It should come as no surprise that the financial services industry is vast. According to data from Research and Markets, the sector is expected to reach a global value of more than $22 trillion by the end of 2021. It’s home to a huge range of organisations, encompassing everything from traditional banks, lenders and insurance companies, to payment providers, wealth management firms and more.

All of these organisations have one thing in common: they rely on immense technical capabilities in order to run their businesses. Financial services organisations have to process vast amounts of data in order to track things like investment trends, market conditions and credit ratings, and all of these analytical processes have to be as close to real-time as possible. After all, time is money.

Historically, this has meant that the financial services sector has almost exclusively been the preserve of giant monolithic organisations, or those with sizeable amounts of pre-existing capital. This is because establishing these technical capabilities traditionally involves significant investment, in the form of data centre equipment and personnel. 

Not only do you need large quantities of high-end server equipment to perform the necessary analytics tasks, you also need storage and networking infrastructure to support it, data centre space to house it in (along with the attendant cooling, power and maintenance costs that go along with it) and a team of highly skilled technical staff to ensure that your data centre remains operational and performant.

That all adds up. Modern cloud platforms like G-Core Labs, however, have opened the financial services market up to organisations that don’t have these resources. Since the turn of the century, the financial services space has exploded with fintech startups, most of whom have leveraged cloud technology to quickly establish their services without needing huge capital investments. This includes household names like PayPal and Venmo, as well as new digital-native challenger banks, boutique lenders and even insurtech firms like TempCover.

Many startups have used the ‘minimum viable product’ approach when designing their applications, which fits well with the cloud model. This method involves focusing on a single, small-scale product or feature, then expanding it over time – which means that the cloud infrastructure required to deliver the service to customers is comparatively cheap and easy to manage. Instead of needing a big, expensive server deployment – which, chances are good, you won’t be fully utilising – you can spin up as much cloud capacity as needed and pay for it on a consumption-based model.

In many cases, this approach also allows cloud-based financial services organisations to be more agile than their more established traditional counterparts, as they can build and test new capabilities much faster. Rather than having to wait for server resources to become available, the combination of highly elastic cloud infrastructure and containerised applications allows for rapid iteration and deployment of new features, which lets financial services companies respond rapidly to the ever-changing needs of the market.

The Royal Bank of Canada, for instance, has used cloud infrastructure since 2018 to speed up the development of its software products. This project is not just a consequence of optimisation, but a part of the bank’s global strategy to transfer business to its data-driven enterprise segment.

The cloud has allowed financial services organisations both old and new to easily leverage another key capability, in the form of big data and AI applications. This emerging technology has enabled financial organisations to rapidly speed up a number of processes, including automatically flagging potentially fraudulent transactions, automating credit reporting and analysing market trends.

For example, Shanghai-based SPD Bank has been using the cloud since 2017 to develop and implement more than 60 applications – including some critical applications – that use artificial intelligence. This enabled it to become an honorary member of the Cloud Native Computing Foundation in acknowledgement of its active use of cloud technology in application development.

This function of the cloud gives organisations the ability to offer new products and services to their customers, as well as introducing cost savings by freeing up employees to focus on more complex and nuanced tasks, but without low-cost, high-capacity cloud resources to enable them, the infrastructure needed to support these workloads would make them prohibitively expensive for many organisations. That’s why G-Core Labs has introduced a cloud AI platform to give customers access to ready-made machine learning models and templates for speeding up development of these applications.

It’s not just about spinning up new services, either – the highly scalable nature of cloud platforms makes them ideally suited for coping with fluctuations in server load. Financial systems in particular require an extremely high level of stability, and being able to rapidly add additional server capacity minimises the chances of an unexpected and costly outage.

The cloud also allows for rapid expansion, as multi-region cloud providers like G-Core Labs allow services to be extended to new geographies at the push of a button. Rather than renting space in a new data centre and installing appliances, existing cloud systems can simply be replicated and placed in the new territory with little to no additional configuration. On top of this, organisations can choose where they hold their data to meet compliance regulations, and cloud platforms like G-Core labs have various certifications to ensure regulatory standards are adhered to.

