Tag: Institute

8 in 10 financial services firms concerned about accountability of AI-driven decisions

More than eight in ten (81%) financial services organisations using Artificial Intelligence (AI) have adopted the technology for customer service purposes, while three in ten (29%) use the technology to prevent and detect fraud, with a similar number (29%) applying it to risk assessment.

However, despite its growing use, key concerns remain, particularly around accountability and the potential for bias in AI-driven or AI-influenced decisions. Data privacy risks associated with AI also rank high among the sector’s concerns.

This is according to the results of a new survey by Ireland’s professional body for compliance professionals, the Compliance Institute, which polled approximately 150 compliance experts working primarily in Irish financial services organisations nationwide.

When asked what concerns, if any, they had regarding the use of AI in compliance and financial services:

  • More than eight in ten (81%) compliance experts said that are concerned about the accountability and explainability of AI-driven decisions
  • Seven in ten (69%) are concerned about the potential for bias in AI decision-making
  • Six in ten (59%) are worried about data privacy and GDPR compliance risks
  • Almost six in ten (56%) are concerned about a lack of regulatory clarity around AI.

Commenting on the survey findings, Michael Kavanagh, CEO of the Compliance Institute said:

“Given that chatbots and virtual assistants are such a common sight when surfing the internet today, it’s perhaps no surprise that our survey shows that of those organisations using AI, customer service is the main reason they do so. However, it is interesting too the level of disquiet around the use of AI in organisations, particularly around AI bias and the accountability of AI-driven decisions, perhaps suggesting an inherent distrust of AI. Ultimately, AI will never be able to replicate the empathy that humans can bring to decision-making – as well as the nuanced approach they can take.

While AI can have many benefits for the financial services sector, including its ability to detect fraud and to reduce customer service costs, its fast-growing capabilities and increasingly widespread use have raised concerns, particularly around privacy and misinformation issues and the lack of regularity clarity around AI.”

 

Other headline findings from the Compliance Institute research reveal that:

  • AI-driven tools are not yet widely adopted in the financial services sector, with only 2% of organisations using them extensively and 18% using them on a limited basis.
  • More than half of the firms (54%) are considering AI for compliance monitoring, fraud detection, or risk management.
  • More than one in four (27%) have no plans to implement AI tools in the near future.
  • Among organisations currently using AI, its use in personalised financial products (10%) or trading and investment strategies (3%) is less commonplace.

Mr Kavanagh added:

“With only one in five organisations using AI tools, and most of these only doing so on a limited basis, the financial services sector is clearly cautious about the use of AI in firms.  The finding that more than half (54%) of the firms surveyed are considering AI for compliance monitoring, fraud detection, or risk management shows that many in the financial services sector have not ruled out AI – but they are being careful about if and how they might do so. This suggests that there is a strong awareness in the sector of the risks of AI and a determination to ensure the technology is used responsibly.

This is a positive reflection of the sector. While AI has the potential to deliver many benefits, it is important that AI is used in a safe and transparent way, and that the use and adoption of the technology is overseen so that harmful outcomes are prevented.”

Understanding NIST CSF 2.0: 6 Essential Updates for Cybersecurity Professionals

Cybersecurity is ever-evolving. With technology advancing, so does the threat of hackers, and it is critical that organizations remain ahead. Hackers constantly uncover new methods of penetrating vulnerabilities, and businesses must be agile to protect sensitive information, systems, and infrastructure.

So, to help organizations reinforce their defenses, the National Institute of Standards and Technology (NIST) has released version 2.0 of the Cybersecurity Framework (CSF). Version 2.0 introduces improvements that enable enterprises to enhance their security, meet requirements, and manage risks more effectively.

Cybersecurity professionals must be familiar with NIST CSF 2.0. The revision includes significant changes that impact how companies approach cybersecurity, from supply chain security and governance to more implementation guidance.

Whether your business is a multinational or local company, these updates provide helpful information for improving security. This article looks at the six most essential changes in NIST CSF 2.0.

 

1. Expanded Scope Beyond Critical Infrastructure

 

When NIST CSF was first released, it aimed at critical infrastructure sectors such as energy, transportation, and healthcare. They were classified as at high risk for cyberattacks, so cybersecurity was a priority. 

However, since threats in cyberspace have evolved, it has become clear that all enterprises across any industry segment and size confront serious security threats. CSF 2.0 expands the scope from critical infrastructure to address this, calling all enterprises in all industries to adopt its standards.

