#InfosecurityEurope Case Study: Attack Surface Operations at Nationwide

by admin 0 Comments

Security
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn

As the UK’s largest building society, Nationwide has 18,000 users on its IT systems, 400 domains and 750 servers. The business pushes out 25,000 technology changes and updates every year.

As a financial services provider, the society faces an increase in cyber-threats, as well as the need to comply with industry-specific legislation. As a result, the organization is trialing the use of a new team within cybersecurity, specifically to manage its attack surface.

According to David Boda, chief security and resilience officer at Nationwide Building Society, this includes both external and internal risks. Although the society has a wide range of tools managing the attack surface, it wanted a single team to respond to risks.

“It is about being threat led, looking at all of the attack surface with a dedicated, ring-fenced resource to work proactively on things that will have the greatest impact in reducing our risk exposure,” he told Infosecurity Europe 2023 during the closing keynote.

“We are looking for what is really going to move the dial on risk exposure, what is going to make a difference and give a real return on investment.”

Read more from Infosecurity Europe: Financial Firms to Build Resilience in Face of Growing Cyber-Threats

Nationwide plans to provide the attack surface operations team with a “digital twin” of the organization. This will take data from its security tools and create a digital version of its technology.

“This allows us to have a more interactive visualization to work out how our assets fit together and how our data flows,” Boda said. “This can be really valuable to help us map our attack surface … it could also help us during an incident.”

The new team will also carry out deep-dive reviews of the society’s technology and identify where security could be improved.

In particular, Boda hopes the new unit will generate a better return on investment from existing security spending, for example by discovering security features that have been shipped but not implemented when applications or tools were upgraded.

The teams’ other goals will include prioritizing and delivering remediation activities, and putting in place changes that will help the Security Operations Centre (SOC) with incident response.

“The outcome will be to make the SOC’s job easier and the attackers’ job a lot harder,” Boda said.

Nationwide plans to have the new team in operation later this year.

Editorial image credit: monticello / Shutterstock.com

This article was originally published by Infosecurity-magazine.com. Read the original article here.
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn

Products You May Like

Articles You May Like

eXotic Visit includes XploitSPY malware – Week in security with Tony Anscombe
Bitcoin scams, hacks and heists – and how to avoid them
Russia’s Sandworm Upgraded to APT44 by Google’s Mandiant
How technology drives progress – A Q&A with Nobel laureate Michel Mayor
Severe Flaws Disclosed in Brocade SANnav SAN Management Software

Leave a Reply

Your email address will not be published. Required fields are marked *