# [LOW] Overcoming AppSec Challenges in FinServ: How CIBC Balances Speed, Security, and Compliance

**Source:** Snyk
**Published:** 2025-03-20
**Article:** https://snyk.io/blog/overcoming-appsec-challenges-in-finserv-how-cibc-balances-speed-security-and/

## Threat Profile

Snyk Blog In this article
Written by Snyk Team 
March 20, 2025
0 mins read Financial institutions face a tricky balancing act: they need to innovate quickly while also following strict compliance rules in an environment where security is paramount. Recently, Snyk's Field CTO, Steven Schmidt , sat down with Mihai Saveschi , Senior Director of Security Service Management at CIBC , for a fireside chat to discuss these pressing issues. 
We’ve pulled key insights from their conversation on some of th…

## Indicators of Compromise (high-fidelity only)

- _No high-fidelity IOCs in the RSS summary._ If the source publishes a technical write-up with defanged IOCs in the body, those would be picked up automatically on the next pipeline run.

## MITRE ATT&CK Techniques

- _Narrative-keyword inference returned no technique mappings; review article for ATT&CK relevance manually._

## Kill chain phases observed

_(none detected from narrative keywords)_

## Recommended hunts

_No actionable hunts can be derived from the RSS summary alone. The article may still warrant manual review — open the source link for actor attribution, IOCs in the body, and TTP detail._


## Why this matters

Severity classified as **LOW** based on: 0 use case(s) fired, 0 technique(s) inferred. Read the full article for actor attribution, tooling details, and any defanged IOCs in the body that aren't visible in the RSS summary.