Use case for Access Bank PLC
Access Bank plc is a large financial-services provider. In June 2021, the bank had an asset base in excess of US $25,5 billion (NGN: 10,055 trillion), and shareholders' equity valued at approximately US$1.87 billion (NGN: 775 billion). ~Wikipedia
What to monitor for
- Customer attacks i. Customers publicizing their Bank account details/ unable to maintain confidentiality of the details. ii. Misplaced or stolen credit/debit cards. iii. Customers’ phising/ smishing messages iv. Customers’ vishing calls v. Customers’ stolen phone for accessing USSD code. vi. Forged signature for slip/ cheque withdrawal.
- Employee attack i. Insider ii. Phishing/ smishing iii. Disruption of principle of least privilege
- Infrastructure attacks: Vulnerabilities and indicators of compromise (IoCs)
- General threat landscape
Main point of contact within your organization
- Threat intelligence organization: carry out brand intelligence on the organization
- Fraud: suggest multi-step verification for any transaction, provide quick account deactivation USSD code for stolen devices
- Physical security: provision of security cameras, entry gates, security dogs, guards, presentation and recording of identification card upon entry, restrict access entry to rooms with confidential information
- Security operations center (SOC)/ Cyber monitoring
- Get engaged in Fusion centers
- Risk: pay attention to risk assessments within the organization
- Information security