, businesses affected by the GDPR must make sure that these regulations don’t inflate product cost.
From an internal point of view, the GDPR creates an opportunity to upgrade old services and products, keeping them in-line with the demands of today’s dynamic, digital climate. It does this by bringing focus to the importance of this issue. I think this is a good thing. For us, this is an opportunity to make sure that our old systems are as secure as the standards we are already implementing with regards to new transformation projects.
Insightive.tv: Are there any business concerns that act as drivers of cybersecurity, and is cybersecurity seen as a project enabler or a necessary cost?
Giuseppe: Security and data protection are vital because they permit our business line to create new products and services. Our business desire to innovate necessarily drives cybersecurity. The first step in any new project is always safety. So security is also an enabler because it is ultimately the factor that allows us to improve the user experience. The new generation of manager knows that security is a value; security facilitates the ability to use new digital services and permits more people to use a product. There is a cost, but it is a necessary cost that enables project development.
Giuseppe Galati is Head of Business Relationship Management & Security services for the Mediobanca Group. He has an extensive background in information security, IT and digital architecture. We spoke with Giuseppe to learn about his views on the evolving nature of cybersecurity and the new European regulations on the topic.
Mediobanca is one of Italy’s largest and most influential investment banks. Founded in 1946, Mediobanca now offers retail, private banking and investment products. Since the beginning of the 21st century, the bank has significantly expanded its international market base. They now have offices in Paris, Frankfurt, Madrid and London.
THE GDPR AND THE GLOBAL DATA PROTECTION HORIZON