Egyptian Bank Depends on Forcepoint to Assist in Bridging the Digital Divide

Pushing the technological envelope to better serve customers has made this Egyptian bank an award-winning growth leader in the country’s financial sector. But the bank’s leadership in digital banking and concurrent mission to provide financial services to underserved, less technologically savvy customers also means the private bank must take data security more seriously than ever before.

The bank’s philosophy is simple: its customers come first in every instance. Protecting customers from cyberthreats is just as important to Egypt’s largest private-sector bank as making their day-to-day finances easier through digitization and the availability of online and mobile banking services.

“People are the cornerstone on which our strategy is built—brick by brick, byte by byte, transaction by transaction, day in and day out,” said the CEO.

Using technology to offer a financial lifeline to underserved customers

The bank was founded in 1975 and today is a publicly traded company offering a full range of financial services which include consumer banking, commercial banking, investment banking, credit cards, mortgage loans, and more.

In recent years, the bank has made it a corporate mission to help bridge the digital divide in Egypt and bring financial services to more citizens in a country that ranks just 94th in the world in GDP per capita.

This mission has seen the bank invest and participate in wide-ranging projects like the promotion of financial literacy and affordable financial products in poorer segments of Egypt’s population, partnering with other banks in the African Union and European Union in the cross-regional Digital Economy Task Force (DETF), and sponsoring Business Women of Egypt 21 (BWE21), a non-profit supporting women entrepreneurs launching small and medium-sized businesses.

But a greater reliance on technology and a commitment to helping some of the most vulnerable people in Egypt means that the bank must constantly protect itself and its customers from the latest cyberthreats. The bank recently turned to Forcepoint to help deal with the emergence of a new threat vector targeting its email communications.

Wanted: flexible, people-coaching solutions for evolving email threats

The bank has long relied on Forcepoint for web and network edge security. But more recently, it has seen an uptick in email-based avenues of attack, including executive-level targeted phishing attacks and zeroday attacks via emails sent to its nearly 6,000 employees. With the personal and financial data of more than 1 million retail and commercial customers at stake, the bank turned to Forcepoint for an email security solution to protect its highly targeted business from spam and phishing attempts. Because of the sensitive information it deals with on a daily basis, the bank also wanted to make sure it was protected from even the most advanced types of malware, like zero-day threats. The bank expanded its security posture to include sandboxing to protect the organization from as-yet-unknown threats.

The bank’s tall order called for 99% spam detection as part of a service level agreement (SLA) with its email security provider. And the bank had another big ask—the inclusion of a customized phishing education feature in the solution that would proactively coach users to adopt best security practices and become more security-aware with email communications.

A 95% reduction in email attacks and a perfect zero for zero-day attacks

The bank and Forcepoint built a solution to counter the rise in emailbased threats that integrated Advanced Malware Detection (AMD) with the Forcepoint Web Security and Next Generation Firewall (NGFW) protections the bank was already running and deployed Forcepoint Email Security for the first time.

The integration of AMD across all three products was key to taking the bank’s security to the level it was seeking, said Forcepoint account executive Wagdy Mostafa. Forcepoint’s core solutions first assess the broader context of an internet transaction for potential indicators of compromise. After performing static analysis of suspicious files, AMD can perform the deep behavioral analysis necessary to identify zero-day threats, phishing attempts, ransomware, and other modern malware.

“Deep content inspection reveals highly evasive zero-day threats with no false positives,” Mostafa said.

The upshot: the bank has experienced complete protection from zero-day attacks since integrating Email Security and AMD. Overall cyberattacks have dropped by 95%, spam has been correctly identified and quarantined at the 99% rate proscribed by the SLA, and Forcepoint’s malware sandboxing approach has delivered 100% detection rates. As part of the Email Security implementation, employees are alerted to possible phishing attempts and coached continuously in better identifying and avoiding them in the future.

A golden ticket to ROI, growth, and digital innovation

The IT security team is also finding it easier to collect, analyze, and report incidents, trends, and overall data security health with Forcepoint’s realtime reporting tool. Management is also able to present findings to the board of directors to demonstrate where ROI is accruing as a direct result of integrating Forcepoint products.

Most importantly, the more robust data protection posture has helped the bank retain customer and community trust as it adds to its track record of growth, digital product innovation, and making the banking industry in Egypt more inclusive.