Global Tier 1 Bank

Anti-Phishing Automation

Global Tier 1 Bank – Anti-Phishing Automation
Global Tier 1 Bank – Anti-Phishing Automation
21/01/2020 MHC
user deployments successfully completed
deployment batches completed
countries within the project scope

Client Problem

MHC’s Tier 1 Investment Banking Client had obligations to regulators to enhance the handling of suspicious phishing emails, which are a major source of cybersecurity breaches. The project was to improve automation by deploying an MS Outlook plugin to the desktop of each of the bank’s staff worldwide.

MHC Approach

MHC’s approach was to integrate a third party tool with the client’s in-house investigation and case management systems including complete end-to-end testing of the handling of a suspicious email’s journey.

A comprehensive test pf the third party tool to ensure that it worked as intended.

Show More
Testing the functionality provided by the third party company highlighted some major deficiencies in the way that the forwarded emails were processed and how the corresponding data was made available to extract. This necessitated remedial action by the third party, including a rewrite of the API.

Develop code to extract information from the third party portal and transfer the data to in-house investigation and case management systems.

Test the full end-to-end process of handling of a suspicious email including identification, analysis and case management.
Show More
The four core stages were to isolate the suspicious email, forward it to the third party tool for risk rating, return a safe copy for investigation and create a case for each instance of an attempted phishing attack.

Deploy the tool to user desktops worldwide via a controlled roll out.  The Bank had in excess of 280,000 users in excess of 80 countries, many with specific regulations that necessitated different approaches.
Show More
A global package was created and a test of the deployment and roll back in each region was undertaken.  The deployment was then phased with automated deployment batches created in each region starting with smaller pilot groups, with success measured at each stage and remedial action taken where necessary.

Project Outcome

The successful implementation of the new tool across the worldwide user base significantly improved the Bank’s anti-phishing capability.

The user’s experience was significantly simplified and enhanced, with suspicious emails automatically reviewed and risk-rated and feedback provided to the user.

Automatic integration with the case management system including the safe extraction of email artefacts improved the efficiency and efficacy of the analysis process.

The ability to automatically enrich each case with data from the third party tool provided improved analysis on the nature and sources of phishing attacks allowing for improved automatic identification of future instances.

 

000

Related Insights

Case StudiesService: Payments
Payments Sevice Strategic Review and Implementation of Replacement Platform
ArticlesService: Cyber security
Email Phishing Protection
Email Phishing Protection
Case StudiesService: Cyber security
Global Tier 1 Bank – Cyber Security Operations Automation