This broader application means that companies that once thought the framework did not apply now have a systematic and tried-and-tested method for enhancing cybersecurity. Whether your company is a small startup with customer information, a medium-sized business with financial transactions, or a multinational organization with sophisticated networks, NIST CSF 2.0 gives your organization specific guidance that can be applied to strengthen your defenses. 

2. New Govern Function Added

The most significant change in NIST CSF 2.0 is the introducing of a sixth function: “Govern.” The framework was initially defined around five core functions—Identify, Protect, Detect, Respond, and Recover—focused principally on operational security controls.

So, with ever more advanced cybersecurity threats, organizations need more than technological defenses alone. They need effective leadership, good policies, and sound decision-making. The governance function was added to satisfy these needs and enable cybersecurity at the highest organizational level.

This new position places cybersecurity in the hands of business leaders, executives, and decision-makers, not in IT teams’ exclusive control. It focuses more on risk management, accountability, and alignment with business objectives so that planning for security is not something apart but is fully included in a company’s overall business.

By concentrating on governance, CSF 2.0 encourages proactive, as opposed to reactive, organizational behavior, reducing the likelihood of breaches and increasing long-term resilience. With this addition, cybersecurity is now firmly established as a core business priority, as opposed to being the exclusive concern of IT.

3. Stronger Focus on Supply Chain Security

Cyberattacks now go beyond directly attacking enterprises—oftentimes, they hit weaknesses in third-party suppliers, service providers, and vendors. A compromised partner can have a ripple effect, compromising an entire network. In response to this growing threat, NIST CSF 2.0 focuses much more on supply chain security, forcing enterprises to take a more formal and proactive approach.

With this update, firms should be able to identify prospective threats in their supply chain, establish definite cybersecurity standards for their suppliers, and monitor third-party security procedures regularly. This is especially vital for highly outsourced industries, as hackers target more minor, less secure suppliers to penetrate larger entities.

4. Improved Alignment with Other Frameworks

Various organizations with many security frameworks exist, such as ISO 27001, CIS Controls, and COBIT. Compliance with many such frameworks is cumbersome, but NIST CSF 2.0 makes aligning with them more directly easier.

Also, this increased alignment allows organizations to integrate CSF 2.0 with existing security programs without unnecessary duplication. If your organization is already implementing another security framework, adopting CSF 2.0 will supplement what you’re doing and won’t add additional work. This transition is especially valuable for companies that must comply with numerous regulatory requirements as it provides one unified method for cybersecurity.

5. More Guidance for Implementation

One of the most intimidating challenges with cybersecurity frameworks is knowing how to use them. NIST CSF 2.0 addresses this challenge by being more prescriptive in guidance and using real-world examples. Businesses now get more detailed descriptions of security, more concrete guidance for deploying the framework, and more examples showing how companies can improve their security.

Therefore, this transparency increases the usability of CSF 2.0, even for companies that do not possess in-depth cybersecurity expertise. Instead of listing general principles, the framework lists specific actions companies can take. This update provides a template for securing themselves without guesswork for companies that do not possess implementation skills.

6. Emphasis on Continuous Improvement

Cybersecurity is never a one-time activity—it is an ongoing process. NIST CSF 2.0 reinforces this idea by emphasizing continuous improvement. Companies should regularly update their security, monitor emerging threats, and modify their methods in reaction to new risks.

This adjustment recognizes that cyber threats never stop changing. Yesterday’s solution is not today’s solution. With a culture of continuous improvement, companies can stay proactive against emerging means of attack and limit their exposure to breaches. CSF 2.0 allows companies to establish a dynamic security program that adapts and does not remain static and ineffective.

Final Thoughts

The release of NIST CSF 2.0 is a significant leap forward in cybersecurity. With more scope, a new “Govern” function, increased supply chain security, better framework alignment, more guidance, and a focus on continuous improvement, this update benefits all organization sizes in strengthening their defenses.

If you work in cybersecurity, now is the time to adopt NIST CSF 2.0. It can protect your organization, meet compliance, and stay ahead in today’s ever-changing threat landscape.

 

Trinity St James’s Cancer Institute at St James’s Hospital becomes first in Ireland or UK to introduce robot to make chemotherapy drugs

The Trinity St James’s Cancer Institute at St James’s Hospital in Dublin has become the first hospital in the UK or Ireland to introduce a compounding robot to produce cytotoxic chemotherapy drugs for cancer patients. As part of the evolving robotic programme in the hospital, this new initiative has the potential to supply chemotherapy products more efficiently and safely, increasing productivity and leading to a better experience for cancer patients at the hospital.

