Situation
NCC Group worked with a large international financial services organization with a large portfolio of digital offerings, ranging from:
- Customer-facing banking-related applications
- Commercially orientated applications
- Exposure of financially related APIs to be consumed by third parties
At a Glance
Organization: International Bank
Industry: Financial Services
Challenge: Testing of security posture to ensure that customer’s information was protected
Solution: Comprehensive Cyber Security Review (CSR) across all regions
Result: Collaboration between NCC Group and the organization ensured fully integrated cyber security knowledge and provided greater visibility of potential vulnerabilities
Challenge
Given the high value of the information on which the applications operate, the client required the integration of security testing at various points within a rapidly moving development lifecycle. A breach in any of the applications would likely attract large regulatory fines and a damaged reputation. NCC Group provided the necessary expertise at the optimum parts of the development processes to provide high-value assurance activities on critical applications.
The client engaged NCC Group to conduct CSRs of all their regions leveraging the National Institute of Standards and Technology NIST Cyber Security Framework (CSF). NCC Group stood up a global but local team that was centrally managed but staffed locally to align regional culture and language requirements. Planning and client communications were handled centrally to ensure NCC Group consultants functioned as a cohesive voice.
Solution
Consultants from NCC Group were integrated into the development lifecycle of the applications, providing consultation to the different teams at various points. This included:
- Review of design patterns and architectural collateral
- Assessment of the implementation to identify potential vulnerabilities
- Consulted with developers to ensure security requirements were captured and documented
- Provided security assurance and penetration testing on new and existing assets
- Helped the client understand the security implications of legacy or pre-existing solutions
Result
We integrated our deep cyber security expertise into the client’s development teams and processes to provide a rapid acceleration of cyber security knowledge.
As a result, the client gained greater visibility of security-related vulnerabilities and issues at an earlier stage of the development process, making remediation more effective and reducing the overall risk to the organization's brand and clients. Our experts worked collaboratively with the client to provide the necessary skills and expertise at the optimum point.
NCC Group exists to make the world safer and more secure.
As global experts in cyber security and risk mitigation, NCC Group is trusted by over 14,000 customers worldwide to protect their most critical assets from the ever-changing threat landscape.
Get Started on Your Cyber Security Journey
Our experts are ready to help you stay ahead in a constantly changing threat landscape. Contact us today to learn more about what NCC Group can do for your organization's unique cybersecurity needs.