Fortifying the foundation of the digital economy

Financial services companies are 300 times more likely than others to be hit by a cyber attack, according to the Boston Consulting Group (2019). And if that were not enough, the cost of cybercrime for financial services is 40% higher than for other sectors. Indeed, attackers are placing their sophisticated efforts where the money is.

Attacks are not always targeted, however. One challenge for financial companies is closing the vulnerable backdoors that hackers often infiltrate in order to reach the bigger payoff. This weak spot could be a smaller branch office or a third-party services supplier. As one consulting firm points out, "Even an attack against a midsize bank could have a spillover effect, causing a threat to the solvency of a top-five institution."

Looking to mitigate business risk, a tier-one global financial institution with nearly $2 trillion assets under management turned to IronNet as an early adopter of behavior analytics to detect unknown threats across its global network.

Traditional types of analysis that detect only known threats (i.e., signatures) no longer were enough for this institution to maintain its risk-averse posture and protect its customers’ long-standing trust.

IronNet’s proprietary analytics enable this customer to stay ahead of attackers’ ever-changing tactics, techniques, and procedures. By using IronDefense to identify malicious or suspicious activity on its network, this company can spot abnormal activity such as credential phishing attacks, DNS tunneling, and sudden or large data loss.

Relying on IronNet as a strategic partner as it begins its journey to the cloud, this premier institution can contain risk and protect its well-known Fortune 500 reputation. Each month, IronNet threat detection ingests approximately 1 million flows of data, with 21,000 alerts detected, 50 high-severity alerts created, and 18 actionable findings as a result of IronNet threat investigation and analysis.

Comprising elite cyber hunters, the IronNet CyOC regularly escalates its findings to the customer’s own SOC team, in turn gathering feedback on findings from the SOC. In the spirit of real-time collaboration, the IronNet-customer relationship engenders unique collective intelligence around correlated detections and provides the human insights needed to allow the SOC to pivot quickly to triage. In fact, the company has tightened security controls and made policy changes as a result of escalations.

In addition to increasing visibility of threats and improving the effectiveness of the SOC, these detection and correlation capabilities help cut down the alert fatigue that plagues many SOC analysts, who typically are bombarded by unvetted anomalous activity. The IronNet analysts investigate and qualify automated detections so the customer's SOC team can speed up its response to malicious threats and secure the network.

Committed to innovation in a typically “status quo” sector, this customer supports the vision of Collective Defense as a member of the Financial and USA IronDome. In fact, many financial institutions understandably question whether Collective Defense undermines their competitive advantage working with competitors in a collaborative way to strengthen security. By contrast, by facing common threat actors as a unified front, collaborators can weaken adversaries who often probe interconnected sectors or ecosystems looking for points of entry. Once in, they move laterally, either seeking to cause destruction or to gain covert access for later use. In this way, Collective Defense is protecting not only this single institution — but the digital economy at large.

Customer story:

Global financial firm looks to IronNet’s cybersecurity analytics to mitigate risk

Industry:

Challenge:

Why IronNet:

Broadening visibility of the vast threat landscape

Best-in-class analytics

Bringing the vision of Collective Defense to life

Learn more about the power of IronDome