Cargills Bank wanted to enhance its existing defensive cyber security capabilities, improve monitoring and implement stronger preventive protocols to guard against sophisticated threats.
Speedsthe process of detecting and accurately identifying cyber threats and alerts
Guardsagainst sophisticated threat incidents with stronger preventive protocols
Transformsmillions of security documents into actionable intelligence relevant to specific threats
Business challenge story
Facing a constantly changing threat landscape
Cargills Bank, a new banking entrant in Sri Lanka, is known for its unconventional business model built on access, convenience and inclusivity. Building on the rich heritage of the 174-year-old Cargills brand, the bank has a growing network of branches and over 340 access points at Cargills Food City outlets across the country.
“As the newest bank in the country, without a traditional brick and mortar legacy, we are a true digital bank while being able to leverage supermarket banking through the retail footprint of Cargills Food City,” says Rohan Muttiah, Chief Operating Officer. “The Cargills value chain is arguably the largest in the country, thereby providing a unique business eco-system for banking services.”
Security has been top of mind for the bank, as sophisticated cyberattacks and a constantly changing threat landscape continue to plague financial institutions across the globe. Cargills Bank wanted to enhance existing defensive capabilities, with improved monitoring and stronger preventive protocols to defend against sophisticated threats. The bank also wanted a solution to help security analysts to keep up to date on the endless amount of security data, including data generated from internal systems as well as threat intelligence, security research papers, security blogs, websites and other external sources of information required to analyze threats.
“We are committed to enhancing our customers’ digital banking experience while being mindful of emerging security threats. With cyber crime becoming more organized and sophisticated, it is imperative to deploy highly adaptive prevention, detection and response capabilities based on proven technology,” Rohan Muttiah adds.
Adopting AI technology for security
The bank conducted an extensive process to identify and evaluate potential solutions. It selected the IBM QRadar Security Information and Event Management (SIEM) solution for comprehensive security monitoring, threat detection and actionable insight, along with QRadar Advisor with Watson, the first security solution that takes advantage of IBM Watson® AI capabilities to facilitate the rapid investigation and classification of potential security incidents.
“We always understood that traditional approaches to cyber security would not be effective. The banking industry has tended to rely on post-event diagnosis and response,” Rohan Muttiah says, noting the difficulty banks face in maintaining 24x7 capabilities, the lack of experienced and qualified personnel, and the volume of potential incidents overwhelming human capacity.
IBM QRadar Advisor with Watson, part of the IBM QRadar Security Intelligence Platform, brings cognitive capabilities to aid security analysts in their investigations and response processes. Combined with threat intelligence and security event data from QRadar, the solution helps analysts investigate potential threats by leveraging Watson's natural language processing capabilities across security blogs, websites, research papers and other sources to help shorten cyber security investigations from weeks or days to minutes or hours.
“The increasing frequency of cyber attacks also brings up an overwhelming volume of related data which is near impossible to comprehend quickly,” says Manori Unambuwe, Head-Software Sales – Sri Lanka & Maldives, IBM. “Watson has been trained in the language of cyber security and has ‘read’ more than two million cyber security documents, making available information from research reports not previously accessible to modern security tools.”
IBM QRadar SIEM detects anomalies, uncovers advanced threats and removes false positives. It consolidates log events and network flow data from thousands of devices, endpoints and applications distributed throughout a network. It then uses an advanced security analytics engine to normalize and correlate this data and identifies security offenses requiring investigation.
“Cargills Bank was able to leapfrog these limitations by using IBM QRadar SIEM and QRadar Advisor with Watson to receive real-time, prioritized alerts. IBM’s best-in-class cognitive security portfolio will help us pre-empt threats and mitigate risk, thereby supporting our position as a leading digital bank,” adds Rohan Muttiah.
Satisfying a risk-based approach to information security
The IBM solution was implemented locally through two IBM Business Partners: technology partner Blue Chip Engineering Co. of Sri Lanka and implementation partner Secbounty Services Private Limited of India.
“With the ready-to-go environment provided by the bank, we implemented IBM QRadar SIEM in a week’s time, with the QRadar Advisor with Watson component requiring under a day to get up and running,” says Ramprasath R, founder and Director of Secbounty Services. Within a very short while, he adds, Cargills Bank analysts using the solution identified and isolated an infection.
“With Watson, analysts received in minutes all the information they needed to conduct an investigation in a single pack,” says Ramprasath R, including the name of the person and the malware involved, as well as the attacker’s IP address, URL and domain name. “To get all that information manually would take hours, with searching multiple forums to correlate the IP address with the identity of the attacker and the kind of malware.”
Moreover, the solution is helping Cargills Bank conform to its risk-based approach to information security, which employs a governance structure that includes a board-level Sub Committee for Risk, and Information Security Council based on ISO 27001:2013, and a Technology Steering Committee.
“IBM Watson allows us to comply with key policies and implement procedures relating to Risk, Information Security, and Technology. The Cognitive SOC allows us to work with our existing Data Centre head count while providing them career development through training and exposure to AI,” Muttiah says.
About Cargills Bank Ltd.
Cargills Bank Ltd. is a licensed commercial bank based in Sri Lanka. Cargills is a brand that has been faithfully serving Sri Lankans for 174 years, built on a foundation of values and ethics. True to this heritage and the ethos of “Banking on the Human Spirit,” Cargills Bank is taking banking to the masses by being inclusive and accessible with offers such as the Cargills Cash Savings Account, available at over 340 Cargills Food City outlets, and the Cargills Bank Debit Card.