Future Challenges of IoT Cybersecurity in Financial Services

PETRAS Workshop


On Wednesday 29th March 2023, the PETRAS Centre Team and FIRE project were delighted to host an industry-specific workshop titled “Future Challenges of IoT/Cybersecurity in Financial Services and the Role of Academic/Industrial Research” at the School of Management, UCL, Canary Wharf, London.

The workshop is the latest in a series of industry-specific workshops being conducted by the PETRAS centre team to provide strategic advice and policy insight for the public and private sectors. The centre will publish a synthesis report on the summary of the industry-specific workshops conducted and other findings to highlight future directions and policy recommendations[1].

The event was co-chaired by PETRAS Deputy Director, Professor Julie McCann and PETRAS Business Partnership Executive, Rajab Said, and included contributions from a number of senior researchers within the PETRAS community and invited industry experts.

Rajab opened the meeting at 10.00 and PETRAS Director, Professor Jeremy Watson presented an overview of the work of the centre. He highlighted the global objectives of PETRAS industry-specific workshops, including:

  • Reflecting on ongoing research and the state of the art in IoT and Cybersecurity (with sector focus)
  • Identifying emerging challenges and exploring priorities for future research
  • Connecting with major key players in the sector to gain a more comprehensive insight
  • Strengthening and widening the PETRAS Industrial Community, and
  • Initiating plans for forming several Special Interest Groups (SIG) and Industry Advisory Board (IAB)

There were several contributions regarding:

  • How the presence of IoT and Cybersecurity can challenge or enhance sustainable finance
  • How Central Bank Digital Currency (CBDC) can accelerate and advance sustainable development
  • The regulatory barriers to innovations in the financial sector
  • How the dialogue between policymakers, industry, consumers, and research can inform policymaking

How the presence of IoT and Cybersecurity can challenge or enhance sustainable finance.

It was noted that IoT is an essential technology for data collection and management to improve environmental, social and governance practices towards sustainable finance. However, IoT also increases data, privacy and cybersecurity risks and increases the attack surface for exfiltrating personal data. Developing adequate regulation of IoT devices, providing guidance to consumers, resolving the issue of ownership of data, and using techniques such as anomaly detection (among others) are suggested as approaches to addressing data, privacy and cybersecurity risks.

How the Central Bank Digital Currency (CBDC) can accelerate and advance sustainable development.

The key roles of CBDC in accelerating sustainable development were highlighted such as helping to reduce market friction, enhance a faster connection between different actors, and make payments and investment transactions faster and cheaper. CBDC could also help drive policy towards sustainable development, such as carbon-negative policy, incentivising appropriate behaviours and regulation of production and supply chain.

The regulatory barriers to innovations in the financial sector

Participants shared their perspectives on regulatory barriers to innovations in the financial sector. It was noted that reputational risks make regulators overly conservative and risk-averse. An outcome-based approach to regulation was suggested as the better approach to a supervised/prescriptive approach.

How dialogues between policymakers, the industry, consumers and research can inform policymaking

Participants noted that communication among stakeholders is a big challenge for initiatives in socio-technical systems such as payments and digital currency. Communication is noted to be less effective than it should be. It was also noted that the neutral position of the academia is often less effective in influencing policy than focused lobbying efforts. The PETRAS National Centre of Excellence for IoT Systems Cybersecurity has influenced national policymaking regarding emerging technologies, especially IoT and edge technology.

Other key highlights

Participants noted some other emerging challenges in financial services. There are challenges of i) regulatory constraints with cross-border payments, ii) IoT creating a quagmire for insurance as the control of IoT devices is distributed among many actors, including some combination of organisations/individuals, device manufacturers, and platform operators, and this creates challenges for insurance procedures, such as pricing risk and processing claims and iii) barriers to real-time payments such as energy cost and cross-boundary payment challenges. On the concentration dominance of more efficient and better-supported technology, participants noted that monopoly could increase inequalities (economically, governance, etc) and it could also trigger targets and reduce resilience.  Open banking was suggested as a theoretically good alternative to card cartel payments, although in practice, consumers have been increasingly nudged toward card payments since the advent of open banking. Government-regulated public payment options were suggested to promote equality of access to electronic payments, which is particularly important given the burgeoning role of the digital economy in the lives of ordinary people.

[1] Please direct any questions to Dr. Gideon Ogunniye (PETRAS Synthesis Fellow) g.ogunniye@ucl.ac.uk and Rajab Said (PETRAS Business Partnership Executive) rajab.said@ucl.ac.uk