Challenge

Organization profile

The Central Bank of Egypt (CBE) is a regulatory body which coordinates the stability of financial services provision in the country. Also, one of its tasks is to minimize the risks and threats on sectorial capabilities that may result in financial and reputational damage.

Situation

Egypt is one of the fastest growing economies in Africa and the Arab region and its financial sector has been expanding rapidly via the focus on modernisation of financial ecosystem, inclusion, and digital banking. The fast expansion has brought an increasing number of cyber-attacks targeted at financial institutions. The Central Bank of Egypt wanted to enhance sectorial cybersecurity resilience by establishing Financial Computing Incident Response Team (EG-FinCIRT). The team is the first sectorial computer incident response team in the country. Moreover, it is one of the first sectorial cybersecurity response teams in Africa and the Arab region.

NRD Cyber Security experts have assisted CBE in the establishment of EG-FinCIRT for the financial sector in Egypt as well as deployed technology that achieves maximum cyber visibility. The services provided included vision and blueprinting of the team, designing and setting-up procedures and processes and assistance in the process of personnel training.

Solution

Project scope

To have maximum cyber visibility, EG-FinCIRT required a centralized technology solution which could detect threats and enable the regulator and its constituencies to have access to the same data and react quickly. NRD Cyber Security has provided EG-FinCIRT with NRD CollectiveSight platform. Moreover, the company has assisted with technology deployment and development of additional capabilities, testing and installation.

Why NRD Cyber Security and CollectiveSight?

NRD Cyber Security has a proven record of CSIRT/SOC establishment and has successfully deployed CollectiveSight platform for other financial institutions around the world. Differently to other threat monitoring technologies, CollectiveSight is a flexible solution and works in multi-stakeholder environments, especially in sectorial or National Critical Information Infrastructure protection area. Furthermore, the solution has been created by integrating NDR and perimeter defence elements not only to collect data, but also to correlate it and as a result achieve greater total visibility. The system also comes with predefined automated alerts to help analysts detect threats on time. 

Impact

CBE expects EG-FinCIRT to work as a hub for computing security incident management competencies for all the banks in the country, hence, building cybersecurity resilience for the whole financial sector. EG-FinCIRT is expected to work as a leading sectorial cybersecurity, incident response and coordination team. CollectiveSight will help the team to achieve maximum cyber visibility via a centralized and proactive approach towards threat monitoring.

Key features and benefits of CollectiveSight solution for EG-FinCIRT:

  • Data localisation: processed data is kept at the source, thus avoiding legal issues which may occur if the 3rd party hosted sensitive data (e.g., personal data, regulated data). Due to CollectiveSight, EG-FinCIRT is capable of building trust with other financial institutions by respecting their data residency and ownership.
  • Better sectorial incident handling: faster identification and analysis of incidents due to more specific sectorial context available for the analysts who inspect security events. EG-FinCIRT’s analysts are empowered to triage incidents with reliable and credible information.
  • Early Warning signals: incidents happening across the sector from the same threat actors are identified and communicated faster. Time to detect new threats across the sector is drastically decreased.
  • Effective incident management: same taxonomy, processes, and automation are used. Therefore, time to resolve incidents is reduced due to improved coordination.
  • Curated CTI: centrally curated cyber threat intelligence indicators reduce cost and errors in incident identification and analysis for all financial organisations.
The cookies are used on this website to improve your browsing experience. Some of the cookies are essential, while others help us to obtain data about how this website is used and to improve your experience. If you agree to the use of all cookies, please click "I agree", otherwise, please click on "Cookie settings" and select which cookies you agree to use. For more information on the use of cookies, please refer to our Cookie Policy.    I agree    Cookie settings
©