Optimising Security and Compliance Through Innovation
This case study delves into how a financial services company proactively addressed challenges and fulfilled business needs regarding security and compliance in a highly regulated environment.
Aegon Insights, the Asia Pacific consulting arm of Aegon, a global leader in financial services, provides a comprehensive technology platform for insurance operations. Through this platform, they deliver efficient policy administration, streamlined fulfillment management, accurate billing processes, and robust claims management, empowering insurance companies to thrive in the region.
The Business Need
In the intricately regulated realm of finance, Aegon Insights grapples daily with a complex web of security and compliance demands. Navigating this landscape necessitates meticulous adherence to numerous laws, regulations, and industry standards. Consequently, data security, regulatory compliance, and workflow optimisation emerge as key challenges demanding innovative solutions.
- Adapting to dynamic regulations: Aegon Insights faces a continuous demand to align its policies and procedures with the ever-evolving rules of engagement within the financial sector.
- Adherence to CPS 230 and CPS 234: The company must meticulously adhere to the APRA’s rigorous prudential standards for risk management (CPS 230) and information security (CPS 234). These standards mandate a robust risk management framework and a comprehensive information security capability, encompassing identification, protection, detection, response, and recovery from security incidents.
- Partner expectations and audits: Aegon Insights must consistently meet the stringent security and compliance expectations of its financial services partners, including banks, insurers, and regulators. These partners conduct regular audits and expect prompt, transparent reporting of any incidents or breaches.
Building a Robust Cyber Incident Response Plan
We implemented the following solutions for our client:
- Utilised Microsoft E5 to deliver security services including SIEM and XDR, which provide comprehensive visibility, detection, and response capabilities across Aegon Insights IT environment.
- Intune was chosen to manage policies and security to ensure all data is secure and devices are setup with minimal fuss, regardless of the device type, location, or user.
- Huntress and ThreatLocker was deployed to reduce attack vectors and provide a high level of device security, by preventing unauthorised applications and scripts from running and blocking malicious activities.
- Vendor Assessments conducted to evaluate the security posture and compliance of Aegon Insight’s third-party vendors and suppliers, and provide recommendations for improvement.
- Access to our SOC and Security Engineering team, which provide 24/7 monitoring, analysis, and remediation of security incidents and threats, as well as proactive security guidance and best practices.
- Data Loss Protection implemented to prevent unauthorised access, use, or transfer of sensitive data, such as personal information, financial records, or intellectual property.
By implementing our tailored security solutions, Aegon Insights achieved significant improvements in their security posture and compliance adherence:
- Rapid Response and Mitigated Risk: Best-in-breed Microsoft Modern Security enabled Aegon Insights to quickly respond to security incidents and threats, minimising the impact and severity of potential breaches.
- Enhanced Efficiency and Expertise: Our 24/7 SOC services, with an average response time of 15 minutes, ensured timely and effective resolution of security issues and compliance with regulatory standards.
- Simplified Device Management and Data Security: Intune streamlined device setup and policy management, guaranteeing consistent data security and device compliance across different types, locations, and users.
- Automate and Optimise Security Operations: Azure Sentinel facilitated log collection and automation, reducing the complexity and cost of security operations while enhancing their efficiency and scalability.
- Matured Security Environment: Utilising ASCS and NIST frameworks, Aegon Insights ensured their data is now secure and well-protected, adhering to industry best practices and benchmarks.