Threat Intelligence platform—first year results summary

Threat Intelligence platform—first year results summary

BI.ZONE and the Association of Banks of Russia have shared the results of the first year of the cyber-threat data exchange platform in operation
August 29, 2019

BI.ZONE and the Association of Banks of Russia have shared the results of the first year of the cyber-threat data exchange platform in operation. The platform already caters to about 70 financial institutions. According to experts, in the course of the year, the platform helped prevent a total loss of $122 million.

This joint project between BI.ZONE and the Association of Banks of Russia, being a platform designed for the exchange of data on cyber threats, allows users to build effective proactive security in financial organizations. The solution helps to counteract criminal attacks through collaboration between participants, rigorous testing, and the provision of sourced information taking into account industry and regional specifics. Important advantage of this approach is high accessibility at low resource. This platform minimizes cyber risks without a significant rise in security costs, and the information gathered on it caters to banks of any scale.

The participants can access the latest data available: tens of thousands of indicators are automatically added and updated daily on the platform, which help detect a potential threat (indicators of compromise). The data are sourced from all the organizations that subscribe to the Association of Banks of Russia, its technology partners, including FinCERT at the Bank of Russia, the developers of cybersecurity tools, including the international antivirus giant ESET, large telecom providers, BI.ZONE Computer Emergency Response Team, and many more. Under the technological partnership, BI.ZONE and the Association of Banks of Russia are granted access to the ESET Threat Intelligence telemetry service, which has more than 100 million points of collecting information about threats across the world.

Technology is constantly evolving, and the only way to stay ahead of cybercriminals is by joining security efforts. We are glad to see greater attention being paid to cybersecurity globally. The exchange platform for financial institutions in Russia is definitely a step forward for the stronger protection of both banks and their customers, and it beefs up cybersecurity in one of the most sensitive sectors eyed by cybercriminals
Roman Kováč
ESET Chief Research Officer

The benefits of this collaboration were first demonstrated at the Global Cyber Week in Moscow via an online training Cyber Polygon, aimed at exercising international business cooperation in combating digital threats. During the event, three large-scale cyberattack scenarios were played out—massive DDoS attacks, SQL injections, and phishing. In the first part of each scenario, participants were asked to defend themselves single-handedly, in the second, they connected to the data exchange platform and tackled the threats together. In cooperation, the resistance to cyber threats proved to be more than 7 times as effective.

Protection against cyber threats today comes to the fore as all financial market players understand that it is impossible to develop the technological component of their business while ignoring security issues. We are glad that many participants have realized the importance of cooperation when dealing with digital attacks. This tendency is reflected in the number of users connected to the platform and in the surge of data sources. And with this, we urge everyone to unite in the fight against cybercrime
Georgy Luntovsky
President of the Association of Banks of Russia

The use of high technologies by banks is already a mandatory competitive advantage, and the digital banking system is very much influenced by the entire banking sphere. Our bank was one of the first to connect to the platform back in 2018. The platform reveals its full potential once the relative data thereof is loaded into the automated systems of threat mitigation, anti-fraud systems, or SIEM. With a single subscription, we have access to information from a variety of sources, the data itself has already been filtered by the platform administrators, which minimizes the number of false positives. The information about cyber threats downloaded from the platform allows us to counter fraud more effectively and reduces the likelihood of information security incidents
Alexander Baranov
Head of the Information Security Department of SAROVBUSINESSBANK PJSC (VTB Group)