Global Bank
Active Threat Analytics - Premier
Cisco Active Threat Analytics Premier provided advanced capabilities that protected
clients’ sensitive financial information and convinced this bank that its in-house security
operations were insufficient.
Customer Profile
•
•
•
A multinational banking and
financial services corporation
based in North America
Large market cap
Realized its current security
capabilities lacked sufficient
sophistication
Solution
•
•
•
Active Threat Analytics Premier pilot
Provided next-generation threat
detection capabilities needed for large
financial institutions
Proven tools and processes for incident
response that improved the bank’s threat
visibility
Key Takeaways
•
•
•
The pilot’s success led to the
purchase of a one year Premier
subscription
A 97.6 percent average monthly
reduction in redundant security
events and alerts
An average of more than 250
monthly hours saved for customer
analysts and investigators
Security Challenge
This multinational bank needed to protect its clients’ sensitive
financial information and comply with financial industry
regulations. To accomplish these tasks, the bank already had inhouse security operations with what they felt already had robust
security capabilities. At first, the bank was satisfied with the
results of its own security capabilities and did not see the value
in purchasing security services from a vendor.
This contentment changed, however, when the bank spoke
with Cisco and observed a demonstration of the advanced
capabilities of Active Threat Analytics Premier. The bank
realized that the security operations it built lacked the nextgeneration sophistication needed to wholly protect the valuable
and sensitive financial information it housed. Following the
demonstration, the bank realized it was challenged specifically
by:
• Low threat visibility into IT infrastructure due to a basic security toolset
• An outdated operational incident response
methodology that was behind in its ability to fully maintain
property security posture
Cisco Solution
Cisco provided a six-month pilot of Active Threat
Analytics Premier. This tier of Active Threat
Analytics was the optimum solution because the
bank recognized its current security gaps and
the sensitivity of its data, its need for cuttingedge technologies, and wanted to experience the
benefits that the service offered.
Much of the bank’s initial challenges were directly
related to the limited functionality of its internal
security operation center. Active Threat Analytics
Premier includes proven, efficacious advanced
and next-generation security tools and processes,
which directly address the bank’s difficulties
with upgrading its own operations to meet the
requirements needed in today’s complex threat
environment.
Active Threat Analytics Premier includes security
technologies that enable advanced incident
response and high visibility of the threat detection
procedure. This visibility is accomplished with
technology that is capable of full packet capture
and proactive hunting that spots threats already in
the bank’s network. The insights provided by Active
Threat Analytics technology are supplemented by
the people, analytics, and intelligence, which work
in tandem to filter thousands of security events to
focus on the key incidents that require immediate
action or remediation.
Business Outcomes
The bank’s CISO described Active Threat Analytics
Premier as uniquely beneficial. Much of the value
the bank received was the holistic delivery of
complex security technologies and expert security
personnel as a single, deployable service. With
Cisco Active Threat Analytics Premier, the bank no
longer needed to spend resources investigating
how to improve or advance its own tools and
operations. The success of the six-month Active
Threat Analytics Premier pilot led to the purchase of
a one-year subscription to the full service following
its conclusion.
The threat detection accuracy of Active Threat
Analytics pinpointed about 2300 unique and tuned
events on average monthly. Of these events, only
about 43 confirmed incidents were directed, on
average, to the university per month. Narrowing
the total monthly security events so significantly
reduced redundant customer investigations and
false alerts by 97.6 percent. For each reported
security incident, Cisco Active Threat Analytics
investigators quickly provided detailed and targeted
mitigation and remediation steps.
The bank saved an average of more than 250
hours per month thanks to Cisco analysts and
investigators who analyzed the company’s high-fidelity events and incidents and simplified the
bank’s investigations.
About Active Threat Analytics
Cisco Active Threat Analytics (ATA) integrates deep expertise with cutting-edge technology, leading
intelligence, and advanced analytics to detect and investigate threats with great speed, accuracy, and
focus. Our expert investigators monitor customer networks 24x7 from our global network
of state-of-the-art security operations centers, providing constant vigilance and in-depth analysis as
a comprehensive security solution.
www.cisco.com/go/securityservices
© 2015 Cisco Systems, Inc. and/or its affiliates. Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other
countries. A listing of Cisco’s trademarks can be found at www. cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company.