Chemotherapy is traditionally produced using a highly manual process carried out in pharmacy departments. Overseen by pharmacists and pharmacy technicians, it is physically intensive, involving measurement of doses, reconstitution of commercially sourced drugs and dilution into patient specific doses. Therefore, there is a risk of human error and a need for high levels of quality assurances and verifications. Staff globally often report repetitive strain injuries due to the labour intensity of production, as well as burnout.

The Aseptic Compounding Unit at St James’s Hospital is the busiest in the country, producing 30,000 products annually. With cancer levels rising alongside a growing and ageing population, this demand will rise in coming years. Funds for the new robot were raised by the St James’s Hospital Foundation.

Gail Melanophy, Director of Pharmacy at St James’s Hospital said: “This is a major step forward for our staff and our cancer patients at the hospital. We  aim to produce up to 50% of the oncology/haematology day ward’s chemotherapy needs within weeks of introduction and we hope this will significantly increase when at full capacity, including inpatient needs. This will free up time for our pharmacists to produce other products that the robot does not make and ensure that our valued patients never have to wait for their treatments.”

Aleena Mary James, nurse, Liz Hogan, patient, and Brid Curran, Clinical Nurse Manager.

The first patient received their treatment made by the new robot at the Trinity St James’s Cancer Institute today (11th April) on the hospital campus. Liz Hogan from Ratoath, County Meath is being treated for cervical cancer at the hospital and was infused with a customised dose of the chemotherapy produced by the robot.

She said: “I noticed no difference at all when I received my dose of chemotherapy today at St James’s Hospital – but I am reassured by the wonderful staff here who have told me that the new robot will help to ensure the chemo for all the cancer patients like me will be of very high quality.”

13 of the most commonly used cytotoxic chemotherapy drugs used at St James’s Hospital have been initially selected to be produced by the robot. Trials at the hospital have demonstrated that the advance preparation of the drugs is readily achievable, meaning they are available in the clinics when patients arrive for their sessions.

For the pharmacy staff, the use of the robot protects them from repetitive strain injuries commonly associated with this type of manual process, as well as from exposure to hazardous drugs used in the compounding of chemotherapy. Patients can be assured of the quality of the chemotherapy produced due to the environment in which the robot is housed as well as the flexibility to use the range and scope of products previously produced in the pharmacy. There are also potential cost savings to be realised as the robot can store partially used drugs for use in the production of subsequent doses, thus optimising the use of expensive drugs.

Aisling Nolan, Director of Development at the St James’s Hospital Foundation, said: “I am delighted that the hard work of the Foundation supporters, from patients to families to our own staff, has paid off with the installation and use of this new robot. Cancer care is a core service at St James’s Hospital and this robot will help our cancer patients and the staff who care for them every day.”

The project was made possible due to a highly collaborative multidisciplinary team including pharmacists, technicians, engineers, electricians and ICT staff along with commercial partners to plan, implement and test the technology.

CEO of St James’s Hospital Prof Mary Day said: “The Trinity St James’s Cancer Institute aspires to being a comprehensive cancer centre where patient care, research, clinical trials and cutting edge treatments combine to lead to better patient outcomes and experiences. Being the first hospital in the UK or Ireland to use this new robot to make chemotherapy drugs is another example of how we are constantly striving to find new and better ways to serve our patients and assist our staff.”

Cybercrime is the number one threat when it comes to financial crime in Ireland

Hacking, phishing, online scams, and other variations of cybercrime are thought to be the most prevalent financial crimes in Ireland, as found in a new survey by the Compliance Institute, which polled 230 compliance professionals working primarily in Irish financial services organisations nationwide.

When asked what they consider to be the most prevalent financial crime in Ireland, respondents to the Compliance Institute Financial Crime answered as follows:

  • Cybercrime (hacking, phishing, online scams)                                                      34%
  • Tax evasion                                                                                                                    21%
  • Fraud                                                                                                                               21%
  • Money laundering                                                                                                         19%
  • Bribery and corruption                                                                                                  4%
  • Insider trading                                                                                                                 1%

Michael Kavanagh, CEO of the Compliance Institute commented on the findings:

While financial crimes from tax evasion to insider trading could be classed as the “traditional” criminal pursuits, cybercrime is more new-age and is developing and advancing at a pace so fast that organisations and legislators cannot keep up.

