/security

News and resources on cyber and physical threats to banks and fintechs worldwide.

JPMorgan CISO: SaaS model enabling cyber attacks

The chief information security officer at JPMorgan Chase is calling on third party software providers to prioritise security over speed to market, warning that the shift to a SaaS delivery model is creating "substantial vulnerability".

  1 Be the first to comment

JPMorgan CISO: SaaS model enabling cyber attacks

Editorial

This content has been selected, created and edited by the Finextra editorial team based upon its relevance and interest to our community.

In an open letter, JPMorgan Ciso Patrick Opet warns that the now-default Software-as-a-Service delivery model is "quietly enabling cyber attacks" and "weakening the global economic system".

SaaS has become the default and is often the only format in which software is now delivered, leaving firms with little choice but to rely heavily on a small set of providers, embedding concentration risk into global critical infrastructure.

The SaaS model provides efficiency and rapid innovation, says Optet, but it also magnifies the impact of any weakness, outage, or breach, creating single points of failure with potentially catastrophic systemwide consequences.

JPMorgan Chase has seen "a number" of incidents over the last three years at third-party providers across the bank's supply chain which required it to isolate compromised providers and throw resources at threat mitigation.

Optet says that competition among software providers has also driven them to push rapid feature development over robust security.

He calls for the industry to modernise their security architecture, telling providers they "must urgently reprioritise security, placing it equal to or above launching new products".

Sponsored [Webinar] Weathering Macroeconomic Headwinds: How should CFOs invest in Tech?

Comments: (0)

[Wealth Continuum Series Webinar] Protecting Wealth: Tackling Faster Payments Fraud and AI-driven ScFinextra Promoted[Wealth Continuum Series Webinar] Protecting Wealth: Tackling Faster Payments Fraud and AI-driven Scams