Strengthening Cybersecurity: Enhancing Threat Mitigation and Governance for a Major Australian Bank

In response to the escalating cyber threats faced by corporations, our recent project aimed to bolster cybersecurity monitoring and action capabilities for a major Australian bank. By leveraging advanced data analytics for cyber security data, API data strategies, data-driven automation, and AI-powered solutions, we sought to provide actionable intelligence and insights to enhance threat mitigation and governance.

 

Project Details

Our project involved developing sophisticated dashboards to extract insights and actionable intelligence from cybersecurity data. These dashboards enabled the bank to bolster its threat mitigation capabilities against internal and external threats, including cyberattacks targeting employees and contractors.

Furthermore, we implemented an API data strategy for ongoing monitoring and governance. By automatically collecting API data attributes such as authentication mechanisms, internal/external-facing status, and many others, we developed a scoring mechanism to identify and prioritise risky APIs for remediation and ongoing monitoring.

Additionally, we assessed the maturity of various business units (BUs) within the bank based on multiple people, processes, and technology Key Performance Indicators (KPIs). Using these maturity scores, we determined the Next Best Security Action (NBSA) for each BU to improve its cybersecurity posture.

 

Project Goals

• Develop sophisticated dashboards to extract insights and actionable intelligence from cybersecurity data.
• Implement an API data strategy for ongoing monitoring and governance.
• Assess the maturity of various business units (BUs) within the bank and determine the next best security action (NBSA) for each BU.
• Provide guidance on AI and machine learning strategies for threat modelling detection and automation.
• Train and deploy a Q&A bot powered by large language models (LLMs) for threat identification and to provide guidance to improve the BU score.

 

Project Completion

The project was completed through a series of strategic steps, including:

• Implementation of an API data strategy for automated monitoring and governance.
• Development of data analytics dashboards and ETL pipelines using Python, SQL, and Snowflake.
• Assessment of Business Unit (BU) Maturity and NBSA Determination: The evaluation of BU maturity and subsequent determination of NBSA for each BU involved analysing a wide range of people, processes, and technology-related datasets. These datasets encompassed various aspects such as vulnerability management, phishing incidents, Sailpoint, CyberArk, Privas, Endpoint Detection and Response (EDR), malware data, antivirus effectiveness, Identity and Access Management (IAM) practices, SIEM-based event data, and cyber security training completion rates, among others.
• Provision of guidance on AI or machine learning strategies for threat modelling and detection.
• Training and deployment of a Q&A bot powered by Large Language Models (LLMs) for real-time threat identification.

 

Project Challenges

Several challenges were encountered during the project, including integration complexity, customisation requirements, and testing and quality assurance efforts. However, through meticulous planning and collaboration, these challenges were effectively addressed. Some of these challenges are listed below:

• Data Consistency and Accuracy: Ensuring that the data feeding into the metrics is consistent and accurate across all sources is crucial for reliable BU scoring.
• Stakeholder Alignment: Align various stakeholders on what constitutes optimal versus non-optimal scores and agree on the significance and weight of different drivers.
• Scalability: Developing a system that can scale as more BUs or metrics are added or modified.
• User Adoption and Training: Ensuring that all relevant personnel understand how to interpret and act upon the BU score, especially when determining and implementing security actions.
• Real-time Data Processing: Incorporate real-time data processing to update scores dynamically, reflecting the most current state of security measures.

These added layers of complexity would require careful consideration and robust system design to ensure the efficacy and reliability of the BU scoring system.

Project Results

The successful implementation of the project yielded significant outcomes, including:

• Enhanced Threat Mitigation: Improved cybersecurity monitoring capabilities led to better threat mitigation.
• Governance Improvement: Automated assessment of API risk and BU maturity facilitated better governance.
• Data-Driven Decision-Making: Stakeholders gained access to comprehensive insights for informed decision-making.
• Proactive Threat Detection: AI-powered strategies and the Q&A bot enhanced real-time threat detection capabilities.

By strengthening cybersecurity monitoring and governance, our project significantly enhanced the bank's resilience against cyber threats, ultimately safeguarding its operations and reputation in an increasingly digital landscape. Neevista played a pivotal role throughout the project, providing invaluable expertise and support at every stage. Their collaborative approach and deep understanding of cybersecurity principles enhanced the effectiveness and efficiency of our initiatives, ensuring seamless integration and optimal performance of the solutions implemented.

 

Ready to fortify your cybersecurity defences and safeguard your operations? Contact us today to explore how our advanced analytics, AI-powered solutions, and data-driven strategies can enhance threat mitigation and governance for your organisation.