10/18/2019 - AI and the Evolution of Cloud Computing: Evaluating How Financial...(EventID=110094)

Video Description

Friday, October 18, 2019 (9:30 AM) --Subcommittee Task Force on (Committee on Financial Services) Hearing Entitled "AI and the Evolution of Cloud Computing: Evaluating How Financial Data is Stored, Protected, and Maintained by Cloud Providers." Connect with the House Financial Services Committee Get the latest news: https://financialservices.house.gov/ Follow us on Facebook: https://www.facebook.com/FinancialDems/ Follow us on Twitter: https://twitter.com/FSCDems ---- This single-panel hearing will have the following witnesses: • Ms. Meredith Broussard, Associate Professor, NYU and Affiliate Faculty Member, NYU Center for Data Science • Ms. Alla Seiffert, Director of Cloud Policy and Counsel at Internet Association • Mr. Steve Grobman, Senior Vice President and Chief Technology Officer, McAfee • Dr. Jordan Brandt, CEO and Cofounder, Inpher • Mr. Paul Benda, Senior Vice President, Risk Cybersecurity Policy, American Bankers Association Overview Cloud computing has revolutionized the way entities and consumers store, maintain, and protect data. The “cloud” broadly represents business strategies, technologies (information technology (“IT”) and security), and architectures (components and subcomponents required for cloud computing) that permit users to receive information, data, and files on demand from a third-party service provider through the internet. There is no agreed upon definition of the “cloud”, but one commonly used by industry and regulators is one from the National Institute of Standards and Technology (“NIST”) that defines the cloud as a system for enabling efficient and on-demand access, regardless of location, to shared configurable resources that can be rapidly delivered to consumers with little management or oversight by a cloud provider. Artificial intelligence (“AI”) is a component of cloud computing because of its ability to (1) further streamline tasks, moving towards self-managed clouds and (2) improve how data is managed by allowing faster updates and indexing. Initially, the financial services sector was slower to adopt cloud computing as compared to other sectors, but that has changed in recent years. Financial institutions mainly adopt cloud computing because of the benefits found in managing IT, compliance with regulatory requirements, and situations that require high performance computing with low latency (e.g., high frequency trading). Most banks have quickly adopted cloud computing for non-core purposes (i.e., human resources, e-mail, analytics, customer relationship management, and development and testing) but have exercised caution when choosing to migrate core services and activities (i.e., treasury, payments, retail banking, and enterprise data) to the cloud because of their critical nature and the cost of moving legacy systems onto new systems. Yet, even for core functions, many analysts expect large banks to move most, if not all, of their computing needs to cloud platforms within the next five to ten years. Technology, Terminology, and Implementation There are several basic technologies that cloud service providers (“CSP”) leverage and provide to customers. Within the financial industry, there are four main types of cloud deployments and some entities deploy multiple clouds: 1. Public Clouds are a digital environment where the computing resources are available in a shared environment and accessed by multiple customers of the CSP. 2. Private Clouds provide computing resources dedicated to a single entity. This is more costly than a public cloud because it can involve large capital expenditures on network hardware, software, and maintenance. Private clouds may be on or off premises and jointly owned by the entity and a third-party. 3. Community Clouds are available for use by a specific community of users that have shared needs or concerns, like security, compliance or jurisdiction. 4. Hybrid Clouds arrange a mix of deployments that enables quick data movability among different deployments. Within each deployment are three main service implementations, where some entities implement multiple services and some CSPs offer all three services: 1. Software-as-a-Service (“SaaS”) provides one or more software applications designed for specific purposes, typically vendor-managed and customizable by users. Some examples include, Slack, Microsoft 365, and Salesforce. 2. Platform-as-a-Service (“PaaS”) is an application platform software (commonly referred to as middleware because it sits between the CSP and customer) that provides customers flexibility to build and deploy custom applications using tools supported by the CSP. Some examples include, Google App Engine, Engine Yard, and Heroku. 3. Infrastructure-as-a-Service (“IaaS”, pronounced EYE-AS) known as the complete package for competing functionality, includes hardware, software, servers, and networking competing. The customer does not manage or control the underlying cloud but has control over the operating...