Standard Bank Group, with an annual IT budget exceeding $1.2 billion, boasts a vast technological infrastructure.
It employs 5,500 people in its group technology division, with nearly 1,000 of them dedicated to protecting the bank from cyber threats.
Jörg Fischer, the Chief Information Officer (CIO) of Standard Bank Group, revealed in a recent interview on TechCentral’s Meet the CIO podcast that cybersecurity is a critical focus for Africa’s largest financial institution.
“Are we concerned about cybersecurity daily? Absolutely,” Fischer emphasized. “We invest over $52 million in cybersecurity annually. Even though we have a skilled in-house team, we also collaborate extensively with external partners.”
Standard Bank’s security framework revolves around the Microsoft security stack. Each business division, from personal and commercial banking to insurance and asset management, has a dedicated Chief Information Security Officer (CISO) who reports both to Fischer and the group’s risk and audit team.
Despite having a robust security team, Fischer acknowledged the unpredictability of cyberattacks, which compels the bank to prioritise contingency plans to mitigate potential damage.
“I spend considerable time with international CISOs to learn from their experiences with cyber breaches,” Fischer explained. “There’s much to manage—stakeholders, regulations—so I always ask how they handled those challenges.”
Tackling System Instability
When Fischer assumed the CIO role in 2022, one of his primary objectives was to address system outages that had plagued Standard Bank’s digital platforms.
He noted that most of these problems stemmed from the complexity of integrating the bank’s 2,500 applications rather than technological shortcomings.
“I focused on improving the people aspect and cultivating a collaborative culture,” Fischer said. “It was about getting teams to realise that no matter where they worked, we were all facing the same challenges.”
To resolve system instability, Fischer introduced greater discipline in daily IT operations, ensuring that software engineers paid more attention to essential administrative tasks.
He also instituted weekly stability meetings to review past issues and learn from them, shifting the culture from one of blame to continuous improvement.
With so many third-party applications involved, Fischer also places significant importance on maintaining strong relationships with international software vendors.
He frequently meets with senior executives from these vendors to ensure smooth collaboration and system integration.
Fischer’s leadership has been instrumental in stabilising Standard Bank’s systems and fortifying its defences against ever-evolving cyber threats.