Security is a top priority for every financial business, and many organisations have chosen to adopt hybrid cloud strategies, allowing them to keep their most sensitive data on-site while also taking advantage of the benefits of public cloud. Alongside a range of robust security protections like comprehensive backup, audit and disaster recovery functionality, G-Core Labs also offers customers the option of maintaining a secure loop within their own security perimeter for additional peace of mind.

The time of big, all-pervading financial monoliths is over. New technologies have levelled the playing field, and nimble startups are taking the opportunity to outmanoeuvre and outperform their legacy competitors. For financial services organisations that want to remain at the cutting edge of data efficiency and customer satisfaction, cloud platforms like G-Core Labs offer the key to ensuring that digital transformation and agility is at the heart of your business.

Learn more about G-Core Labs’ services

Researchers from the US Air Force have demonstrated ways that the UK can partner with America to develop and deploy ‘state of the art’ machine learning algorithms to support ground troops. 

The US Air Force Research laboratory (AFRL) has been working with the UK’s Defence Science and Technology Laboratory (Dstl) since December 2020 to develop artificial intelligence (AI) systems for warfare.

The four-year partnership agreement is aimed at accelerating joint US-UK collaboration of AI technologies, which will largely focus on research and development for command and control capabilities for both nations.

The first project of the collaboration was demonstrated via dual virtual events in New York and Salisbury, UK. It featured an integrated system with the ability to share data and algorithms through a common development and deployment platform. The platform is said to enable the rapid selection, testing, and deployment of artificial intelligence capabilities. 

This was the first in a series of events that will be hosted by the joint and international signatories of the Autonomy and Artificial Intelligence Collaboration (AAIC) Partnership Agreement, with more projects to improve combat technologies. 

“We are dedicated to getting robotics and autonomous systems capability into the hands of the warfighters,” ​​Dr Robert W Sadowski, US Army DEVCOM, said. “Advances in robotics and autonomy will make our formations more capable and mission-ready while providing protection to our warfighters through unprecedented stand-off while enabling enhanced lethality on the battlefield.”

The demonstration featured a simulated scenario focusing on how the UK and US can cooperate and share AI capabilities to support troops. Where both countries operate in adjacent areas, they will be able to share data, AI algorithms “tightly” during missions.

Some of the technology on show included the UK’s Model Cards, which are able to present to a commander the ability to quickly understand, explore, and select appropriate machine learning models to deploy in missions. 

Alibaba has unveiled a new in-house processor that will be used to power servers in its data centres, as China aims to increase its domestic chip production in the face of a global chip shortage and US sanctions targeting the country.

The server chips, named Yitian 710, are custom-built by the company’s chip development business, named T-Head. It’s powered by 128 Arm cores with a 3.2GHz top clock speed and is the first server processor compatible with the latest Armv9 architecture. It includes 8 DDR5 channels and 96-lane PCIe 5.0, providing high memory and I/O bandwidth.

Alibaba has also developed proprietary servers, called Panjiu, for the next generation of cloud-native infrastructure. The company said that by separating computing from storage, the servers are optimised for both general-purpose and specialised AI computing, as well as high-performance storage.

The servers have been developed for large-scale data centre deployment through their modular design, and the company expects them to serve a variety of cloud-native workloads such as containerised applications and computed optimised workloads.

“Customizing our own server chips is consistent with our ongoing efforts toward boosting our computing capabilities with better performance and improved energy efficiency,” said Jeff Zhang, president of Alibaba Cloud Intelligence and head of Alibaba DAMO Academy. “We plan to use the chips to support current and future businesses across the Alibaba Group ecosystem. We will also offer our clients next-generation computing services powered by the new chip-powered servers in the near future.”

Zhang added that, together with Intel, Nvidia, AMD, and Arm, Alibaba will continue to innovate its compute infrastructure and other diverse computing services for global customers.

