News & Commentary

10:54 AM
Kathy Burger
Kathy Burger
Connect Directly

How Has the Banking Industry Changed in a Decade?

The banking industry survived, the 9/11 terrorist attacks, only to be confronted in 2008 with the challenges of the global financial crisis. Both events, along with some key technology developments, shaped the financial services industry in which we work today.

It has become almost a reflex to say that the terrorist attacks of September 11, 2001 "changed everything" -- in banking as well as in politics, travel, warfare and more. To be honest, as frightened, devastated and confused as I was in the time after that terrible day, I had more fear for the future of the financial services industry" in the weeks followed the fall of Lehman Brothers and collapse of AIG. The challenges facing banks post-9/11 had more to do with operations and process than with policy and management -- and I was confident the industry could marshal the technology capabilities and resources to meet the challenges.

Still, there have in fact been many changes in the banking industry in the past 10 years, and a lot of those changes can be directly connected to the events of 9/11 and the subsequent industry and government responses. Understanding that hindsight can make anyone a pundit, here is a random and, I'm sure, incomplete list of developments and changes that if, not specifically caused or changed by the financial services industry's responses to the 9/11 attacks, certainly took on a different significance in the tragedy's aftermath:

Data Management Goes "Big" -- While banks had been working for years to do more with the vast amounts of data they had about customers, channels, financials and risk, suddenly these kinds of activities and the related technologies that could organize and analyze that information were in the spotlight. Who knew in 2001 that "data mining" would take on a negative connotation? And as the capabilities expanded, so did the sources and volumes of information expand -- to the point where we are now talking about "big data" as both an opportunity and a burden for financial institutions. Ironically, as the ability and need for both the government and the private sector to effectively manage and analyze data escalates, we are facing a severe shortage of professionals with the necessary skills to do so. This situation actually reminds me a little of the problems that arose out of a lack of Arabic-speaking professionals in our country's intelligence, military and political communities.

Security, Privacy and Fraud -- An Unholy Alliance? Closely related to the data management challenges, concerns about how much information and insight is too much (whether it involves banks, the government, or criminals) have been debated constantly since 9/11, with few satisfactory solutions in sight.

Globalization and the Unbanked -- There were poor and marginalized people with financial needs before 9/11. Some observers argue that poverty and disenfranchisement are factors that could drive some people to embrace terrorism, or at least resentment of the west. The emergence of microfinance, microloans, mobile money, and other services geared to provide people in emerging and/or impoverished economies with reliable and secure financial resources is not a direct response to 9/11 but certainly could in some way improve lives and economies and add value to the global banking system.

Regulatory Roulette -- The Patriot Act was a direct response to the events of 9/11, but the decade also could be seen as bracketed by The Sarbanes- Oxley Act (passed in 2002) and The Dodd-Frank Act passed in 2010. The common themes: transparency and accountability, which are not necessarily bad things for financial institutions to provide.

Recreating Data Centers -- 9/11 provided a wake-up call to many financial institutions that had taken for granted that the locations and provisioning of their data centers and back-up sites would be safe, secure and accessible. The past decade has seen tremendous innovation and reinvention in data centers, with the implementation of virtualization, SaaS, and cloud strategies, as well as energy-saving green strategies. Not only are banks saving money and running more efficient data centers today, they also have an operational flexibility that did not exist in 2001.

Financial Centers -- Anywhere? Partly spurred by the rethinking on data center and facilities locations, and also by the emergence of new global financial services players in emerging markets in Asia and the Mideast, the definition of a "financial services center" definitely has broadened in the past 10 years. New York and London still dominate, but they are challenged by players in regions as diverse as Dubai, Hong Kong, Sydney and Sao Paulo. Technology of course makes it possible to conduct financial transactions anywhere, anytime -- but regulation, politics and economics have played a key role, as well.

The Emergence of Mobile -- Yes, we all had cell phones in September 2001 -- and if you lived in the Northeast, those phones didn't work very well (or at all) on 9/11 or for a few days after. Today, mobile communications are ubiquitous and mobile is the fastest-growing platform for banking interactions and transactions. Yet questions remain about how well mobile communications will work in a crisis, when millions of people are simultaneously trying to place calls or texts.

Social Media -- Who Knew? The mind boggles trying to imagine what it would have been like (for better and for worse) if FaceBook and Twitter had existed on 9/11. Today, banks actively use social media to communicate with customers in about everything from new credit card offers to branch closures following a hurricane. We can only conjecture as to the role these networks might have played 10 years ago.

Reviewing these developments, it's almost easy to forget the sense of uncertainty and dislocation in the industry following the devastating attack on one of the world's primary financial centers. That the banking industry not only survived but grew and evolved is a very good thing. On September 11, 2011, that pride must be tempered with sadness and remembrance of the lives that were lost on an awful day 10 years ago.

Katherine Burger is Editorial Director of Bank Systems & Technology and Insurance & Technology, members of UBM TechWeb's InformationWeek Financial Services. She assumed leadership of Bank Systems & Technology in 2003 and of Insurance & Technology in 1991. In addition to ... View Full Bio

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This is a secure windows pc.
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.