Developing software in the highly regulated FinTech industry presents unique challenges due to the complexity and risks involved. Regulatory frameworks significantly impact architecture decisions, requiring attention to compliance and data security standards.
Also, the ever-evolving cybersecurity threats require continuous attention and proactive steps to protect financial data and customer information.
Since oversight in security results in significant financial losses and damage to the company's reputation, it's crucial to adopt robust security measures and compliance protocols.
In this talk, we dive into:
- The real-world case studies of a security-centric approach to architecture. Even if you are not involved in FinTech, you will learn ways to enhance your system's security.
- We explore the Secure Development Standards and the influence of the PCI Data Security Standard on software development and architecture. Additionally, I will show how to identify security vulnerabilities early in the development cycle and ensure that only verified, secure code is deployed to production environments.
- We will discuss security risk assessment and mitigation methodologies.
- Lastly, I will showcase automation within our CI/CD pipeline, demonstrating how it streamlines fast deployment while ensuring security remains paramount.
Interview:
What's the focus of your work these days?
I am currently focused on developing our Target Platform Architecture and securing our platform through the implementation of a Secure Architecture. One of the key insights, let me phrase in the following way -- is the complexity of navigating architectural decisions in the FinTech sector. The complex regulatory environment often limits our options and flexibility in choosing available solutions. This requires a careful balance between innovation and compliance, as we try to meet both business objectives and regulatory requirements.
What technical aspects of your role are most important?
The most important technical aspects of my role include a strong understanding of the business domain, a holistic architectural view and proficiency in relevant technologies. This combination is important.
How does your InfoQ Dev Summit Munich session address current challenges or trends in the industry?
My session will address the pressing challenges of Software Supply Chain Security, providing practical techniques to reduce vulnerabilities. This is particularly relevant not only in FinTech, but in all domains where protecting sensitive data is crucial!
How do you see the concepts discussed in your InfoQ Dev Summit Munich session shaping the future of the industry?
The concepts in my session will shape the future of FinTech by emphasizing interesting, robust security measures across the software supply chain. By adopting these practices, organizations can enhance resilience against threats and make sure that security culture aligns with industry best practices.
Speaker
Mykhailo Brodskyi
Chief Technology Officer @EvidentIQ
I am a hands-on CTO, product visionary, and Enterprise Architect with over a decade of experience in FinTech, HealthTech, and Private Equity environments. My expertise lies in designing secure, scalable platforms, modernizing legacy systems and building data-driven products under strict regulatory frameworks.
I combine deep Architectural knowledge with strategic product vision, helping organizations harmonize multiple platforms, drive large-scale cloud/data migrations and transform architecture into a true revenue-generating engine. My work spans from rescuing distressed platforms and stabilising operations to designing and launching new data and AI-enabled products validated with clinical and financial partners.
I have established CTO Office practices in multi-product, PE-backed environments, aligning technology, product and data roadmaps with investor objectives while ensuring cost optimization and value creation. With proven success in platform harmonization, cloud modernization and enterprise architecture leadership in regulated industries, I bring a pragmatic but forward-looking approach to scaling technology organizations.
