OVERVIEW

BRAC Bank Limited (BRAC Bank) is one of Bangladesh’s most notable banks for small and medium-sized businesses (SMBs). Founded in 2001, it operates on a diversified business model, serving around two million retail customers globally.

It is the only member of the Global Alliance for Banking on Values (GABV) from Bangladesh, the first Bangladeshi bank to have received the ISO 27001:2013 certification for information security, and the only bank in Bangladesh to achieve ISO 18788:2015 certification for security operations management.

CHALLENGES

The banking sector is a top target for cyberattacks. Given the rapid digital transformation that it has faced in the last few years, BRAC Bank realized the importance of implementing a robust security solution for its networks and endpoints.

“We have multiple digital and transformational initiatives on an ongoing basis”, says B.M. Zahid Ul Haque, Head of Information Security. “As a company, we have always been at the forefront of implementing state-of-the-art security controls, policies, and procedures. Considering our vulnerability to targeted cyberattacks, we wanted to elevate our security posture. Being a large organization, we needed a solution which would give us a holistic view of endpoints and the network, while also delivering realtime security updates and threat intelligence. Thanks to our internal team and higher management support we were able to make it happen.”

The bank also needed protection against low-level phishing via email, SMS, website, and advanced persistent threats such as malware infections, targeted attacks, zero-day, and vulnerability exploits.

WHY TREND

BRAC Bank brought together an evaluation team with multiple stakeholders to assess various products based on the security, visibility, control, and adaptability they offered. User feedback, market reviews, and features based on price points were also considered. Says B.M. Zahid Ul Haque, “Trend Micro’s track record of continuous innovation, its laser focus on next-gen endpoint security, and its unmatched standards convinced us that Trend Micro was the right solution for us. We considered various parameters such as sales and solution experiences, and support.”

SOLUTION

An internal team was trained and Trend Micro’s solution for endpoints and networks was deployed in a phased manner. Advanced capabilities such as high-fidelity machine learning, behavioral analysis, exploit protection, file reputation, ransomware variant protection, intrusion prevention, command and control (C&C) blocking, browser exploit protection, application whitelisting, web reputation, and sandbox integration provide complete protection against the evolving threat landscape. Real-time updates keep endpoints light and lean for faster protection.

A broad range of anti-malware techniques helps deliver multiple layers of threat protection and data security for endpoints. Deep Discovery addresses advanced persistent threats and provides a comprehensive solution to detect, analyze, adapt, and respond to targeted attacks. It also identifies zero-day malware, malicious communications, and attacker activities that escape standard security defenses. The Shared Threat Intelligence feature ingests advanced threat intelligence or indicators of compromise (IoCs) from threat feeds and custom inputs, enabling the bank to block unknown threats.

RESULTS

Since implementing Trend Micro, the company has been able to get 360-degree visibility into the threat landscape. Advanced threat monitoring capabilities ensure that the network and endpoints are automatically shielded from vulnerabilities, malware, and ransomware attacks.

“The product’s investigative capabilities are extremely advanced and give us a holistic view of endpoints and networks across the organization,” observes B.M. Zahid Ul Haque. “Moreover, the endpoint and network solution are lightweight and operational roadblocks are easy to address.”

Shared threat intelligence and real-time security updates ensure that detection and response are rapid, while real-time virtual patching proactively protects against zeroday attacks and network-exploitable vulnerabilities.

WHAT'S NEXT

For all financial institutions, ensuring the highest level of IT security is an ongoing concern. Banks will continue to be key targets for cybercriminals and must prepare to defend themselves against the next wave of cyber threats.

“We look forward to doing more PoCs with Trend Micro,” says B.M. Zahid Ul Haque. “As the threat landscape continues to evolve and cybercriminals employ increasingly sophisticated techniques, we need a solution that can also grow and improve our defense against advanced threats and targeted attacks.”