From the mid-term review of the 2019-2024 Cyber Security Strategy launched in the middle of 2023, we learned of the Government’s plans to create a national anti-ransomware organisation and offer cash subsidies to small businesses to help fight cybersecurity threats. The timelines for this are unclear, but there’s no doubt that the move would be laudable and welcomed with open arms by many businesses that continue to be plagued by ransomware attacks.

These attacks can have catastrophic consequences not just for those whom they are perpetrated against, but for the wider public. We only have to look at the devastation that was caused to patients following the 2021 hacking of the HSE to understand the severity of the crimes”.

Fraud

Mr. Kavanagh continued, “Banking & Payments Federation Ireland (BPFI) stats show fraudsters stole nearly €85 million (€84.6m) through frauds and scams in 2022, an increase of 8.8% on 2021. As a New Year commences, there’s a real concern that we will see an uptick in these figures”.

Mr. Kavanagh concluded,

“Ireland is now Europe’s largest data hosting cluster, putting the need for elevated cybercrime and data protection systems into sharp focus.

Regulators in Ireland, and around the world, are constantly updating and issuing new guidance to firms in response to emerging cyber security issues, such as fake documentation and the reliability of information sources.

Regulators need to ask themselves how they can regulate and supervise without stifling innovation. Businesses and organisations need to ask how can they best prepare and respond, and the general public also needs to know what measures they can take to protect themselves”

Dundalk Institute of Technology announces winners of its second ‘eHealth Embark’ programme to support Digital Health

Dundalk / Dublin, Ireland. Winners of this prestigious award were EpiCapture Ltd and MedWrite. Both start-ups were commended for their outstanding potential to further digital health innovation and provide unique digital solutions to address healthcare challenges across global markets. EpiCapture will receive up to $70,000 Amazon Web Services (AWS) credits, whilst Medwrite has access to $30,000 credits, with both companies receiving access to hotdesks and support at Dundalk Institute of Technology.

EpiCapture Ltd, develops liquid tests for accurate, non-invasive cancer detection and monitoring and MedWrite, reduces healthcare professionals’ administrative workload and enhances the quality of patient care using generative AI software, were selected as winners by an expert panel of judges, which included Amazon Web Services (AWS), Health Innovation Hub Ireland, EIT Health, and Atlantic Bridge Investments.

Ten companies participated in this specialised entrepreneur development programme. DkIT’s dConnect Digital Health Innovation Hub and the Connected Health & Wellbeing Cluster offered masterclasses and mentoring, ranging from customer discovery and validation, through to assessing market opportunity, mapping funding, product and technical roadmaps. AWS offered tailored and one-on-one mentoring to support participants leverage the latest cloud technologies such as data analytics, artificial intelligence, machine learning, procurement in the Public Sector, and an introduction to Amazon’s culture of innovation and mechanisms such as the company’s ‘Working Backwards’ methodology.

Edward Simons, co-founder of EpiCapture said, “We are delighted and honoured to have been declared overall winner of the eHealth Embark 2023 programme. The mentorship and expert AWS support provided during this excellent 10-week programme has allowed us to develop an initial architecture for our software solution and identify AWS services that meet our business needs.  The prize allows us to implement this solution supported by AWS and to benefit from their experience across healthcare and cybersecurity as we integrate the EpiCapture-prostate algorithm with commercial laboratories.”

Sean Kirwan, co-founder of the runner up company, MedWrite, said: “The eHealth embark program is a game-changer for health start-ups, offering a comprehensive and invaluable resource for navigating the complex landscape of the healthcare industry. With a tailored focus on crucial aspects like business idea validation, funding, presenting, and practical technical advice from industry-leading experts at Amazon, this program equips entrepreneurs with the tools they need to succeed. It addressed key sticking points such as data privacy, MDR compliance, and cloud architecture for healthcare companies and it provided insights from prominent venture capitalists and Enterprise Ireland, eHealth Embark went way beyond my expectations.”

Carl Power, Director of the dConnect Digital Health Innovation Hub, DkIT, commented: “It has been our pleasure to coach these wonderfully innovative companies who are absolutely determined to make healthcare more efficient, effective, accessible and accountable through the use of technology. I want to congratulate all ten companies who have all received Credits and advice from AWS to develop their technical solutions. I am especially thrilled for the overall winners, EpiCapture Ltd and MedWrite. We encourage digital health start-ups to visit our website to read more about the programme and apply for a place in the next cohort, www.ehealth-embark.ie.”

