case studies

How a regional banking giant secures 8,000+ public cloud resources and ensures continuous compliance through data

Our client is one of the largest banks in the ASEAN region, providing a full suite of products and services for both the retail and corporate markets, such as lending, deposit, brokering, investments, credit card, and remittances.

HM Solution Stack

Cloud Compliance Management
Cloud Configuration Management
Cloud Posture Management
Cloud Vulnerability Management

all with continuous asset management, context management, change management, and alert management. Read more about our CSPM solution here.

The Challenge

Our client accelerated digital transformation by leveraging the public cloud, offering new suites of digital products and services. While the cloud enabled speed, growth, and scale for the business, our client was concerned with the cloud’s impact on security and compliance.

They were aware that misconfigurations and human errors are one of the top causes of security issues and risks.  They were also aware that while there are many cloud security solutions in the market, they did not want to purchase additional tools and licenses to manage.  More importantly, they wanted holistic and actionable intel about their cloud security in the context of their organization’s security goals.

Human Managed was engaged to improve their cloud posture through data, in the context of their organization’s security goals.

The Solution

The Human Managed platform continuously collects policy, configuration, and check data from the client’s AWS and Azure cloud accounts, runs distributed pipelines of data analytics (structure, enrich, compute, etc.), to generate on-demand reports and notifications with contextualized and prioritized intel on cloud misconfigurations and organization-level cloud posture.

From the same dataset, we also provide value added and related intel such as vulnerabilities detected on the cloud resources, and cloud compliance against industry benchmarks and frameworks, at no additional cost to the client.

image.png

input

  • Data on policies, rules, and checks from selected AWS and Azure accounts.
  • The client connected AWS and Azure accounts with the HM platform through API scripts — zero new tools involved.

process

The Human Managed platform orchestrates 44 microservices to deliver data-driven, contextualized, and prioritized Cloud Security Posture Management service.

output

Key outputs for the CSPM services in our report, notification, and dispatch include

Insights:

cloud assets, cloud controls, cloud misconfigurations, cloud vulnerabilities, cloud compliance

INTEL:

metrics and trends on overall cloud posture score and cloud compliance scores, key performance indicators against client’s internal goals as well as external standards.

DECISION and ACTION:

Recommended steps to fix and remediate prioritized cloud misconfigurations.

The Impact

3
decisions from 8,200+ alerts
100%
critical cloud resources monitored 24x7
4
hours saved per day by eliminating manual triage
  • operational efficiency from data-driven prioritization of 8,200+ alerts per day to 6 contextualized decisions and actions
  • 100% of business critical cloud resources monitored and continuously assessed for misconfigurations against always-current benchmarks, standards, and frameworks
  • data-driven and relational assessments of all cloud misconfigurations, enterprise-wide cloud posture and compliance
  • minimum savings of 3-4 hours per day of manual information consolidation, triage, prioritization of alerts, data analysis, and issue and incident management workflow
  • minimum savings of 1-2 hours per week of manual reporting (from operational to executive)
  • faster response to fix and resolve cloud misconfiguration and compliance issues
  • deployment in weeks, not months.  Minimum 6 months saved, from deployment to operational processes (reduced time for procurement, workshop and meetings, project management, day to day operations including progress tracking)
  • minimum USD100,000 per annum savings from purchasing separate tools for cloud security and conducting regular audits for compliance against multiple and frequently changing standards and frameworks (NIST, SOC2, ISO27001, BSP, etc)
  • improvement to overall data culture throughout the organization, as asset management, context management, change management, alert management continuously improves through data
  • improvement to overall data-driven knowledge base that is contextualized to the client’s unique profile and domain expertise, which can be applied to any other use cases in cyber, digital, and risk problems.

...and many more.

Got data you want to understand?

Get your very own I.DE.A. platform today