Alibaba also announced it would open the source code of the XuanTie IP core series, the company’s custom-built processors based on RISC-V instruction-set architecture. Developers will not be able to access the cores’ source code on GitHub and Open Chip Community to build prototype chips of their own.

This coincides with the Chinese government’s “Made in China 2025” initiative of lifting the country’s chip production from less than 10% at the time to 40% in 2020 and 70% in 2025, as reported by NIkkei Asia. The government has invested in the semiconductor industry to try and meet these goals although this appears to be a long way off considering data from IC Insights shows that the country only sourced 16% of its semiconductors domestically.

Being self-reliant on chips is a key issue for the country, especially as it has been hit by a number of US sanctions targeting the tech sector in recent years. In April this year, the US government added seven Chinese supercomputing entities to its Entity List, restricting US exports to them. The US government adds entities to this list as it feels they are working against US national security or foreign policy interests.

Arm has launched Arm Total Solutions for IoT, a cloud-based platform to enable software development without the need for physical silicon.

The company hopes this will simplify and modernise software development, resulting in accelerated time to market for developers, OEMs, and service providers at all stages of the Internet of Things (IoT) value chain. It also claims it will reduce the product design cycles by up to two years.

The new platform is built on Arm Corstone, the company’s IoT system on a chip (SoC) package, and will deliver a virtual model of the Corston subsystem to allow for software development without the need for physical silicon. It will provide mechanisms for simulating memory, peripherals, and more, to allow for development and testing of software before hardware is available.

The company said this will allow users to reduce a typical product design cycle from an average of five years to as little as three. It will help Arm customers get customer feedback for chips before release and allows the entire IoT value chain to develop and test code on the latest IP ahead of chips being released.

To help it simplify the design process and streamline product development, it contains hardware IP, software, machine learning models, and application-specific reference code.

“Through a radical change in how systems are designed, Arm is uniquely positioned to fuel a new IoT economy that rivals the shape, speed and size of the smartphone industry’s app economy,” said Mohamed Awad, vice president of IoT and Embedded at Arm. “Arm Total Solutions for IoT changes the way we’re delivering key technology to the entire ecosystem and demonstrates our significant and ongoing investment in the software that will empower developers to innovate for global impact.”

Arm is also set to introduce Project Centauri, a set of device and platform standards as well as reference implementations for device boot, security, and cloud integration. The company hopes this will reduce engineering costs, accelerate time to market, enable IoT deployments at scale, and improve security.

In March, Arm launched its first new chip architecture in a decade, focusing on security and AI. It is called v9 and the company hoped it would help it move from general-purpose to more specialised compute across applications like AI, 5G, and IoT.

Researchers have unearthed a series of vulnerabilities that could have compromised thousands of WordPress websites.

Potentially exploitable bugs were found in the Brizy Page Builder, a WordPress plugin that is installed across more than 90,000 websites, according to security firm Wordfence.

The company’s Threat Intelligence team reported the issues in August and a fix was released shortly afterwards, but it’s likely that a number of installations still remain unpatched. If exploited, it could allow attackers to execute “complete site takeover” and add malicious code to existing posts.

The vulnerabilities could also allow for any registered user, including subscribers, to pass as an administrator, where they could modify posts and pages, even if they had already been published on a site.

The Wordfence’s Threat Intelligence team said it stumbled upon the vulnerability while conducting a routine review of the Wordfence firewall in July. It said the plugin “did not appear” to be under active attack, but they were led to believe that there was something amiss following “unusual traffic”.

“The unusual traffic led us to discover two new vulnerabilities as well as a previously patched access control vulnerability in the plugin that had been reintroduced,” Wordfence wrote in a blog post. “Both new vulnerabilities could take advantage of the access control vulnerability to allow complete site takeover.”

A patched version of the Brizy Page Builder plugin, was released on 24 August, just a few days after Wordfence disclosed the vulnerability. Wordfence “strongly recommends” users update to the latest version of the Brizy Page Builder (2.3.17) as soon as possible.

