Security Team’s Work Ideally Happens Behind the Scenes
Samlink’s Security Team is engaging with clients in various ways, including monthly meetings with security counter parts and data protection officers at client banks, quarterly meetings with the Audit Committee, and occasionally in other client meetings.
During these sessions, the team provides concise overviews of security and risks as well as potential new global trends. Additionally, they present a lot of statistics from diverse sources—such as the Security Operating Center, malware detection, system patching, security incidents, and critical technical details that can significantly impact the risk levels of Samlink’s client banks. In privacy meetings with data protection officers, the team discusses development within the EU and and globally that might affect the client banks or Samlink.
A lot of the Security Team’s efforts occur behind the scenes and remain unseen by Samlink’s client banks. This approach is optimal, as addressing the risks proactively before anything bad happens is very important. To effectively manage risks in a proper way, the team collects cyber threat intelligence from multiple sources. They verify whether proper protection measures are in place or if further investigation is required to mitigate risks. All identified risks are kept in the risk repository, and those that might impact the client banks are shared monthly.
It is very important to gather feedback from the client banks. Based on this feedback, the Security Team collaborates with the client bank’s personnel to improve security and minimize riskss related to both security and privacy.