Community Blog

Futurespective: The Evolution of Open Source and Cloud Native in FSIs

Written by Francesco Beltramini | 9/26/24 4:15 PM

It seems like only yesterday that I stumbled upon the FINOS booth at a conference. I don’t exactly recall which one—perhaps the Open Source Summit EU in Dublin—but what I do remember is meeting the incredibly friendly booth staff and noticing the impressive calibre of member organisations listed on the banner. Andy Martin, CEO of ControlPlane, was at the conference with me, and it took us less than 10 minutes to understand the importance of FINOS' role in the global FSI landscape and to decide to join the Foundation. 

Author: Francesco Beltramini with ControlPlane


Fast forward to Fall 2024, and over 10% of our consulting organisation is now contributing to various awesome programmes within FINOS, such as the AI Readiness SIG, Common Cloud Controls, and Compliant Financial Infrastructure. This is a testament to our strong belief in the mission and purpose of the Foundation. 

We deeply believe that open source and cloud native technologies are key tenets of the complex solutions that modern financial sector organisations build, and we are proud to have been pioneering these principles within our regulated customer base for nearly a decade. The Open Source in Finance Forums (OSFF) in London and New York are a prime opportunity to meet with our peers and customers in our industry, to stay up-to-date with what’s happening, and share our knowledge and insights in a less formal context than the glass-windowed offices in the City of London.

We continue to see the following topics as the biggest challenges for regulated industries:

  1. Adopting and safely ingesting open source software and dependencies into the supply chain.
  2. Increasing feature delivery velocity through developer enablement, and self-provisioning of compliant-by-default infrastructure patterns.
  3. Adopting secure-by-default and centrally managed Cloud, maintaining agility without falling into the pitfalls of vendor lock-in.
  4. Keeping strategic technology adoption roadmaps in sync with incident response readiness.

On this last point, ControlPlane was given the opportunity to author and run the first FINOS cloud native incident response tabletop exercise (TTX) for FSIs at the London OSFF. FINOS is known for forward-thinking attunement to the needs of its member base, and we truly welcomed this chance to engage with the most senior security professionals from global FSIs, behind closed doors and the safety of Chatham House rules. 

Based on the FSI challenges mentioned above, we created a compelling scenario for a 90-minute gamified, highly interactive, and engaging session. Both technical and non-technical security professionals were guided through the exercises and had the opportunity to contribute to a live, end-to-end security incident simulation. 

We wrote about the London TTX here, and if you missed us in London, please express your interest in participating in the next TTX here. And of course, please do come and say hi to learn about our AI security initiatives (Securing Your AI Project: From Guidelines to Practical Implementation), cloud native operational models (Security Resilience in Modern Systems), and secure developer-enablement patterns for next-generation technologies. We'll be at booth 10.

 

JOIN US AT THE OPEN SOURCE IN FINANCE FORUM (OSFF) THIS YEAR