BEA: Maintaining stringent security measures with Mandiant Security Validation

In the financial services industry (FSI) where customers put their trust in the system to safeguard their confidential financial information and transactions, security is paramount. With this in mind, The Bank of East Asia, Limited (BEA) proactively prioritizes its customers' asset security by adopting the latest solutions and innovative technologies.

"One of our key areas of focus is to consistently enhance our customers' experience while ensuring robust cybersecurity measures," says Stephen Leung, Group Chief Information Officer, General Manager and Head of Technology and Productivity Division at BEA.

Operating in a highly regulated environment, FSIs handle vast amounts of personal and financial data. This means data privacy and protection measures, such as encryption, data classification, access controls, and proactive threat detection, are essential to these organizations. BEA, which has 130 outlets around the world, consistently explores new technologies to build upon its strong foundations and maintain its position as the preferred Bank in its market.

To that end, the Bank decided to implement Mandiant's Security Validation (MSV) solution in 2023 to keep its security controls in check.

"Breaches in cybersecurity can lead to business disruptions, financial losses and reputational damages," Leung says. "Through the use of MSV, we can validate our most vital assets against the latest cyberattack techniques."

Evolving the organization's cybersecurity guardrails

Banks are trusted organizations where people place their greatest assets, so any kind of cyberattack, no matter how big or small, can bring long-term detrimental effects.

In order to ensure continuity, BEA evaluated its options before deciding on its partner. The team looked at factors including brand reputation, operational efficiencies, references, and cost.

Apart from the security capabilities that MSV offered, the BEA team needed to ensure that technical setup requirements were aligned with the Bank's existing architecture. The transparency and insights that MSV provides have helped BEA ascertain its level of security across its network.

As a Google Cloud user, BEA has also been using BigQuery, Dataflow, Cloud Composer, the Operations Suite, and the Security Command Center. As such, integrating MSV into its ecosystem made sense, as it serves as a crucial layer of precaution.

"We've always had good communication and collaboration with the Mandiant and Google Cloud teams," Leung says. "Mandiant sets very transparent and clear expectations across different project stages so that we have a good understanding of how MSV is improving our security capabilities and services."

A robust security platform that's sustainable for the long run

As cyberattackers become increasingly stealthy in their approach, malwares look less suspicious but still pose real threats. With MSV in place, BEA has access to frequent data on the latest threat intelligence and analysis information by industry, geolocation, threat severity, and trend.

"With Mandiant, we can safely emulate the latest and most active attacker behavior and malware, including pinpointing undetected gaps, to test if existing precautions are able to withstand seemingly unsuspicious attacks," Leung says.

In just two months, BEA was able to deploy MSV to support three use cases. The first was to validate the Bank's existing security controls with recent real attack patterns. Then, MSV tested the security strength of each of its security products at the evaluation stage. The platform also ran suspicious files from a self-contained sandbox to analyze and identify potential vulnerabilities, such as malware or ransomware, with destructive behaviors.

By leveraging the information that MSV provides, BEA enhanced its cybersecurity assessment process. It also streamlined its validation tasks by prioritizing the threats it wants to test, thus increasing the effectiveness of threat assessments. MSV is also able to access and emulate the breadth and depth of attacker tactics, techniques, and procedures (TTPs), allowing the Bank to automate its MITRE ATT&CK evaluation for continuous improvement of its security standards.

With the support of MSV, the attestation process at the Bank has improved by 50%, from 15 working days to just 8 working days on average.

A continuous journey of security enhancement

Security is an ongoing effort, and BEA is always enhancing its governance and security controls toward new risk vectors. The Bank is also looking into ways that generative AI can help improve its cybersecurity defenses by responding more effectively to evolving threats.

BEA is empowered with new cloud technologies like AI to uplift its security capabilities and is always in discussions with the Mandiant and Google Cloud teams. From advanced threat detection, where generative AI algorithms can identify anomalies that may go unnoticed by traditional security measures, to intelligent security analytics that automates and analyze complex datasets to identify patterns and trends, the possibilities are vast. BEA is ready to embrace these new opportunities.

"With people at the heart of everything we do, cybersecurity will continue to be a priority and an ongoing journey for us as we work with the latest technologies in the market," says Leung.