Alyned Thinking

Why new thinking is needed and how we are putting our expertise to work.
man standing in nature with a flash light pointing at the sky

State of RegTech - Part 1: Emerging Categories

Emerging Categories

Since the emergence of the term RegTech in mid 2015, we have been actively monitoring the market as well as shaping it as much as we can through our product Alyne and thought leadership in this space. In the following, I would like to share my observations by attempting a categorisation of some of the players and providing some predictions for the future of the market and giving some insights into our own strategy at Alyne for the next months and years in the following blog posts of this series.

Read more ...
Paint roller covered in turquoise colour

8 neue Anforderungen für CIO und CISO aus der MaRisk-Novelle 2016

Vor wenigen Wochen, im Februar 2016, wurde ein Entwurf für die Novelle der Mindestanforderungen an das Risikomanagement (MaRisk) durch die Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin) ausgegeben. Sollte der aktuelle Entwurf zur Konsultation so verabschiedet werden, würde dies sicherlich eines der größten regulatorischen Änderungen im deutschen Bankenwesen der letzten Jahre darstellen.

Wie bei jeder neuen regulatorischen Anforderung, müssen verantwortliche Personen in den jeweiligen Fachabteilungen analysieren, welche Bedeutung die neuen Anforderungen für ihre Verantwortungsbereiche haben und welche Maßnahmen zur Umsetzung notwendig sind.

Bei Alyne haben wir diesen Schritt schon einmal vorab für die Verantwortlichen von IT (CIO) und IT-Sicherheit (CISO) in Banken durchgeführt und haben 8 wesentliche Änderungen für diese Bereiche identifiziert.

Read more ...
Multiple arrows pointing in the upward direction on a blue background

How to succeed as a new CISO — Part 1

Congratulations! You have a new job as something like CISO (Chief Information Security Officer), CSO (Chief Security Officer), Head of Information Security or similar. This can be a great gig or it can be your worst nightmare (sometimes more or less at the same time).

I’ve been there and I have the scars and credentials to prove it. So, let me give you some tips for your first days.

Read more ...
Multi-coloured measuring tape

Doing Risk Assessments Right

Most organisations follow a sample based approach to identifying risk or gaining assurance for reasons of cost and practicality. Risk Assessments are already widely used and accepted as a method for risk identification and assurance and can be an extremely powerful and cost effective tool when done right and an utterly useless tool if done wrong. Consider the global practice of filing tax returns as a highly effective way of getting billions of people to declare their income and deductibles through a self assessment process. The previous Safe Harbor scheme, on the other hand, is an example of applying self assessments without any controls or meaningful oversight and using self assessments very poorly.

Read more ...