A hacker group has claimed to have breached the servers of Acer India, with approximately 60GB of sensitive data belonging to several million of the company’s customers being leaked online.

Known as Desordern, the group said it had stolen customer information, corporate data, financial data, and information related to recent company audits, according to a post on a popular hacking forum, seen by Privacy Affairs researchers.

The hackers said that the breach includes data on several million Acer customers, mostly from India. It appears to have taken place on 5 October, as this is the most recent date listed in the leaked databases.

Desordern also said that it will give Acer access to the database to verify the data and prove the breach is real. A sample of the data released for free, which included information on over 10,000 individuals, was found to be accurate and genuine by researchers at Privacy Affairs, who were able to make contact with some of those affected.

The group has said that data belonging to several million more Acer customers will be released for a fee at a later date.

“We have recently detected an isolated attack on our local after-sales service system in India,” an Acer spokesperson told IT Pro. “Upon detection, we immediately initiated our security protocols and conducted a full scan of our systems. We are notifying all potentially affected customers in India.”

The spokesperson added that the incident has been reported to local law enforcement and the Indian Computer Emergency Response Team, and there has been no material impact to the company’s operations and business continuity.

In March this year, Acer fell victim to a $50 million ransomware attack carried out by the notorious ransomware gang REvil. The group announced the Acer breach on its website where it presented images of allegedly stolen files, including financial spreadsheets, bank communications, and bank balances. The breach was believed to be linked to the Microsoft Exchange cyber attack, which was carried out by at least ten hacker groups.

Dal Virdi, IT director at Shakespeare Martineau, found himself in an intriguing position when he joined the law firm in 2018. The business had grown quickly due to a series of mergers and acquisitions, but rapid growth also meant the firm’s digital infrastructure was overly complex and inefficient. 

Virdi knew he’d need to take a different approach if IT was going to continue supporting business growth. After assessing the options with his team, he decided the solution to the challenge the firm faced would come in the form of a hyperconverged infrastructure (HCI) platform supplied by technology specialist Nutanix.

“We wanted to deliver value to our external and internal clients,” Virdi tells IT Pro. “There’s never going to be a silver bullet, but the technology we introduced needed to simplify the operations of our internal team, so they could invest their time and effort into activities that will create an advantage for the firm.”

Handling a mishmash of old and new

Virdi inherited a complex IT environment. The business doubled in size with the merger of Shakespeares and SGH Martineau in 2015. Subsequent acquisitions meant the firm, which now employs more than 850 legal experts in offices across the UK, was left with a mix of external providers and internal IT resources. 

With Shakespeare Martineau also having ambitious plans to double its size by 2025, Virdi knew IT systems would have to work more effectively, reliably and efficiently to support the firm’s business strategy. The aim was to create a “one-stop-shop”.

“We’d inherited lots of staff, with different skill sets and different backgrounds, and we really wanted to simplify what IT needed to do moving forward. It was a difficult decision – and it took us a long time to make that decision – but Nutanix absolutely ticked that box,” says Virdi.

The firm implemented the Nutanix HCI platform after a thorough evaluation process. Virdi’s direct reports explored various hardware options and were “blown away” by a demonstration at an IT conference. Virdi says, however, he was nervous about their recommendations, at first, because he didn’t have much experience with Nutanix or converged platforms.

“I guess I can be quite challenging in terms of some of the probing questions that I ask around the technology and how it works, so it took many months for that decision to be reached,” he says. “It was either going to be our traditional HP hardware or an alternative – and Nutanix was the only provider that met the brief as an alternative.”

The selection process took nine months from the initial discussions to the implementation, during which time Virdi explored reference customers and talked with some of Nutanix’s international clients. He also met the company’s CEO in London and was impressed by how the provider took the time to show how they could make a difference. 

“A number of factors – the cost being very comparative to what the HP traditional architecture would have incurred, but with the opportunities of improved performance and easy upgrades – swayed the decision in Nutanix’s favour,” he says. “We went forward with some specialist tests and the performance just flew, so it was an absolute no-brainer for us.”

