Developing software in the highly regulated FinTech industry presents unique challenges due to the complexity and risks involved. Regulatory frameworks significantly impact architecture decisions, requiring attention to compliance and data security standards.
Also, the ever-evolving cybersecurity threats require continuous attention and proactive steps to protect financial data and customer information.
Since oversight in security results in significant financial losses and damage to the company's reputation, it's crucial to adopt robust security measures and compliance protocols.
In this talk, we dive into:
- The real-world case studies of a security-centric approach to architecture. Even if you are not involved in FinTech, you will learn ways to enhance your system's security.
- We explore the Secure Development Standards and the influence of the PCI Data Security Standard on software development and architecture. Additionally, I will show how to identify security vulnerabilities early in the development cycle and ensure that only verified, secure code is deployed to production environments.
- We will discuss security risk assessment and mitigation methodologies.
- Lastly, I will showcase automation within our CI/CD pipeline, demonstrating how it streamlines fast deployment while ensuring security remains paramount.
Interview:
What's the focus of your work these days?
I am currently focused on developing our Target Platform Architecture and securing our platform through the implementation of a Secure Architecture. One of the key insights, let me phrase in the following way -- is the complexity of navigating architectural decisions in the FinTech sector. The complex regulatory environment often limits our options and flexibility in choosing available solutions. This requires a careful balance between innovation and compliance, as we try to meet both business objectives and regulatory requirements.
What technical aspects of your role are most important?
The most important technical aspects of my role include a strong understanding of the business domain, a holistic architectural view and proficiency in relevant technologies. This combination is important.
How does your InfoQ Dev Summit Munich session address current challenges or trends in the industry?
My session will address the pressing challenges of Software Supply Chain Security, providing practical techniques to reduce vulnerabilities. This is particularly relevant not only in FinTech, but in all domains where protecting sensitive data is crucial!
How do you see the concepts discussed in your InfoQ Dev Summit Munich session shaping the future of the industry?
The concepts in my session will shape the future of FinTech by emphasizing interesting, robust security measures across the software supply chain. By adopting these practices, organizations can enhance resilience against threats and make sure that security culture aligns with industry best practices.
Speaker
Mykhailo Brodskyi
Principal Software Architect @PagoNxt, Member of the Architecture Board and the Global Enterprise Architecture, Previously @Hilti and @GlobalLogic
I am a Principal Software Architect at PagoNxt (Santander Company), in Munich, deeply rooted in the FinTech industry. In my current role, I lead numerous business-critical projects, focusing primarily on secure platform architecture enhancements and the challenging task of migrating over 100+ application modules from traditional data centers to the Cloud. As a member of the Architecture Board and the Global Enterprise Architecture, I play a key role in shaping our target platform architecture. Additionally, being part of the Leadership team allows me to contribute to strategic decision-making processes, driving innovation and the continuous improvement of our delivery and efficiency in our solutions.
