Safeguarding global banking operations with AI-driven security

SUMMARY

Serving 1.3 million customers and generating revenues of €1.34 billion, this leading European co-operative bank operates under a globally dispersed footprint with a network of 475 branches, including 75 in overseas territories. European banks are a top target for cybersecurity attacks, and this co-operative bank needed a modern, resilient cybersecurity solution to protect its customers, staff, and diverse portfolio of services.

Previously, the bank’s security teams relied on two siloed, disconnected endpoint security tools to safeguard 10,000 endpoints worldwide. This created blind spots across the bank’s security operations (SecOps) estate, making it harder to detect sophisticated threats and consuming security operations centre (SOC) resources. Now, a consolidated Palo Alto Networks platform of Cortex XDR^® and Cortex XSOAR^® unifies security visibility, increases automation, and accelerates case response.

RESULTS

85%

reduction in security issues

3x

faster response to cases

CHALLENGE

Fragmented security tools limited visibility and control

The bank’s separate, fragmented endpoint security tools were struggling to safeguard its global endpoints, including Windows and Linux PCs and servers. This impacted productivity: for example, several separate consoles had to be monitored, and there was no automated correlation between the workstation and server logs. The bank needed to:

Increase operational efficiency
Improve case response time
Modernise security operations

“Cyberthreats don’t distinguish between borders. We wanted to modernise our security operations, introducing connected, agile security to intelligently analyse malware behaviour, protect legacy systems, and stop advanced attacks.”

Operational security manager, a European co-operative bank

SOLUTION

Securing assets across the globe

By unifying security operational defences on one consolidated platform, underpinned by Palo Alto Networks Cortex XDR and XSOAR, the bank is managing the end-to-end SecOps case response process faster and more easily.

Palo Alto Networks was the partner of choice for this strategy: “We wanted to consolidate around a pure-play security expert. We were already using Palo Alto Networks firewalls and VPNs for remote access. It made sense to connect the network and security operations platform to create one connected infrastructure,” says the bank’s operational security manager.

“Without Cortex, we would probably need more people on the team. It allows us to standardise processes across products, teams, and use cases. Most importantly, it closes the loop on threats throughout the attack lifecycle.”

Operational security manager, a European co-operative bank

“We wanted to consolidate around a pure-play security expert. We were already using Palo Alto Networks firewalls and VPNs for remote access. It made sense to connect the network and security operations platform to create one connected infrastructure.”

Operational security manager, a European co-operative bank

“Cortex XDR is predominantly used to block malware and detect suspicious behaviour. It is also very useful for responding rapidly to emerging threats, using features like script execution on multiple machines, remote connection to endpoints, and the powerful search language.”

Operational security manager, a European co-operative bank

“What amazed us about XSOAR is the ease of use. You don’t need any programming language knowledge to start getting results fast. It is so intuitive and easy to use. It also interfaces with multiple security editors out of the box.”

Security engineer, a European co-operative bank

Accelerates response times

Using Cortex with other security operations initiatives, the bank now responds three times faster to cases, while the volume of issues has dropped from 700 per month to less than 100, an 85% reduction.

The operational security manager comments, “Cortex XDR is predominantly used to block malware and detect suspicious behaviour. It is also very useful for responding rapidly to emerging threats, using features like script execution on multiple machines, remote connection to endpoints, and the powerful search language.”
Supercharges SOC capabilities

Cortex XSOAR is seamlessly integrated with Cortex XDR to reduce the response load on the SOC analysts. Playbooks are deployed to orchestrate multiple actions.

“What amazed us about XSOAR is the ease of use. You don’t need any programming language knowledge to start getting results fast. It is so intuitive and easy to use. It also interfaces with multiple security editors out of the box,” says one of the bank’s security engineers.