Leigh Williams knew he would be following in some big footsteps when he took over as the new president of BITS, a nonprofit industry consortium within the Financial Services Roundtable, following the departure of founder and long-time CEO Catherine Allen in May. But that hasn't swayed him from pursuing his goal of positioning BITS as the forum in the financial services industry for addressing risk and security issues.
"Much of the BITS franchise is already around security, risk and fraud prevention," says Williams, who for 12 years worked at Fidelity Investments in various privacy, risk, security and public policy roles, including chief risk officer and chief privacy officer. "Our advantage is to bring individual members who know a lot about fraud, security, risk and business continuity together."
According to Williams, his top priorities will involve developing more-comprehensive insights into authentication and access management strategies. Like many in the industry, he says it is vital that banks create a reasonable solution around these issues so that a balance is struck between convenience and security for customers. "Strong authentication shouldn't just mean you have a really secure authentication solution," Williams states. "Real strength is in achieving that balance."
Access management also is becoming a challenge for financial institutions, Williams continues. "People need access to their applications, the applications of sister divisions and even those of their business partners outside the bank," he observes. "As a result, the challenge is around improving the level of standardization in IT infrastructure. Don't build something that's going to differ by region or product line. It's this kind of thinking that brings people across an industry together and leads to work on more-tangible things."
Creating an atmosphere that fosters such cooperation is key to finding security and risk solutions, Williams stresses. This belief, he notes, was reinforced in his research on public and private sector collaboration in the governance of privacy and security while at the Kennedy School of Government at Harvard University, where he served as a senior fellow in the Mossavar-Rahmani Center for Business and Government just prior to joining BITS. "Privacy and regulations can't be split between what companies are doing and what the government wants," Williams states. "Solutions need to be developed around both of these areas."
Collaboration Is Key
While at the Kennedy School, Williams explains, he examined models of public/private sector cooperation, seeking best practices, and concluded that the ones that were most successful were those in which both sides worked together to develop regulatory solutions. "It's not about pure government administration or pure self-regulation -- everyone has an ongoing role," he says. "It shouldn't be antagonistic but collaborative." Williams points out that there is some evidence of this kind of cooperation in the financial services space today, but asserts that more is needed.
It is for this reason, Williams adds, that BITS will be key in helping financial institutions adopt security and privacy best practices. "An individual institution cannot promote the collective wisdom as well as an organization like BITS can," he explains. "Our niche is to find a way to bring people together -- members, regulators, service providers and other associations. Anything we can do to foster this is important because such collaboration is a central part of our competency."