BUSINESS: Founded in 1944 in Beirut, Lebanon, Bankmed is a leading provider of retail and commercial banking services, with 50 domestic branches and operations in Cyprus, Iraq, Saudi Arabia, Switzerland, Dubai and Turkey
SIZE: 2,040 Employees
BUSINESS CHALLENGE: To nurture long-term customer loyalty, Bankmed aimed to enhance its services with cutting-edge online and mobile banking capabilities—and ensure the new services were protected against potential threats.
One of Lebanon’s leading banks, Bankmed has offered businesses and individuals across the country a comprehensive range of retail, commercial and investment services since 1944. Through its 50 branches across Lebanon, the bank strives to deliver high-quality, personalised services to meet each customer’s specific financial needs.
In the last decade, the booming popularity of the digital channel has triggered a major shift in consumer expectations around banking services. Increasingly, customers are seeking out providers that can provide 24/7 access to banking products and services, available on any connected device of their choosing.
Bankmed saw an opportunity to nurture customer loyalty and strengthen its leading position in Lebanon’s financial services market by launching new online channels in 2008 and mobile banking services in 2012. In addition to delighting customers with innovative services, the bank aimed to protect them at all times by ensuring a mature and robust approach to information security on the new channels.
Bassel Assah, Head of Infosec & Business Continuity at Bankmed, explains, “Before we could open the digital banking services for business back in 2011, we wanted to ensure our internal and external networks were free from critical vulnerabilities and hardened against cyber threats. As a first step, we aimed to perform a thorough inventory of all IP-connected assets on our networks—allowing us to identify and close up any potential attack surfaces.”
Impressed by its strong reputation in the vulnerability assessment space, Bankmed decided to explore the Enterprise TruRisk Platform. After running an in-depth proof of concept with the Qualys solution, Bankmed selected the Qualys Vulnerability Management (VM) and Web Application Scanning (WAS).
“Two of the things that impressed Bankmed most about the Qualys solution were its technical depth and user-friendliness,” recalls Assah. “Unlike other tools we considered, the Enterprise TruRisk Platform offered all the intelligence and reporting capabilities we had targeted in one secure, web-based portal—eliminating the need to spend time manually generating individual reports and emailing them to our various application and system owners across the business.”
Why Bankmed chose Qualys:
He continues, “Crucially, the Qualys solution allowed us to perform in-depth vulnerability assessment of the new web applications, and ensure they were secure enough to open to the public internet.”
After an intensive, 12-month scanning and external pen testing initiative, Bankmed built up a clear view of its external and internal networks, including several subnets across its international operations in Cyprus, Iraq, and Saudi Arabia. During the process, the bank’s security and IT teams successfully identified and remediated many critical vulnerabilities—enabling the launch of its new digital banking services to proceed on time.
After almost a decade of success with its digital banking services, Bankmed aimed to prepare for the next generation of data-driven customer services. In 2019, the bank accelerated an initiative to move to a fresh core banking platform, including new web applications for digital banking services. Again, the bank turned to Qualys to help meet the stringent information security requirements for the project within a tight timeline.
“To launch the new core banking system and web applications within just 12 months, we had to rapidly scan, pen test and harden an entirely new data centre architecture,” explains Assah.
“When a Qualys scan of the new core banking platform revealed a large number of vulnerabilities, we knew that we needed to cut the time and effort required to prioritise, remediate and monitor the environment to meet the go-live target.”
To help solve the challenge, the bank added Qualys Threat Protection (TP), Policy Compliance (PC), and Continuous Monitoring (CM).
With Threat Protect, Bankmed leverages automation to rank its vulnerabilities by severity, assign teams to fix them, and track their progress. Using Policy Compliance, the bank can ensure that its core banking systems are configured for maximum resilience to cyberattacks, and meet SWIFT and PCI:DSS compliance requirements for annual and quarterly vulnerability scans. Finally, Continuous Monitoring allows the bank’s security team to automatically scan for new vulnerabilities on external-facing servers, enabling a proactive approach to emerging threats.
“Our Qualys solutions helped us to quickly narrow down the list of vulnerabilities to the most critical, most exploitable threats,” comments Assah. “What I really love about the Qualys solution is how clearly it presents information. We get all the relevant data on each threat and how to resolve it in one place, which makes for an extremely efficient remediation process.”
Near the end of its 12-month deadline for the core banking refresh, the COVID-19 crisis swept around the world. Despite the significant day-to-day working pattern disruptions, Bankmed successfully leveraged its Qualys solutions to complete its essential information security validation process on time and meet the 2020 target.
“Although we don’t allow access to the Enterprise TruRisk Platform from external networks, national lockdowns during COVID-19 never slowed us down,” says Assah. “By enabling our team to log into their Qualys dashboards using secure VPNs, we successfully validated the new core banking environment within our tight one-year deadline.”
“The Enterprise TruRisk Platform plays a key role in enabling watertight security for our digital banking offerings.”
Head of Infosec & Business Continuity, Bankmed
Today, Bankmed uses the Enterprise TruRisk Platform to scan more than 5,000 IP-connected assets, with daily scans for external-facing systems and scheduled periodic scans for internal networks.
“As consumer preferences shift towards online and mobile experiences, our digital banking services are only going to become a more important part of our offering,” concludes Assah.
“Thanks to Qualys, we have the rich information security capabilities we need to protect our systems—and our customers—from ever-changing cyber threats. Whenever we need guidance or support, we know that we can count on Qualys to come through for us, and we look forward to building on the relationship as we launch the next generation of digital services.”