Eric Hussey: Leading Cybersecurity at Finastra
In October 2023, Eric Hussey stepped into the pivotal role of Senior Vice President and Chief Information Security Officer (CISO) at Finastra, a global leader in financial services software. With a wealth of experience spanning nearly 25 years in the cybersecurity domain, Eric’s appointment marks a significant milestone for both him and the company. His responsibilities encompass enterprise and product security engineering and architecture, identity and access management, and cyber defense—an essential framework for safeguarding Finastra’s digital products and services.
The Digital Nature of Finastra
Finastra operates in a digital-first environment, where its products are inherently digital. This reality underscores the importance of Eric’s role—not only does he oversee the security needs of Finastra, but he also ensures that cybersecurity solutions are integral components of the products and services offered to clients, including 45 of the world’s top 50 banks.
“The Cyber Defense remit is crucial to protecting our customers and employees; it’s our eyes in the sky, continuously detecting and responding to threats on a 24×7 basis,” Eric explains. To bolster this capability, Finastra collaborates with partners like BlueVoyant, enhancing its internal detection and response capabilities with dedicated engineering teams focused on automation, artificial intelligence (AI), threat intelligence, and vulnerability management.
The Evolving Importance of Cyber Defense
Cybersecurity has never been more critical than it is today, a sentiment echoed by Eric, who notes, “Things are much different” from when he first entered the industry nearly a quarter-century ago. Graduating during the aftermath of the dot-com bust, Eric began his career with a six-month contract at Fiserv, where he quickly adapted to the fast-paced fintech landscape. His early success led him to a full-time role in Fiserv’s cybersecurity team.
Reflecting on his journey, Eric recalls, “Back in 2001, security was considered very basic or even legacy. There wasn’t a prevalent conversation around software security at that time.” However, as society has become increasingly reliant on software, the importance of resilient and secure systems has grown exponentially.
“I’ve been in cybersecurity for almost 25 years now, and I’ve been able to grow and evolve personally and professionally alongside the technology over those years,” Eric shares, emphasizing the rewarding nature of his career.
Mentorship and Leadership
Today, Eric’s role extends beyond cybersecurity management; he actively participates in the Executive Cybersecurity Exchange, fostering industry collaboration, and is a member of Cyversity, an organization dedicated to mentoring underrepresented minorities in cybersecurity. “I was given an opportunity to work in the cybersecurity space; now it’s about giving back and helping others on their career path,” he notes. At Finastra, the ethos of “lift as you rise” resonates deeply with him, and he believes all leaders should champion this principle.
Describing himself as an “ambitious business leader, passionate problem solver, and team developer,” Eric recognizes that the cybersecurity landscape is fraught with challenges. Today, technical competence alone is insufficient; professionals must solve complex issues while aligning with the broader business strategy. “I see these challenges as opportunities,” he adds, emphasizing his commitment to enabling business value.
Scaling Cyber Defense at Finastra
Joining Finastra represents a return to Eric’s roots, where he leads cybersecurity initiatives across core domains such as Lending, Payments, Treasury and Capital Markets, and Universal Banking. “Finastra is a premium brand,” he states. “It was very exciting coming to the company and re-entering the fintech space, which sits at the intersection of regulatory requirements and rapid innovation.”
In his short tenure, Eric has already made significant strides in enhancing Finastra’s cybersecurity framework. The company boasts a robust cybersecurity program, driven by industry regulations that mandate safe and trustworthy products. However, with the ever-evolving threat landscape, Eric emphasizes that cybersecurity is a continual journey rather than a destination.
He has implemented a three-step plan to propel Finastra’s cybersecurity program into the future: strengthening the foundation, targeting risk reduction, and differentiating products in the marketplace. “Continuous improvement through constant iteration and innovation is essential,” he asserts.
Strengthening Foundations and Targeting Risks
Finastra, like many software companies, has transitioned from producing commercial off-the-shelf products to offering software-as-a-service (SaaS) solutions. This shift necessitates that products are not only resilient but also secure. “Strengthening our foundation remains important because it must constantly be improved upon as we modernize and optimize for the future,” Eric explains.
As instances of fraud and cyber breaches become increasingly common, risk reduction is paramount for SaaS providers, especially in the financial services sector. Eric emphasizes the need for wise investments aligned with organizational goals. “I like to bucket challenges into two main areas: regulatory compliance and targeted risk capabilities,” he notes.
By thinking like business executives, Eric and his team focus on how to create and protect value for customers both today and in the future. This strategic differentiation is crucial for Finastra, as software underpins everyday life and can drive market differentiation.
Leveraging Technology Intentionally
For Eric, technology is a powerful enabler for solving specific business challenges. However, he stresses that technology implementation should be a deliberate business decision rather than a purely engineering choice. “Without unification, technology implementations often do not yield the return on investment that organizations hope for,” he cautions.
As discussions around AI adoption intensify, Eric views AI as a potential “copilot” in cybersecurity. “It will be another tool in the box that we can use for highly intentional purposes,” he states. While many routine tasks are already being automated with reasonable accuracy, Eric believes there is still room for growth in applying automation across cybersecurity processes.
Collaborating with Partners for Enhanced Cyber Defense
Finastra’s partnerships play a crucial role in its cybersecurity strategy. Collaborating with companies like BlueVoyant enhances Finastra’s cyber defense capabilities. “It is essential that our key partners work to the same high standards that we set ourselves,” Eric emphasizes.
Additionally, Finastra’s partnership with Microsoft has proven invaluable, particularly in cloud technology and generative AI. “Microsoft and Finastra continue to be a powerful collaboration,” Eric notes, highlighting the strategic nature of their relationship.
The Future is Bright for Finastra
With the support of its partners and an AI-driven future on the horizon, Eric is optimistic about the innovations his cybersecurity teams can drive. “Effective cyber programs always possess an element of future-proofing,” he asserts. The banking sector’s early adoption of technology positions Finastra to address industry challenges swiftly.
“Customers want value faster and delivered more securely,” Eric adds. “Being that trusted provider to our customers is crucial.” In a highly regulated industry, compliance is vital for ensuring cyber resiliency, making cybersecurity a frequent topic of discussion at the boardroom level.
Ultimately, Eric’s vision for Finastra is clear: to build secure, customer-centric, and market-leading financial services products while adhering to evolving regulatory requirements. “Each day I ask myself, ‘How do I best position my team to serve Finastra effectively and efficiently?’” he concludes, encapsulating the excitement and rewards of his role.
For more insights and updates, be sure to check out the latest edition of FinTech Magazine and sign up for our global conference series at FinTech LIVE 2024.
FinTech Magazine is a BizClik brand.