Leading Bangladeshi bank achieves new heights of information security with LogRhythm

As one of the largest banks in Bangladesh, BRAC Bank is committed to building a financial ecosystem that contributes to a more democratic and poverty-free country. They serve more than two million retail, corporate, and SME business customers through a variety of channels, including a growing portfolio of customer-centric digital products. BRAC Bank continues to undergo rapid digital transformation to meet customers’ needs of the day and is entrusted with an exponential amount of customer and corporate data. To establish their reputation as a trusted institution and secure operations across their entire network, BRAC Bank became the first bank in the country to implement the LogRhythm NextGen SIEM Platform.

The Business Challenge

New risks from scaling technology

The increased adoption of technology posed new threats for BRAC Bank. In the process of scaling their technology, underlying and unidentified system vulnerabilities emerged and were amplified. At the same time, the rising number of logs meant that the team could no longer afford to rely on manual processes, as it had always done, to collect and analyze log data. It was too time-consuming, difficult to manage, and ultimately, not effective enough to monitor their network in real-time.

BRAC Bank could not afford to leave any vulnerabilities unchecked. If exploited by opportunistic cybercriminals, this could lead to severe financial and regulatory impacts and an utter loss of customer confidence. 

With that, the team realized the urgent need for a security information event management (SIEM) solution. This would offer an intuitive, automated solution that provided real-time monitoring across their entire network, and ensure a secure and compliant IT estate.

Organisation

BRAC Bank Limited

Members

9,000 staff

Key Impacts
  • Achieved full security visibility across the entire IT landscape
  • Pioneer in information security in Bangladesh, as the first bank to adopt a SIEM solution and attain ISO 27001:2013, ISO 18788:2015, and PCI-DSS certification
  • Reduced detection and response times

The Solution

Single pane of glass visibility

Following an extensive evaluation process by multiple stakeholders, BRAC Bank selected LogRhythm’s NextGen SIEM Platform. They were sold on LogRhythm’s stellar track record for continuous innovation and laser-sharp focus on SIEM solutions and also took into consideration user feedback and existing market reviews. Some key determining factors included scalability, ease of implementation, and confidence in their security architecture.

From the very first day of adoption, the Information security team at BRAC Bank benefited from increased visibility across their entire network. There was little downtime required to integrate the LogRhythm NextGen SIEM Platform with existing log sources, and users could organize and process information faster and more effectively than before.

Enhanced Incident Response

LogRhythm SIEM Dashboard

Since the implementation of the SIEM solution, BRAC Bank has seen a reduced mean time to detect (MTTD) and mean time to respond (MTTR) to threats. This is especially valuable given the bank’s extensive and unmatched network of branches, ATMs, offices, and delivery points. With end-to-end visibility across this entire IT infrastructure, the security team is now empowered to respond and investigate incidents with greater ease.

Beyond this, BRAC Bank has also seen a massive leap in its investigative capabilities. They leverage LogRhythm’s security orchestration, automation, and response (SOAR) solution, SmartResponse™, to automate tasks and streamline efficiency across their security response workflow. This means tapping on prebuilt and customizable features like an AI Engine, rules, alarms, and dashboards to help organize and funnel the relevant data to the right teams. In turn, they can respond more quickly and remediate threats like phishing, malware, or ransomware attacks.

The next level of maturity

For financial institutions like BRAC Bank, ensuring the highest level of information security will always be a priority. Cybercriminals will always target these high-value organizations, and banks must be prepared with flexible solutions to defend against the next wave of cyberthreats.

Together with LogRhythm, BRAC Bank has introduced a new level of maturity into their security landscape with the help of OneWorld InfoTech. They are the first, and only Bangladeshi bank awarded with ISO 27001:2013 certification for Information Security function, as well as ISO 18788:2015 certification for Security Operations Management System. BRAC bank is also a PCI-DSS-certified organization.

“LogRhythm has been an invaluable partner as we commit to deepening our digital capabilities and security infrastructure. The whole process, from onboarding to implementation, has been seamless for our team members from the start, and we continue to receive support and guidance whenever we need. Since partnering with LogRhythm, we have experienced a dramatic reduction in mean time to detect (MTTD) and mean time to respond (MTTR), and are more agile in our incident response. As we scale our digital initiatives in line with our customers’ needs, we look forward to working more closely with LogRhythm to develop our security roadmap.”
Brac Bank_Zahid-ul Haque
B.M. Zahid-Ul Haque
Senior Vice President & Head of Information Security, BRAC Bank Ltd
About LogRhythm

LogRhythm helps busy and lean security operations teams save the day — day after day. There’s a lot riding on the shoulders of security professionals — the reputation and success of their company, the safety of citizens and organizations across the globe, the security of critical resources — the weight of protecting the world.

LogRhythm helps lighten this load. The company is on the frontlines defending against many of the world’s most significant cyberattacks and empowers security teams to navigate an ever-changing threat landscape with confidence. As allies in the fight, LogRhythm combines a comprehensive and flexible security operations platform, technology partnerships, and advisory services to help SOC teams close the gaps. Together, LogRhythm is ready to defend. Learn more at logrhythm.com.

Explore LogRhythm Case Studies

Comments are closed.