CIO Wall

Md. Mahbubul Alam (Rafel)

Head of Information Security - Prime Bank Ltd. - Bangladesh

CIO Perspectives

The Pandemic triggered digital and remote working making Cyber Security one of the top priorities for organizations. In this context, tell us briefly how your organization managed the transition to remote working during the pandemic? How did you manage employees logging into the corporate network or accessing critical resources and remain protected from cyber-attacks? Tell us about some of the unique security best practices that you have implemented to protect your organization against cyber-attacks?

As the pandemic swept in, we made a quick transition to a remote workforce and gave intense focus on serving customers digitally. PBL Infosec teams, for their part, were largely successful in taking on a dual approach of supporting business continuity and protecting the enterprise and its customers.

We have adopted dual cybersecurity mindset during the crisis period. At first, we had identified the attack surface like an attacker does and followed MITRE framework to understand various phases of attack tactics, techniques, lifecycle, and the platforms they are known to target. Then we have designed to employ the concept of least privilege as part of layered defense strategy. We have enabled zero trust (ZT) philosophy for identity & device with strong authentication and have managed the privileged access with fine-grained access control and defined who can access certain data.

Along with ZT approach we have worked on our threat detection, protection & response capability, and improve SOC operation maturity. Kudos to my team for working really hard to ensure deep visibility across the network and eliminating the blind spots. Through our cognitive SOC we have minimized the mean time for threat detection & the response window and are continuously working to progress as the cyber security job is continuous in nature.