The best of both worlds 

Virdi says the Nutanix platform offered all the abilities of a public cloud-first strategy, combined with the security, performance and compliance needed from an on-premises private cloud solution. The ability to reduce the complexity around support and management was a key factor in adopting the Nutanix platform.

“We decided a few years ago that we would have a cloud-first approach. But being a law firm – with many of the legacy applications and systems that we have, and some of the sensitivity around our data – means that we have to consider anything that we introduce alongside every other system that we still need to run the firm in the way we do,” he says.

“Because of that, we always considered a hybrid approach – and Nutanix gave us that opportunity to start to de-camp some of those legacy systems and move them on to a newer platform, to maintain the other systems that were needed, and also give us the performance that we required.”

Shakespeare Martineau went live with the converged platform in early 2020. The IT team used Softcat as its implementation partner, but also leant on Nutanix’s own expertise to ensure the firm received the desired high quality of delivery.

“The experience, once we started to migrate services, and the support that Nutanix gave the internal team, via upskilling and internal education, meant the internal team could pick up how to make the most of the technology very quickly,” says Virdi.

Back from the brink

The firm’s initial investment in Nutanix technology cost just below £1.5 million. Virdi says choosing Nutanix gave the company a more performant platform for less money than going down the non-converged route. Traditional hardware would have cost more than £2 million, and as the firm’s kit was old it needed to be updated anyway.

The technology is already delivering a tangible return on investment by helping the firm transition its legacy systems to the cloud. It also provides a flexible and scalable platform for long-term digital transformation plans. 

Benefits have come from other unanticipated places, too. Last Christmas, the firm ran an annual power down to service generators in its Birmingham office, which also houses the firm’s internal data centre. When it was given the green light to return power to IT, the team encountered a number of issues with its traditional HP environment. 

These problems meant Virdi’s team had to invoke a full disaster recovery scenario on the Sunday morning. Thankfully, the firm’s commitment to HCI meant the IT team was able to recover systems within 24 hours – and before any end users noticed.

Google Cloud has announced a distributed cloud portfolio of fully managed hardware and software services that can be accessed from the edge or a customers’ data centre. 

The new portfolio was one of the biggest announcements to come from the first day of Google Cloud’s virtual Next 21 conference on Tuesday.

The Google Distributed Cloud has been built on Anthos and is aimed at businesses that need to migrate or modernise applications or process data locally with Google Cloud products, whether that’s databases, machine learning (ML) or even third-party services from other leading vendors

It can run across multiple locations, according to Google Cloud, including Google’s network edge, operator edge, customer edge and also customer data centres. The first products to be announced within this portfolio were Google Distributed Cloud Edge and Google Distributed Cloud Hosted.

The latter is designed to run sensitive workloads and doesn’t require a connection to Google Cloud at any time in order to manage infrastructure, services or APIs. It simply uses a local control portal that’s managed in Google’s Anthos, and will be available in preview during the first half of 2022.

“Our goal is to make your journey to the cloud easy,” Sachin Gupta, the GM and VP of product for IaaS at Google Cloud, said. “With transformative capabilities to help you innovate faster and save money, we follow an open approach to give you the greatest flexibility and choice as your organisation evolves.” 

Elsewhere, the cloud giant also unveiled data-centric updates such as Vertex AI Workbench, a unified service to build and deploy ML models faster to accelerate time-to-value. The company also revealed an autoscaling and serverless service in partnership with ‘Spark’. Available now in preview, it aims to enable customers to get started in seconds and scale infinitely, regardless if they start in BigQuery, Dataproc, Dataplex or Vertex AI. 

There were also multiple announcements around sustainability, such as Carbon Footprint Reporting, which provide actionable reports of the carbon footprint associated with a customer’s Cloud usage. Google Earth Engine, which will become available for select enterprise customers, lets organisations combine the power of cloud computing, satellite imagery and AI to decarbonise their operations.

