Trust vs Tech: Why Regional Banks Are Falling Behind
Regional banks face extinction if they don’t evolve. In this episode, Luigi Ferri explains how AI, automation, and customer-driven innovation are redefining digital banking. Learn from Luigi Ferri why “trust” is no longer enough and how agentic banking will shape the future of finance by 2035.In this episode, we answer to:Is AI driving banking transformation, or are customers in control?What is the future of regional banks in the age of agentic AI?How can traditional banks survive digital disruption and customer flight?Resources Mentioned in this Episode:Spherical Insights, article "Global AI Agents In Financial Services Market To Exceed USD 19890.2 Million By 2035 | CAGR 40.03%", link https://www.sphericalinsights.com/press-release/ai-agents-in-financial-services-marketGlobal Banking and Finance website, article "Banking in 2035 How Emerging Technologies Will Transform the Way We Bank", link https://www.globalbankingandfinance.com/banking-in-2035-how-emerging-technologies-will-transform-the-way-we-bank/ CIO Africa website, article "How Edge Computing Is Transforming Banking", link https://cioafrica.co/how-edge-computing-is-transforming-banking/World Economic Forum website, article "How Agentic AI will transform financial services with autonomy, efficiency and inclusion", link https://www.weforum.org/stories/2024/12/agentic-ai-financial-services-autonomy-efficiency-and-inclusion/ Money Vehicle website, article "Digital Banking 2024: Exploring the Evolution and Its Impacts", link https://yourmoneyvehicle.com/banking/digital-banking-2024-exploring-the-evolution-and-its-impacts/ Connect with me on:LinkedIn: https://www.linkedin.com/in/theitsmpractice/Website: http://www.theitsmpractice.comAnd if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.Credits:Sound engineering by Alan Southgate - http://alsouthgate.co.uk/Graphics by Yulia Kolodyazhnaya
--------
7:27
--------
7:27
BSI C5 vs NIST 800-53: Smart Compliance for Banks
In this episode, Luigi Ferri compares two pillars of cloud security compliance: BSI C5 (Germany) and NIST SP 800-53 (USA). Discover how global banks can harmonize compliance, cut costs, and focus on real security over bureaucracy. Learn how ITSM and IT security teams can transform audit frameworks into governance tools that truly add value.In this episode, we answer to:How can global banks manage cloud compliance across BSI C5 and NIST SP 800-53 without duplicating effort?What are the key differences and overlaps between BSI C5 and NIST SP 800-53?Does compliance really improve security — or just increase documentation?Resources Mentioned in this Episode: German Federal Office for Information Security website, article "Criteria catalogue C5", link https://www.bsi.bund.de/EN/Themen/Unternehmen-und-Organisationen/Informationen-und-Empfehlungen/Empfehlungen-nach-Angriffszielen/Cloud-Computing/Kriterienkatalog-C5/kriterienkatalog-c5_node.html Securance website, article "What is BSI C5?", link https://audit-professionals.de/bsi-c5/ CyberSaint Security website, article "What is NIST SP 800-53?", link https://www.cybersaint.io/blog/what-is-nist-800-53 6 Clicks website, article "Comparison between NIST Cybersecurity Framework (CSF) and NIST SP 800-53", link https://www.6clicks.com/resources/comparisons/nist-cybersecurity-framework-csf-vs-nist-sp-800-53 Connect with me on:LinkedIn: https://www.linkedin.com/in/theitsmpractice/Website: http://www.theitsmpractice.comAnd if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.Credits:Sound engineering by Alan Southgate - http://alsouthgate.co.uk/Graphics by Yulia Kolodyazhnaya
--------
7:42
--------
7:42
What Is the AICM Framework for AI Compliance?
