Like most banks and financial institutions, Standard Bank, the largest African banking group by assets, has built its online presence across web, mobile, and social channels to better interact with and serve customers.
The pace of change accelerated by these digital development programs, which run across multiple countries, created a challenge for the central security team. To safely navigate its digital journey, Standard Bank required the visibility needed to bring all digital assets under the scope of their security program and monitor them for digital threats like brand infringement, cybercrime, and web-based attacks.
The Standard Bank security team was also looking for a solution that could automate the discovery and threat analysis of the company’s full digital presence, replacing manual processes that were time and resource-intensive. The solution also needed to provide automated digital asset discovery, granular risk views to asset owners, easy integration into existing monitoring and reporting tools, and support for initiatives such as data privacy.
With 93% of customers recently stating that they’ve increased their ability to perform threat detection with RiskIQ, 100% increasing its visibility into external threats from internet-facing assets, and 65% decreasing their Mean Time To Response (MTTR) to incidents within a week of implementation, RiskIQ proved to be a perfect fit.
By using RiskIQ to develop an inventory of their internet-exposed assets and monitoring them for change, Standard Bank is now well-suited to tackle a threat landscape that continually tests the defenses of the banking industry. In fact, when looking at Risk Reports for 25 of the 50 largest banks in the U.S., RiskIQ found the average bank had 30 domain configuration issues, 42 SSL configuration issues, 87 IP reputation issues, and 81 threat indicators across their digital footprints, which could be exploited by attackers.
Since implementation, Standard Bank uses RiskIQ’s internet data to enable collaboration between its central and decentralized teams to improve its security posture continually and work with the business to proactively address areas of weakness. With 75% of incidents that lead to data breaches originate externally—almost half of which target unknown and thus unmanaged digital assets according to the Verizon Data Breach and Incident Report, this vigilance against threats outside the firewall is crucial.
Now, working with the RiskIQ customer success team, Standard Bank is looking at integrating RiskIQ solutions with other security solutions to further improve automation and reduce manual tasks. They are also looking at additional areas where RiskIQ could add value, including compliance with data privacy regulations (GDPR / POPI), risk scoring, and benchmarking.
To read more about all the ways RiskIQ helps defend Standard Bank's digital presence, visit the Case Study here.