Helping Nationwide guard against changing security threats
Creating a security risk framework that makes banking safer.
- Company
- Nationwide
- Employees
- 10,000 to 50,000
- Location
- UK
- Industry
- Retail and consumer goods
Overview
Mobile and online banking are growing. Fast. But so are threats to IT and network security. With members using more digital services along with traditional channels, Nationwide wanted to take a fresh look at threat management and Operational resilience.
Looking for expertise, Nationwide’s IT Operations & Service Delivery team turned to us. Based on a long foundation of trust, and our solid track record, we joined forces. Together, we’re protecting Nationwide – now and in the future. Because keeping Nationwide’s members and their information assets secure is as important as ever.
In the world of retail banking, more people than ever are turning to mobile and online apps to manage their money. That gave Nationwide an opportunity to give customers more personalised services on the move. And now, with BT we continue to provide robust and secure services ”.
The challenge
The security and protection of customer data is at the heart of Nationwide’s digital strategy. “With more of our services available digitally, it’s really crucial that we help members protect their data. For a while now at Nationwide, our executive board has had an intense focus on this area.”
It’s not only banks who are trying to tackle the threat landscape. The UK government is also trying to coordinate intelligence sharing in the industry. But on the front line, it’s banks that have the ultimate responsibility. The danger is real, and it’s changing and getting more intense all the time.
To cope with a shifting threat landscape, Nationwide needed an approach that wasn’t just rigorous. It had to be agile, too.
The solution
Nationwide awarded us a six‐year contract. It covers significant aspects of IT and network security, combining tried and tested methods with a new, dynamic way of working. Together, we discuss every security development – in the bank, the industry and worldwide – to see if it calls for a change in process. Nothing is too small.
Our service covers substantial aspect of Nationwide's security – from design and implementation to 24-hour proactive and reactive monitoring. We brought together products and services from lots of leading providers to make sure security's covered at every level.
The Financial Conduct Authority and Prudential Regulation Authority are testing security controls and technologies together. As Nationwide’s security partner, we have to satisfy both our own quality criteria and industry standards – like ISO 20000 service management accreditation and PCI DSS conformance – while developing and maintaining comprehensive ITIL based services.
Nationwide and BT have a long relationship. A solid cultural fit and strong mutual trust mean the Nationwide executive board feels confident that we have the skills and resources needed. “We’re reassured by the deep expertise BT shows in securing its own global network and those of other large organisations and government agencies,” says Daryl.
The result
For the first time, our operational teams are permanently based in Nationwide’s Enterprise Command Centre. Nationwide has focused its security strategy to deal with the changing nature of threats facing the retail banking industry, and IT organisations in general. And we’re supporting this, having created an environment that will stay ahead of today’s would‐be attackers – and be ready for whatever happens in the future.
Nationwide's security strategy and operational model is designed to grow and evolve rapidly. This allows it to be flexible and responsive in delivering more secure and better digital services to its customers.