How a German Bank Reduced Cyber Threat Detection Time From Weeks to Minutes With AI

Traditional cyber security plans have included mechanisms like firewalls, intrusion detection and prevention, anti-virus software, patch management and round-the-clock monitoring. When used in tandem, these methods provided a reasonable level of security to businesses.

But cyber threat actors have upped the game, and these traditional methods are no longer enough.

Download our free ebook, Enterprise Action Plan for a Ransomware Attack

Learn about the latest cyber threats and get a framework to design your cyber security action plan.

Cyber criminals are intent on creating more vicious and impactful cyber threats that go undetected and cause the most impact by leveraging the latest technological advances to build viruses and malware that traditional cyber security measures cannot detect.

The only way businesses can retaliate is by using the same technologies like AI and blockchain to protect their businesses.

How a German Bank Modernised Their Cyber Security System and Cut Workload By 36X

DZ BANK serves as the central institution for more than 900 cooperative banks in Germany, with €506 billion in assets and 30,000 employees across Europe, Asia and the United States.

Cooperative banks serve Germany’s many small- and medium-size businesses as their central credit institution and provide access to capital markets.

The Bank wanted to move away from a traditional cyber security system to one that was more responsive, agile and could detect unknown threats.

Senior services manager Matthias Tauber says,

“Classical prevention systems like firewalls and intrusion detection and prevention systems don’t cover advanced persistent threats or anomalous behaviour in the network. Signature-based systems only detect what they know, instead of what they missed.”

Tauber and his team benchmarked the financial institution’s security posture against the NIST cyber security framework and said, “We identified that we had a gap in detecting advanced persistent threats and anomalies in the network.”

DZ BANK worked with Vectra to implement an AI-driven cyber attack detection and threat hunting platform called Cognito.

The AI model leverages human expertise along with data science, machine learning techniques and behavioural analytics to automate manual, time-consuming threat hunting and response.

The algorithm is always learning from behavioural models, and that enables it to detect attacks in real-time for quick, decisive response and a logical investigative starting point.

As the AI analyses enriched network metadata, relevant logs and cloud events — not payloads or communications content — DZ BANK automatically detects advanced threats in real-time while complying with strict privacy laws.

Tauber says that now they can “see behaviours in the grey areas. If we see suspicious activity, we can check out what’s happening around the client.”

Although deployed for threat detection, the AI tool quickly became essential for detecting insider threats. For example, it can detect when someone is working from an unauthorised computer or remote command-and-control behaviours, which could mean a compromised account or unapproved work.

The AI cyber security platform condensed days and weeks of threat hunting into minutes, which reduced the security operation’s workload by 36X.

AI is the most powerful tool yet for threat detection in real-time and speeding up incident response while reducing workloads.

Sign up for the Oxford Cyber Security for Business Leaders Programme to learn how to strengthen your cyber operations and architectures and take your organisation to the next cyber maturity level.

Oxford Cyber Security for Business Leaders Programme is delivered as part of a collaboration with Saïd Business School, University of Oxford and Esme Learning. All personal data collected on this page is primarily subject to the Esme Learning Privacy Policy.


© 2021 Esme Learning Solutions. All Right Reserved.