Atos and IBM today announce an expansion of their partnership around IBM Cloud for Financial Services to help financial services companies reach optimum data and systems security with “EU trusted third party cybersecurity monitoring” supplied by Atos. This will enable organizations, including operators of vital importance (OIV) and operators of essential services (OES) to go a step further in the adoption of cloud technology. These additional capabilities will allow them to further protect their data and systems and get them supervised in compliance with the EU Network and Information Security Directive (NIS) and the French national military programming law (Loi de programmation militaire, LPM).
Regulated financial firms are facing a vast number of disruptive forces, including ever-increasing customer demand for new, innovative, and personalized products and services. As a result, they are looking to the cloud to help them accelerate their transformation, but they need a cloud that meets strict security and regulatory compliance obligations. Businesses and institutions need to rely on a secured and trusted cloud environment to embrace the full potential of technology innovation and benefit from better agility and resiliency, with built-in data security and compliance capabilities to meet EU regulations.
As the European leader in cybersecurity services1, and by offering its unique expertise as the “EU trusted third party” with its cybersecurity monitoring services for the IBM Cloud for Financial Services infrastructure, Atos will help IBM Cloud customers reinforce their compliance with the highest level of security required by the French government. These key security services complement IBM’s existing security measures.
Atos will enable organizations using the IBM Cloud for Financial Services to benefit from its expertise in cloud security through its local Security Operations Center (SOC), located in France. The Atos SOC will permanently monitor the IBM Cloud infrastructure, data plane and control plane – through the detection, analysis, and notification of security incidents to ensure that any threat is dealt with immediately. Atos’ SOC services are delivered in accordance with the PDIS (Security Incident Detection Service Provider) reference framework, issued by the French national cybersecurity agency (ANSSI). The overall solution is based on multiple specific attack detection scenarios that complement IBM’s detection strategies to provide even greater security.
As our clients’ need for cloud solutions continues to accelerate and the associated regulatory environment becomes increasingly complex, IBM cloud for Financial Services, which is enabling clients to meet the most stringent local regulations, is now complemented with an EU trusted party, made possible thanks to the cybersecurity monitoring provided by Atos.” Yannick Tricaud, Head of Atos Southern Europe
This partnership with Atos will enable an even greater transparency and trust for financial institutions who want to use a cloud environment for their critical workloads. It will complement IBM Cloud for Financial Services, already very well known for its innovative services and automated security and compliance, end to end IBM Cloud security monitoring supplied by Atos, a global leader in digital transformation, is a unique and a forward-looking approach on the market to address compliance objectives.” Béatrice Kosowski, Country General Manager, IBM France
IBM Cloud for Financial Services is designed to address cybersecurity and regulatory challenges and to deliver the benefits and flexibility of a public cloud in a secure and compliant environment, as to enable regulated institutions to host their mission-critical applications and highly sensitive data in the cloud and transact quickly and efficiently. It is equipped with security features that include:
- Confidential computing technology that protects data as it is being processed and, when combined with encryption of data at rest and in transit with exclusive control of encryption keys, provides end-to-end security for sensitive and highly regulated data and applications in the Cloud. Meaning, our clients’ data is theirs alone and IBM cannot access it.
- Industry leading encryption technology, called “Keep Your Own Key”, which allows organizations to retain control of their own encryption keys. IBM’s leadership in this area is backed by the highest level of security certification available on the market, this capability makes the IBM Cloud (and therefore IBM Cloud for Financial Services and Telecommunications) the most secure public cloud for the enterprise2.
IBM Cloud for Financial Services, with its embedded security and compliance framework, helps financial institutions in their journey to cloud, and combined with Atos’ EU Trusted Third Party security monitoring, can help address data security for any regulated sector in Europe.
IBM Cloud for Financial Services is based on the IBM Cloud Framework for Financial Services, designed to meet the expectations of financial sector supervisory and regulatory bodies. Going beyond common compliance and regulatory standards such as NIST, PCI, SOC, or FFIEC it includes a consistent and extensive set of embedded controls that spans cybersecurity, data protection, access management, and configuration management. It is kept current with changes in the regulatory, security, and risk landscape. It is intended to address the regulatory obligations of financial institutions emanating from over 75 financial services regulators in 24 countries, including jurisdictions in Europe, the Americas and Asia-Pacific.
Part of the IBM Ecosystem, Atos’ collaboration with IBM combines both companies’ strengths to help solve the most complex challenges in business and society for clients with hybrid cloud and AI. Recently, Atos launched its Atos Center of Excellence for IBM Cloud solutions to accelerate digital transformation for financial services institutions.