What’s more, Google Cloud will also proactively alert customers of all idle cloud instances and their associated carbon footprints with Carbon Reduction Recommendations. If customers choose to delete them, they’ll reduce their cloud carbon footprints.

IBM plans to provide 30 million people of all ages with new skills by 2030 as it aims to close the global skills gap by expanding access to digital skills and employment opportunities.

According to data from the World Economic Forum (WEF), closing the global skills gap could add $11.5 trillion to global GDP by 2028. In the UK, nearly two in three (64%) report spending more on recruitment, with costs increasing by 49 per cent or £1.23 billion in total because of the skills shortage. 

In a bid to help tackle the growing skills crisis, IBM has announced over 170 new partnerships and programme expansions in more than 30 countries across the world and is improving its existing programmes and career-building platforms to expand access to education and in-demand technical roles.

In the UK, IBM said that the West London-based Ada Lovelace Church of England High School has joined its P-TECH programme, an online platform that offers free technical skills required to be successful in the digital economy. Students are set to benefit from access to foundational knowledge on topics like cyber security, artificial intelligence, and cloud computing.

IBM plans to educate 30 million people through its broad combinations of programmes, including collaborations with universities and key government entities. These partnerships will also extend to NGOs too, such as the British Refugee Council.

“Talent is everywhere; training opportunities are not,” said Arvind Krishna, IBM chairman and CEO. “This is why we must take big and bold steps to expand access to digital skills and employment opportunities so that more people – regardless of their background – can take advantage of the digital economy.

“Today, IBM commits to providing 30 million people with new skills by 2030. This will help democratize opportunity, fill the growing skills gap, and give new generations of workers the tools they need to build a better future for themselves and society.”

This week, Vodafone found that digital literacy is becoming as important as reading and writing for young people’s future life prospects. Limited access to an internet-connected device, or lack of skills to use one, is preventing people entering the jobs market from attending exams or online lessons, gaining the necessary digital skills, and applying for jobs. 29% of respondents to the report said they had to share a laptop, tablet, or PC for work, education, or leisure in the past year.

Microsoft claims to have mitigated a record 2.4Tbps DDoS attack targeting one of its Azure customers in Europe during the last week of August.

The company said the attack was140% larger than than the highest attack bandwidth volume Microsoft recorded in 2020 and higher than any network volumetric event previously detected on Azure. It also surpasses the previous largest DDoS attack, which peaked at 2.3Tbps and was directed at Amazon Web Services (AWS) last year.

It said the attack traffic originated from around 70,000 sources and from multiple countries in the Asia-Pacific region, including Malaysia, Vietnam, Japan, and China, as well as the US. The attack spanned over 10 minutes with very short-lived bursts, each ramping up in seconds to terabit volumes.

The company monitored three main peaks, the first at 2.4Tbps, the second at 0.55Tbps, and the third at 1.7Tbps.

Microsoft’s attack mitigation lifecycle is orchestrated by its control plan logic that dynamically allocates mitigation resources to the most optimal locations, closest to the attack sources. This meant that the attack traffic, which originated in the Asia-Pacific region and the US, did not reach the customer region but was instead mitigated at the source countries.

“Azure’s DDoS mitigation employs fast detection and mitigation of large attacks by continuously monitoring our infrastructure at many points across the network,” said Amir Dahan, senior programme manager at Azure Networking.

“When deviations from baselines are extremely large, our DDoS control plane logic cuts through normal detection steps, needed for lower-volume floods, to immediately kick-in mitigation. This ensures the fastest time-to-mitigation and prevents collateral damage from such large attacks.”

Dahan added that the customer did not suffer any impact or downtime, but if they had been running their own data centre instead of using Azure, they would most probably have incurred extensive financial damage as well as other intangible costs.

In 2020, Google revealed its infrastructure absorbed a 2.5Tbps DDoS attack three years previous. The attack was the culmination of a six-month campaign launched by Chinese-backed hackers that used multiple methods of attack, which ultimately had no material impact.