Cyber criminals are taking relentless aim at financial institutions. Cargills Bank is taking a proactive approach to better safeguarding customers with a cognitive security solution, IBM® QRadar® Advisor with Watson. Analysts can readily examine a broad range of threat data and gain actionable insights to make decisions quickly.
Cargills Bank wanted to enhance its existing defensive cyber security capabilities, improve monitoring and implement stronger preventive protocols to guard against sophisticated threats.
The bank is using IBM QRadar SIEM, an industry leading security intelligence platform, with QRadar Advisor with Watson cognitive capabilities for early detection and classification of cyber threats.
Cargills Bank, a new banking entrant in Sri Lanka, is known for its unconventional business model built on access, convenience and inclusivity. Building on the rich heritage of the 174-year-old Cargills brand, the bank has a growing network of branches and over 340 access points at Cargills Food City outlets across the country.
“As the newest bank in the country, without a traditional brick and mortar legacy, we are a true digital bank while being able to leverage supermarket banking through the retail footprint of Cargills Food City,” says Rohan Muttiah, Chief Operating Officer. “The Cargills value chain is arguably the largest in the country, thereby providing a unique business eco-system for banking services.”
Security has been top of mind for the bank, as sophisticated cyberattacks and a constantly changing threat landscape continue to plague financial institutions across the globe. Cargills Bank wanted to enhance existing defensive capabilities, with improved monitoring and stronger preventive protocols to defend against sophisticated threats. The bank also wanted a solution to help security analysts to keep up to date on the endless amount of security data, including data generated from internal systems as well as threat intelligence, security research papers, security blogs, websites and other external sources of information required to analyze threats.
“We are committed to enhancing our customers’ digital banking experience while being mindful of emerging security threats. With cyber crime becoming more organized and sophisticated, it is imperative to deploy highly adaptive prevention, detection and response capabilities based on proven technology,” Rohan Muttiah adds.
The bank conducted an extensive process to identify and evaluate potential solutions. It selected the IBM QRadar Security Information and Event Management (SIEM) solution for comprehensive security monitoring, threat detection and actionable insight, along with QRadar Advisor with Watson, the first security solution that takes advantage of IBM Watson® AI capabilities to facilitate the rapid investigation and classification of potential security incidents.
“We always understood that traditional approaches to cyber security would not be effective. The banking industry has tended to rely on post-event diagnosis and response,” Rohan Muttiah says, noting the difficulty banks face in maintaining 24x7 capabilities, the lack of experienced and qualified personnel, and the volume of potential incidents overwhelming human capacity.
IBM QRadar Advisor with Watson, part of the IBM QRadar Security Intelligence Platform, brings cognitive capabilities to aid security analysts in their investigations and response processes. Combined with threat intelligence and security event data from QRadar, the solution helps analysts investigate potential threats by leveraging Watson's natural language processing capabilities across security blogs, websites, research papers and other sources to help shorten cyber security investigations from weeks or days to minutes or hours.
“The increasing frequency of cyber attacks also brings up an overwhelming volume of related data which is near impossible to comprehend quickly,” says Manori Unambuwe, Head-Software Sales – Sri Lanka & Maldives, IBM. “Watson has been trained in the language of cyber security and has ‘read’ more than two million cyber security documents, making available information from research reports not previously accessible to modern security tools.”
IBM QRadar SIEM detects anomalies, uncovers advanced threats and removes false positives. It consolidates log events and network flow data from thousands of devices, endpoints and applications distributed throughout a network. It then uses an advanced security analytics engine to normalize and correlate this data and identifies security offenses requiring investigation.
“Cargills Bank was able to leapfrog these limitations by using IBM QRadar SIEM and QRadar Advisor with Watson to receive real-time, prioritized alerts. IBM’s best-in-class cognitive security portfolio will help us pre-empt threats and mitigate risk, thereby supporting our position as a leading digital bank,” adds Rohan Muttiah.
The IBM solution was implemented locally through two IBM Business Partners: technology partner Blue Chip Engineering Co. of Sri Lanka and implementation partner Secbounty Services Private Limited of India.
“With the ready-to-go environment provided by the bank, we implemented IBM QRadar SIEM in a week’s time, with the QRadar Advisor with Watson component requiring under a day to get up and running,” says Ramprasath R, founder and Director of Secbounty Services. Within a very short while, he adds, Cargills Bank analysts using the solution identified and isolated an infection.
“With Watson, analysts received in minutes all the information they needed to conduct an investigation in a single pack,” says Ramprasath R, including the name of the person and the malware involved, as well as the attacker’s IP address, URL and domain name. “To get all that information manually would take hours, with searching multiple forums to correlate the IP address with the identity of the attacker and the kind of malware.”
Moreover, the solution is helping Cargills Bank conform to its risk-based approach to information security, which employs a governance structure that includes a board-level Sub Committee for Risk, and Information Security Council based on ISO 27001:2013, and a Technology Steering Committee.
“IBM Watson allows us to comply with key policies and implement procedures relating to Risk, Information Security, and Technology. The Cognitive SOC allows us to work with our existing Data Centre head count while providing them career development through training and exposure to AI,” Muttiah says.
Cargills Bank Ltd. (link resides outside of ibm.com) is a licensed commercial bank based in Sri Lanka. Cargills is a brand that has been faithfully serving Sri Lankans for 174 years, built on a foundation of values and ethics. True to this heritage and the ethos of “Banking on the Human Spirit,” Cargills Bank is taking banking to the masses by being inclusive and accessible with offers such as the Cargills Cash Savings Account, available at over 340 Cargills Food City outlets, and the Cargills Bank Debit Card.
Legal
© Copyright IBM Corporation 2018. IBM Security, 75 Binney Street, Cambridge MA 02142
Produced in the United States of America, May 2018
IBM, the IBM logo, ibm.com, QRadar and Watson are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the web at “Copyright and trademark information” at ibm.com/trademark.
This document is current as of the initial date of publication and may be changed by IBM at any time. Not all offerings are available in every country in which IBM operates. Not all offerings are available in every country in which IBM operates.
The client examples cited are presented for illustrative purposes only. Actual performance results may vary depending on specific configurations and operating conditions.
It is the user’s responsibility to evaluate and verify the operation of any other products or programs with IBM products and programs.
THE INFORMATION IN THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING WITHOUT ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OR CONDITION OF NON-INFRINGEMENT. IBM products are warranted according to the terms and conditions of the agreements under which they are provided.
The client is responsible for ensuring compliance with laws and regulations applicable to it. IBM does not provide legal advice or represent or warrant that its services or products will ensure that the client is in compliance with any law or regulation.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM does not warrant that systems and products are immune from the malicious or illegal conduct of any party.