Natrix threat monitoring platform for Egypt's financial sector

Organisation

The Central Bank of Egypt (CBE)

Industry

Financial Sector

Organisation profile

The Central Bank of Egypt (CBE) is a regulatory body which coordinates the stability of financial services provision in the country. Also, one of its tasks is to minimise the risks and threats on sectorial capabilities that may result in financial and reputational damage.

Situation

Egypt is one of the fastest growing economies in Africa and the Arab region and its financial sector has been expanding rapidly via the focus on modernisation of financial ecosystem, inclusion, and digital banking. The fast expansion has brought an increasing number of cyber-attacks targeted at financial institutions. The Central Bank of Egypt wanted to enhance sectorial cybersecurity resilience by establishing Financial Computing Incident Response Team (EG-FinCIRT). The team is the first sectorial computer incident response team in the country. Moreover, it is one of the first sectorial cybersecurity response teams in Africa and the Arab region. NRD Cyber Security experts have assisted CBE in the establishment of EG-FinCIRT for the financial sector in Egypt as well as deployed technology that achieves maximum cyber visibility. The services provided included vision and blueprinting of the team, designing and setting-up procedures and processes and assistance in the process of personnel training.

Project scope

To have maximum cyber visibility, EG-FinCIRT required a centralised technology solution which could detect threats and enable the regulator and its constituencies to have access to the same data and react quickly. NRD Cyber Security has provided EG-FinCIRT with Natrix platform. Moreover, the company has assisted with technology deployment and development of additional capabilities, testing and installation.

Why NRD Cyber Security?

NRD Cyber Security has a proven record of CSIRT/SOC establishment and has successfully deployed Natrix platform for other financial institutions around the world. Differently to other threat monitoring technologies, Natrix is a flexible solution and works in multi-stakeholder environments, especially in sectorial or National Critical Information Infrastructure protection area.

Furthermore, the solution has been created by integrating NDR and perimeter defence elements not only to collect data, but also to correlate it and as a result achieve greater total visibility. The system also comes with predefined automated alerts to help analysts detect threats on time.

Key features and benefits of Natrix solution for EG-FinCIRT

Early Warning signals

Incidents happening across the sector from the same threat actors are identified and communicated faster. Time to detect new threats across the sector is drastically decreased.

Effective incident management

Same taxonomy, processes, and automation are used. Therefore, time to resolve incidents is reduced due to improved coordination.

Curated CTI

Centrally curated cyber threat intelligence indicators reduce cost and errors in incident identification and analysis for all financial organisations.

Data localisation

Processed data is kept at the source, thus avoiding legal issues which may occur if the 3rd party hosted sensitive data (e.g., personal data, regulated data). Due to Natrix, EG-FinCIRT is capable of building trust with other financial institutions by respecting their data residency and ownership.

Better sectorial incident handling

Faster identification and analysis of incidents due to more specific sectorial context

available for the analysts who inspect security events. EG-FinCIRT’s analysts are empowered to triage incidents with reliable and credible information.