Breanndán Casey, Manager of the Connected Health Cluster at DkIT which encourages and facilitates increased collaboration between industry, academia, healthcare providers, and enterprise support agencies, said: “Innovation in Digital Health is often dependent on using a wide cross-section of skills, market knowledge, and expertise.  We are delighted to see Cluster members, such as AWS, Nova Leah, dConnect, and Enterprise Ireland, come together to create and deliver the eHealth Embark programme.  The ten participating companies also benefited from supporting each other, and I’m really looking forward to seeing them further develop their business over the coming years and participate in Connected Health Cluster activity to help them scale their idea.” 

Mark Finlay, Head of Public Sector at AWS Ireland said: “AWS is delighted to support these two innovative and worthwhile Irish start-ups. The impressive digital solutions that these companies have put forward embody creativity, collaboration and entrepreneurship. AWS is committed to supporting technological advancement and maintaining Ireland’s reputation as being at the forefront of innovation. I look forward to AWS continuing to support these organisations and seeing how they positively impact healthcare for administrators, medical staff, and most importantly, patients, in the years ahead”.

Participants offered enthusiastic feedback on the programme. Robert Kelly of Heart Rhythm Ireland said, “The eHealth Embark programme has been quite an experience. Working with other innovators in Digital Health was interesting – it’s a tough path, but overcoming the challenges is part of what makes it rewarding. Sharing knowledge was key, and seeing how each company has grown over the months leading up to the final pitch day has been very inspiring.”

Irish Management Institute (IMI) launches new programme of experiences to empower senior leaders to embed change

Irish Management Institute (IMI), in partnership with University College Cork (UCC), has launched a first-of-its-kind programme of experiences, aimed at developing the capabilities of senior leaders including Chief Executives, Chief Financial Officers, Chief Operating Officers and heads of organisations within the private and public sectors. The Senior Executive Experience (SEE) will allow participants to forge new ways of thinking around leadership, strategy, decision-making and negotiation.

New research published by the IMI has shown that senior executives are facing ever-increasing workloads there is limited opportunity for organisational leaders to invest time in continuous learning. 83% of senior business leaders in Ireland state their organisation needs a transformational change.

Yet, in the era of increased digitisation, growing requirements to integrate ESG and sustainability targets, economic uncertainty and geopolitical factors, the need to bring new thinking and new skills to the decision-making table of companies and public sector bodies has never been greater.

SEE has been developed specifically to meet the emerging skills needs of today’s leaders while also recognising the limited time that is available to spend on learning. The programme, delivered by a team of national and internationally renowned lecturers and experts, including Associate Dean at Ashridge Executive Education Dr Kerrie Fleming and best-selling author Bernard Marr, offers immersive learning together with peer-coaching with successful executives to equip participants with new tools and insights.

Commenting on the launch, Shane O’Sullivan, Interim CEO, IMI said: “The world class faculty on this programme will challenge and disrupt the way senior leaders think and will help to equip them with new tools and insights to shape the future of their organisations. Most importantly the course will provide the time and space to reframe how participants think about the issues they are confronted with, all while making relevant connections with industry peers.”

SEE is comprised of five separate learning tracks, which include: ‘Leading and Managing’, ‘Strategic Decision-Making and Risk Management’ and ‘Digital Transformation’. Participants can choose the area that best aligns with their interests and objectives or select different experiences from multiple tracks.

Upon completion, participants will be awarded a Certificate of Leadership Excellence, and become members of the IMI Senior Executive Alumni group, granting access to exclusive events with guest speakers, networking opportunities with other senior leaders and quarterly insights updates.

Mr O’Sullivan said: “When we surveyed business leaders recently, the vast majority said that their organisations needed a major transformational change. With the challenges associated with the recent global pandemic and economic uncertainty, and the opportunities presented by new technologies and ways of thinking, leaders really need to get away from the desk, be challenged to think differently and learn from others so that they can work towards embedding real change in their own organisations. To help, we have developed this unique programme of events and experiences, including networking and problem solving with like-minded senior executives.”

Dr. Kriti Jain, Associate Professor at IE Business School in Spain said: “Leaders need to continually acquire new ideas and learn new things to be able to make an impact in a digitally-enabled, knowledge economy. SEE offers senior executives alternatives to full-time study and excessive time commitments, with short and flexible experiences that deliver relevant skills, based on a selection of competency foundations.”

Starting dates for the programme are scheduled for May and September. To learn more about the modules, rates and lecturers, visit: https://www.imi.ie/product/senior-executive-experience/