

EP212 Securing the Cloud at Scale: Modern Bank CISO on Metrics, Challenges, and SecOps
10 snips Feb 24, 2025
Dave Hannigan, CISO at Nu Bank, brings a wealth of knowledge from his time at Spotify to discuss the unique challenges faced in neobanking. He dives into the complexities of regulatory compliance and the innovative security practices necessary in the rapidly evolving Latin American finance landscape. Hannigan highlights the critical role of identity and access management in cloud security and shares key metrics for assessing security posture. He also reflects on the cultural shifts needed for effective cloud operations and why he chose Google SecOps for his team.
AI Snips
Chapters
Books
Transcript
Episode notes
Express Kidnappings
- NuBank operates in Brazil, Mexico, and Colombia, where express kidnappings leverage instant money transfers.
- Criminals force victims to transfer funds via Pix, an instant transfer system like Zelle.
Nubank's Security Focus
- Nubank's online-only model necessitates a deeper focus on security than traditional banks.
- Without physical branches, every business problem becomes a tech problem, impacting customer finances directly.
Organizational Structure
- Focus on organizational structure and avoid creating silos by having too many niche security teams.
- Prioritize effective communication and connective tissue within the organization.