Trend Micro secures The Saudi Investment Bank

The Saudi Investment Bank (SAIB) began operating in 1977, quickly establishing recognition in share trading, asset management, leasing, mortgages, insurance, and credit cards.

Today, the bank offers traditional wholesale, retail, and commercial banking products. SAIB is also actively engaged in the financing of quasi-government and private industry sectors, as well as the trading of financial products that facilitate and expand the kingdom’s import-export segment.

Built on a vision of simplicity and accessibility, SAIB operates on principles of flexibility and responsiveness towards customers and the continuous empowerment of employees. The company consistently develops the best possible approaches and the smartest solutions to deliver on these principles.

Delivering a secure banking experience is at the heart of SAIB’s pledge to its customers and employees. The bank offers its services on a technology stack that is virtualized to a high degree, with several users that consume services delivered from two data centers. However, the threat of a breach is not to be taken lightly. The bank’s stakeholders know that any infiltration could be a heavy blow to the reputation of trust it has earned in the market.

“Our vision is to provide safe and secure environments that our customers can depend on, so they can bank with ease and confidence,” said Ayman Al-Shafai, head of The Saudi Investment Bank’s security operations center. “We are a leading light in digital transformation. We are always proactive in adopting new technologies that allow us to be more creative in the digital services we provide to our customers.”

Having adapted from traditional infrastructure to a modern, virtualized architecture, SAIB needed to shift from a legacy model of focusing on external threats, to a multi-facetted structure.

As Al-Shafai recalled, “We did have effective defense controls, but given the dynamic threat landscape, we knew we had to adapt to the constantly changing tactics seen from bad actors with an in-depth approach. We saw the need to apply a zero-trust model to balance preventive controls with advanced and insightful detection capabilities. Through such a model, we would be able to deploy in-depth behavior analysis and fight advanced threats.”

“Support is absolutely key when you deploy a solution that underpins a core business deliverable,” Al-Shafai explained. “Your vendor has to be a partner that is always available, responsive, and has a finely tuned appreciation of your business and its core ambitions.”

SAIB evaluated several solutions in the market that were candidates for delivering on its main objectives of visibility and real-time adaptability. According to Al-Shafai, Trend Micro stood out as being able to deliver around-the-clock support and consistent quality.

“I don’t look at pricing as keenly as I look at the value added by a strategic partner,” he explained. “We’ve been working with Trend Micro for over five years. During this time, we saw that the quality of their products and services never wavered. They were the obvious partner for us.”

SAIB was looking for a toolset that was intuitive and did not require heavy administration. In addition, it needed to be able to provide role-specific reporting for a wide array of readers.

“Many people think of cybersecurity as a single solution that, once implemented, renders your infrastructure completely secure,” said Al-Shafai. “But we needed multiple on-premises controls that worked together to give powerful results.”

SAIB deployed Trend Micro Deep Discovery Inspector to monitor network traffic across all traversal routes—inside data centers, between hosts, and across endpoints. The solution provides enhanced visibility of activity, allowing teams to quickly monitor malicious activity, such as ransomware delivery or advanced persistent threats (APTs).

The bank also opted for Trend Micro Deep Discovery Analyzer, an open and scalable sandbox analysis platform that provides a real-time, on-premises assessment of files and hyperlinks. It is also capable of integrating samples submitted by threat researchers and incident response professionals. In addition, Trend Micro Deep Discovery Email Inspector now watches over the company’s corporate communications, protecting users and warning stakeholders of prospective threats as they occur.

“The solution is only the beginning,” said Al-Shafai. “As I said, we needed a partner that was engaged throughout the whole life cycle and beyond. Trend Micro has been with us every step of the way, and the support we received after deployment was exceptional—showing us how to effectively use the product rather than just implementing it and leaving us to figure it out on our own. I would draw particular attention to Trend Micro’s engagement during the early days of the COVID-19 crisis, when they provided us with additional antivirus training for our employees.”

“Since the implementation of Trend Micro’s multi-facetted solution, we have had more visibility into our environment; and the higher the visibility, the better you are able to detect malicious activity,” Al-Shafai noted. “We are looking to protect customers and employees long term, so we need that visibility to detect potential attacks in their early stages.”

Al-Shafai is confident that SAIB’s return on investment will be significant, in terms of “the value of preventing losses that could potentially harm the organization’s brand for years to come”.

“The threat landscape is changing on a daily basis, so you need an ecosystem where, if the prevention fails, you detect. We now have both those layers provided by Trend Micro,” explained Al-Shafai.

“We’re moving into a new era of banking. With accelerated digitization, there is a need to adopt new technologies like AI, blockchain, and IoT, while embracing open banking initiatives. This will drive a new shift in the attack landscape, demanding more security, control, and visibility across our environments. That’s our next challenge to prepare for and tackle, and we’re looking forward to it.”