Group-IB x Banca Mediolanum Success Story

Company mission

Banca Mediolanum is bringing change to the traditional banking market that goes well beyond technology by offering families a new kind of freedom: “Freedom in Banking.” This commitment means offering comprehensive, reassuring, and transparent financial solutions through innovative yet easy-to-use technological solutions.

Background

Banca Mediolanum must manage complex IT infrastructures in several different nations and business segments. As a result, the enterprise has a wide range of websites, services, mobile applications, and other assets to inventory, manage, and protect.

Of course, Banca Mediolanum’s network perimeter is not static–on the contrary, it is constantly expanding. Many different teams update infrastructure and create new resources. This makes it difficult for IT and InfoSec teams to maintain complete visibility on all external-facing assets. While vulnerability assessments, penetration tests, and other traditional security practices are very useful, they can only be applied to known assets.

Banca Mediolanum’s real challenge is to discover the unknown unknowns: that is, to identify all of the assets which are not currently known to the organization. With a rapidly-expanding security perimeter, it’s necessary to perform constant discovery to ensure that all external-facing assets are inventoried, managed, and secured.

Why Group-IB

When performed manually, the process of hunting for shadow IT and other unknown assets is complex and time-consuming. Additionally, because new assets are being deployed all the time, the task must be completed at regular intervals to ensure complete visibility.

To streamline and automate this process, Banca Mediolanum deployed Group-IB Attack Surface Management. By continuously discovering Banca Mediolanum’s external attack surface, the solution provides a comprehensive view on shadow IT and misconfigurations.

Attack Surface Management also inventories all external assets, checks for vulnerabilities, evaluates the risk level of each asset, and prioritizes remediation tasks. With the most urgent vulnerabilities already identified and highlighted, Banca Mediolanum’s security personnel can make the most high-impact remediations first. As issues are addressed, the issues are marked as solved on the product dashboard and the risk scores are updated in real time.

By providing automated, continuous monitoring and discovery, Attack Surface Management dramatically reduces the amount of time that IT and InfoSec teams need to spend on asset discovery. Security personnel are able to focus on high-priority remediations, thus enabling busy teams like Banca Mediolanum to produce significant results with a minimal investment of time and resources, which in turn ensures a measurable ROI.

About Attack Surface Management

Group-IB Attack Surface Management is an intelligence-driven SaaS solution designed to discover, analyze, and manage the attack surface of complex infrastructures from one, easy-to-use interface. The solution provides full visibility on all of an organization’s external-facing assets, including shadow IT and forgotten infrastructure, and identifies the assets that may be at risk. Vulnerabilities are assigned a quantitative risk score and prioritized based on the urgency of remediation.

Unlike other products, the Group-IB solution goes beyond a basic inventory of IT assets to incorporate data points collected by Group-IB’s industry-leading threat intelligence. These insights map IT assets to real threats, such as mentions on underground forums, credential dumps, botnet activity, malware research, and communications with C&C servers used to launch attacks. Alerts are issued for high-priority items and critical vulnerabilities.

As issues are addressed and solved, they are removed from the dashboard’s view but remain tracked to enable customers to monitor their progress over time. Attack Surface Management also provides a comparative analysis dashboard that allows customers to see how their security posture stacks up against that of other companies in the same region or industry. An advanced reporting feature makes it easy to export data and demonstrate real value to stakeholders.

Business outcomes for Banca Mediolanum

Group-IB Attack Surface Management produced a number of measurable outcomes for Banca Mediolanum. With increased visibility on all external assets, as well as information about potential vulnerabilities, Banca Mediolanum’s MTTP (mean time to patch) was significantly reduced. In addition, Banca Mediolanum saved hundreds of labor hours that the InfoSec, IT and GRC teams would have otherwise needed to spend on hunting for shadow IT and inventorying assets.

After deploying Attack Surface Management, Banca Mediolanum also experienced a dramatic increase in cross-team communication, in particular between the IT and InfoSec teams. Moreover, technical teams were able to communicate more effectively with business-focused teams.

For example, the InfoSec team was able to show the bank’s infrastructure mapped geographically in terms the operations team could easily understand, helping to raise interest, support and budgets. Ultimately, this mutual understanding helped to bridge the gaps between Business teams, IT and InfoSec, resulting in cross-functional collaboration, increased efficiency, and a much stronger security posture for Banca Mediolanum.