Ricardo Ferreira

Maarten: Hi Ricardo Ferreira, thank you for taking the time to talk to us in a run-up to the Leaders in Finance Cyber Security Event on 22 May. For those who don’t know you yet, could you please introduce yourself and share a bit about your experience in cybersecurity?

Ricardo: It’s a pleasure to be here, thank you so much for taking the time to speak with me. Regarding my background, I started in cybersecurity a long time ago and am currently with Fortinet. If you ask about the defining moments of my career, I think everyone remembers The Matrix, right? That was a defining moment for me because it was one of the first movies to depict offensive cybersecurity tools—such as port scanning, Nmap, and exploits—in a realistic way. At that time, I was just starting in cybersecurity, and that movie just consolidated. After 25 years in the industry—initially focusing on the offensive side—I transitioned to working more on the network security aspect. Over the last 10 years, I’ve been with Fortinet, advising tier 1 and tier 2 banks on how to move into the cloud securely. Believe me, it has been quite a journey. Finally, I’ve also been working to advance cybersecurity awareness within the industry by publishing. I’m a published author on policy design and have collaborated with the Cloud Security Alliance on whitepapers covering topics such as generative AI security, microservices, and serverless computing.

Maarten: Interesting, can you tell me what excites you most about your current role?

Ricardo: I find my current role exciting because I get to engage with various organizations, particularly financial institutions. I have the opportunity to understand their challenges and discuss strategy from a cybersecurity perspective. Additionally, I work internally with the marketing teams to assess whether our go-to-market message aligns with our customers’ priorities, which is also a very exciting part of my role.

Maarten: At the event, part of the discussion will be about how geopolitical tensions are influencing cybersecurity threats. How do you think the current geopolitical situation is impacting the threats faced by financial institutions specifically?

Ricardo: It is something that everyone can see, especially now in our current environment with the conflicts happening in Europe, the Middle East, and on the continent, the tariff war; we can observe that there are tensions building up. We can see that the price of gold is rising, and for me, that indicates a lot of instability and fear in the markets. This, in turn, translates into cybersecurity concerns. We also saw a few weeks ago a major hack where 1.5 billion in assets were stolen. This just confirms that the geopolitical landscape is changing at a rapid pace.

Maarten: What are some of the emerging cybersecurity threats that have particularly caught your attention recently?

Ricardo: I think generative AI is accelerating the volume of threats we’re seeing. For example, it is used to create more convincing phishing emails. Secondly, the bad guys are using generative AI to generate more malware. More importantly, it’s also being used to create deepfakes—not only in video form but also for voice. I think it was last year when a financial institution’s CFO fell victim to a deepfake, where the voice was used to authorize transactions. These are some of the emerging threats we are seeing, largely fueled by generative AI.

Maarten: You’re mentioning the increasing volume in phishing, malware, and deep fakes. How should financial organizations adapt their cybersecurity strategies to cope with these growing threats?

Ricardo: That’s an interesting question, and we could be here all day, but I would perhaps focus on one or two main topics. First, what we’re starting to see is resilience. Resilience is top of mind for organizations. Obviously, in financial services, there has always been concern about risk, and we could debate whether that was a good or a bad thing, but it was always there. We’re also seeing new regulations from the European Union, such as the Digital Operational Resilience Act, which ensures that all financial institutions are on a level playing field, right? If we broaden the scope, we can see resilience not just from a cybersecurity perspective but also from a capital controls standpoint. If you look at the implementation of Basel III, you can see that banks are ensuring their capital buffers are increased and that their stress testing is not just focused on cybersecurity but also on capital resilience. So, I think resilience is key, from A to Z, ensuring that financial institutions can withstand adverse events and recover from them.

Maarten: So, it’s all about resilience. Do you think there’s been an increase in resilience over the last few years, or is there still a long way to go for financial institutions?

Ricardo: I think financial institutions are unique in that they were already ahead of the pack in risk mitigation and risk controls. Of course, there are always aspects that can be refined, especially in terms of cyber awareness, particularly for employees. That’s a major topic gaining traction. Many other topics include organizations transitioning to the new digital economy, where financial services are also leading the way. However, being overly risk-averse can create friction. This is where I see most of the challenges in financial institutions—trying to adopt digital technologies while maintaining their relevance, yet also holding onto a mindset that requires agility while mitigating risk. It’s a fine balance. A very fine balance.

Maarten: We’ve focused on the financial sector so far. What can cybersecurity leaders from the financial sector, who will be at the event, learn from other industries?

Ricardo: In this new digital economy, especially a data-driven one, concepts such as zero trust are crucial in how organizations adopt these positions. For example, how organizations protect systems, especially with technologies like Gen AI. In the end, it’s not magic; it’s databases and computing power. It’s about ensuring that security and cybersecurity are integrated into these new technologies. As for what they could learn from other sectors, one example is from the OT (Operational Technology) environment – segregation and air-gapping, for instance. Learning concepts of air-gapping from the OT sector could be valuable. Retail could also offer insights on how to better manage data. But, as I mentioned earlier, I believe that from a risk perspective, financial services is quite a unique sector in itself, as it’s always about mitigating risk, sometimes at the cost of velocity.

Maarten: You mentioned DORA before. In what way does regulatory pressure help financial institutions become more resilient to cybersecurity threats?

Ricardo: I think it’s more about formalization. Why do I say that? Because, think about it—risk management and risk frameworks have been around for a long time, like ISO 27001, for example. So in that sense, it’s not very novel. But there are some concepts, such as supply chain issues, where organizations like financial institutions are trying to move into markets quickly. They’re not going to reinvent the wheel; they’ll use existing libraries or frameworks, which is why I mentioned importing libraries. However, we still haven’t figured out how to assess the risks associated with these libraries and imports. That’s going to be a challenge when we get there, and DORA aims to address some of that.

But once again, as I said earlier, the key word is formalization—a framework. What I think is important is that it levels the playing field for all organizations, from tier 1 to smaller ones. Larger banks obviously have more resources and funding, and they’re generally bigger—not necessarily better, just bigger. It’s a matter of resources; they have larger legal teams. So I would say that DORA ensures that everyone in the field plays by the same rules and also addresses things like cyber awareness and risk management, ensuring that everyone speaks the same language.

Maarten: That makes total sense. One last question to wrap up: If you could give one key piece of advice to financial institutions preparing for the next generation of cyber threats, what would it be?

Ricardo: From a cybersecurity perspective, I would say operational excellence is key. By operational excellence, I mean ensuring they have the right platforms in place to achieve their goals of risk management and risk mitigation. Secondly, it’s also about cyber awareness—making sure employees are aware of the threats. It’s also important for them to partner with vendors, like Fortinet, to further develop this awareness within their workforce. So, in the end, it’s not just about the technology; it’s also about ensuring the people and processes are involved as well.

Maarten: I’m looking forward to the event and learning more about it from your perspective and experience. So, Ricardo, thank you for your time talking to us in the run-up to the Leaders in Finance Cyber Security Event. We’re looking forward to it.

Ricardo: Thank you, Maarten.