AI is transforming banking, but so are the rules. In this episode, Luigi Ferri explores how the Artificial Intelligence Control Matrix (AICM) helps financial institutions navigate complex compliance frameworks like ISO 42001, NIST AI RMF, and the EU AI Act, while staying secure and cost-efficient. Discover how to simplify AI governance, reduce audit fatigue, and protect your organization from model poisoning and adversarial risks.In this episode, we answer to:How can banks use AI while managing overlapping regulations and compliance frameworks?What new AI threats (like model poisoning and adversarial inputs) are traditional controls missing?How does the Artificial Intelligence Control Matrix (AICM) simplify compliance and strengthen AI security?Resources Mentioned in this Episode:Alphasec website, article "CSA AI Controls Matrix: A Sneak Preview", link https://alphasec.io/csa-ai-controls-matrix-a-sneak-preview/ Clarendon Partners website, whitepaper "AI Controls in Financial Services", link https://www.clarendonptrs.com/s/05_03_24_AI_Controls_in_Financial_Services_Clarendon_Partners_GRC_Ebook_Compressed.pdf Bank for International Settlements website, whitepaper "Regulating AI in the financial sector: recent developments and main challenges", link https://www.bis.org/fsi/publ/insights63.htm Cloud Security Alliance website, whitepaper "AICM mapping to NIST 600-1", link https://cloudsecurityalliance.org/artifacts/aicm-mapping-to-nist-600-1 Connect with me on:LinkedIn: https://www.linkedin.com/in/theitsmpractice/Website: http://www.theitsmpractice.comAnd if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.Credits:Sound engineering by Alan Southgate - http://alsouthgate.co.uk/Graphics by Yulia Kolodyazhnaya
--------
9:06
--------
9:06
Process Mining in ITSM: Hidden Workflows Revealed
Discover how Luigi Ferri explains how Process Mining in ITSM transforms service delivery by revealing real workflows hidden behind your dashboards. Learn how to eliminate bottlenecks, prevent SLA breaches, and align your Service Catalogue with reality. Turn ITSM data into actionable insights for compliance, automation, and continuous improvement.In this episode, we answer to:What’s the real difference between Process Mining and Task Mining in ITSM?How can Process Mining prevent SLA breaches and improve service performance?How does Process Mining enhance Service Catalogue accuracy and ensure compliance with ISO standards?Resources Mentioned in this Episode: Process Science website, article "Process Mining in IT services", link https://www.process-science.com/use-cases/it-servicesMindzie website, article "Top Benefits of Process Mining: Optimize, Analyze, Automate", link https://mindzie.com/process-mining-software/process-mining-benefits/Celonis website, article "5 Benefits of Using Process Mining for IT Service Management", link https://www.celonis.com/blog/5-benefits-of-using-process-mining-for-it-service-management/ Atlassian website, article "Process Mining Analyze and Optimize Jira Workflows and Processes", link https://community.atlassian.com/forums/App-Central-articles/Process-Mining-Analyze-and-Optimize-Jira-Workflows-and-Processes/ba-p/2768242 Connect with me on:LinkedIn: https://www.linkedin.com/in/theitsmpractice/Website: http://www.theitsmpractice.comAnd if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.Credits:Sound engineering by Alan Southgate - http://alsouthgate.co.uk/Graphics by Yulia Kolodyazhnaya
--------
9:40
--------
9:40
How to Build IT Accountability with SoD (ISO 27001 Control 5.3)
In this episode of The ITSM Practice, Luigi Ferri explores ISO/IEC 27001:2022 Control 5.3 – Segregation of Duties (SoD). Learn how to reduce risk, design accountability, and strengthen your ISMS with actionable SoD strategies, especially in ITIL 4 environments. Master RBAC, role clarity, and audit readiness to build trust into your IT processes by design.In this episode, we answer to:How does ISO 27001:2022 Control 5.3 define and implement Segregation of Duties?What are effective ways to apply RBAC and SoD in small or resource-limited teams?How can organizations monitor, log, and prove SoD compliance for audits?Resources Mentioned in this Episode:ISMS-Online, article "ISO 27001:2022 Annex A 5.3 – Segregation of duties", link https://de.isms.online/iso-27001/annex-a/5-3-segregation-of-duties-2022/ Morgan Hill website, template "ISO/IEC 27002:2022 | 5.3 - Segregation of Duties Policy Template", link https://morganhillcg.com/blog/item/iso-iec-27002-2022-5-3-segregation-of-duties-policy-template-2 HighTable, article "The Ultimate Guide to ISO 27001:2022 Clause 5.3: Organisational Roles, Responsibilities and Authorities", link https://hightable.io/iso-27001-clause-5-3-organisational-roles-responsibilities-and-authorities/ Connect with me on:LinkedIn: https://www.linkedin.com/in/theitsmpractice/Website: http://www.theitsmpractice.comAnd if you want more tips and guidance, follow me on LinkedIn. I am sharing daily posts regarding Enterprise Service Management, IT Service Management, and IT Security.Credits:Sound engineering by Alan Southgate - http://alsouthgate.co.uk/Graphics by Yulia Kolodyazhnaya
Over The ITSM Practice: Elevating ITSM and IT Security Knowledge
Join Luigi Ferri, an experienced ITSM & IT Security Professional, in 'The ITSM Practice.' Explore IT Service Management and IT Security, uncovering innovations and best practices with insights from leading organizations like Volkswagen Financial Services, Vodafone, and more. Each episode offers practical guides and expert discussions for learning and growth. Ideal for all ITSM and IT Security Professionals!
Stay Connected:
LinkedIn: https://www.linkedin.com/in/theitsmpractice/
Youtube: https://www.youtube.com/@theitsmpractice
Website: http://www.theitsmpractice.com
Luister naar The ITSM Practice: Elevating ITSM and IT Security Knowledge, De Technoloog | BNR en vele andere podcasts van over de hele wereld met de radio.net-app
Netherlands