EDR/XDR Solution
Patch Management as a Service
OT Security Services
Zero Trust VPN Access
PIM/PAM Solution
Managed SOC Services
Managed Data Loss Prevention
MDR Services
VAPT
Social Engineering Assessment
Red Team Assessment
Imperum
Bhutan Financial Institution
Explore our IT services: innovative solutions, cutting-edge technology, and expert support to transform your business digitally.
Case Details
Clients: Bank of Bhutan
Start Day: 13/01/2023
Tags: Finance, Banking
Project Duration: 3 Years
Download Case Details
Download a detailed report on this case
Let’s Work Together for Development
Call us directly, submit a sample or email us!
The Story
BFI – As a leading Financial Institution in the market with a large and highly mobile IT infrastructure, they had the potential to become an attractive target for cybercriminals. This was also due to the distributed nature of the Bank’s workforce since it relies heavily on Cloud services and Web Applications to enable and facilitate access to systems and data for employees and subcontractors, both in the office and in the field. Security logs were not consistently captured, analysed, and correlated, leaving the organization exposed to attacks without any visibility.
There have also been concerns about whether the business is doing enough to meet GDPR and PCI DSS requirements, etc. BFI needed a security capability that would enable it to effectively monitor and protect critical data and assets, 24/7/365. But with a small team, the company’s head of technology and cybersecurity knew it didn’t have the resources to build this capability in-house and needed a security partner to provide support and expertise for below pain areas.
- Growing use of cloud services
- Dispersed and mobile workforce
- GDPR and PCI DSS requirements
- Usage of Web-facing applications to manage Business Operations.
- To secure their IT Infrastructure from vulnerable Threat vectors.
Solution Approach
After a rigorous selection process, BFI chose AiCyberWatch as its cyber security partner. They did so in recognition of the fact that AiCyberWatch demonstrated a clear understanding of their needs and offered a set of well-integrated and expertly supported tools to address them.
- Tailored and deployed our XDR solution specific to their requirements
- Conducted an extensive assessment of their existing cybersecurity posture with VAPT, Firewall Security assessment, and other tests
- Identified and categorized all the assets where information was dealt with and stored
- Created a risk treatment plan that could remediate all of their vulnerabilities.
- Implemented the plan with the right technology, measures, controls, policies, configurations and rules
- Created a report of all the recommendations and security measures
Data Analysis Chart
The Results
While the organization had already implemented hygiene features to help prevent cyberattacks, it wanted to elevate its cybersecurity maturity by strengthening its ability to proactively monitor threats that may evade these controls. In an average month, security events in a company’s infrastructure generate hundreds of security alerts.
Without AiCyberWatch, the team would not have the time to research, analyse and triage all these alerts to verify that they are genuine and require a response. The business now has confidence that its infrastructure, including more than 200 + Critical Infra and endpoints, and its corporate website are constantly monitored, and when its team receives notification of incidents, those are the ones that really need attention.
Customer Reviews of the Case
