The Challenge
Banking was once regarded as a stable, often uneventful profession. That’s all changed with the rise of cybercrime. Consider Patria Bank, a regional bank that was one of five financial firms in Romania targeted by the Cobalt Group, which was attempting to hack electronic payment systems. Fortunately for Patria Bank, the cybercriminals tipped their hand and initially attacked a decommissioned server isolated from the rest of the infrastructure.
Realizing Patria Bank would not be so lucky again, IT decided to evaluate alternative security solutions, such as McAfee Endpoint Security, and Symantec Endpoint Protection. After an in-depth evaluation, our partner enabled Business Security Enterprise emerged as the clear choice for Patria Bank.
Razvan Cioc, Chief Information Security Officer, Patria Bank, states, “We were impressed with the sophistication and automation of the platform’s endpoint detection and response. The cloud console was extremely user friendly and provided in-depth visibility and detailed reporting across our infrastructure. Compared to the other solutions, Business Security Enterprise was best value for the money.”
Another factor in the bank’s choice of the platform was the European Union General Data Protection Regulation (GDPR), a new law that imposes stiff fines when companies experience privacy or data breaches.
“It provides the best protection against data breaches, which provides us with the confidence to comply with the EU’s GDPR law,” says Cioc. “Data breaches can cost organizations in fines up to four percent of their total revenue or 20 million euros depending on which is greater. That’s not something a lot of businesses can survive.”
The Solution
Patria Bank depends on Business Security Enterprise to provide endpoint detection and response (EDR) capabilities to 1,100 Windows desktops and laptops, Windows servers, and VMware ESXi and Microsoft Hyper-V virtual servers.
The bank has been pleased with Bitdefender Professional Services, which provided installation and configuration of the platform, and Premium Support.
“Our security and IT specialists have been extremely impressed with the fast response and deep knowledge of their services and customer support teams,” comments Cioc. “Their culture is very customer-centric, which shows up in virtually every interaction we have with them.”
Cyber Security Solution
Endpoint Detection and Response
Organization
Patria Bank
Industry
Banking
IT Environment
Windows Desktop and Laptops, Windows Servers, VMware ESXi, Microsoft Hyper-V Virtual Servers
Operating Systems
Windows
The Results
A top priority for Patria Bank is protecting its assets and data from increasingly aggressive advanced persistent threat (APT) groups and other organized crime entities.
“EDR capabilities help us maintain a nimble, agile security posture capable of rapid response to a spectrum of attacks, including signature-based and behavior-based threats,” Cioc says. “Since deploying the platform, we prevented any outbreaks from infiltrating our infrastructure.”
With the platform’s automation and intelligence, Cioc estimates the security team spends about eight hours a week on incident response and resolution versus 12 hours before—a 33 percent reduction.
“We’re a small bank with a small security team,” Cioc reflects. “The platform helps extend our security team’s capabilities by automating the blocking of threats. When we need to get involved, we’re able to complete security investigations about 33 percent faster than before.”
He concludes, “With the platform, we’ve freed time for additional vulnerability management activities, such as system hardening, performance management, and perimeter security. These efforts provide us with yet another layer of security.”
Cioc appreciates that the platform differentiates between threats that must be immediately blocked versus those that require alerts to security analysts for investigation.
“It enables security analysts to easily pinpoint behavior of certain machines at various points in time instead of reverse engineering incidents, which takes more time and is less effective,” Cioc says.