This story is part of our Community Bank Tech Projects series. Each day this week we will highlight a technology initiative a community bank pursued in the past year. The aim of the series is to explore where community banks are choosing to invest their limited resources in technology.
In many ways, Live Oak Bank in Wilmington, N.C., is the example of how community banks can leverage technology to give the big banks some major competition.
Streamlined lending technology and a focus on a few niches like veterinarians, dentists and funeral homes help Live Oak succeed. The $1.2 billion-asset bank is the second-most active participant in extending credit backed the Small Business Administration. In 2016, it approved $362.6 million in SBA loans, second only to Wells Fargo. A few years ago, it spun out its internal technology to create nCino, a cloud-based lending solution currently used by more than 130 banks, including several of the largest.
But until last year, Live Oak’s security systems were decidedly old school.
The bank was operating multiple data centers around the country that hosted different systems and that all ran different technologies and applications to support its small-business lending and deposit platforms.
The bank struggled to get a clear view into these systems, and lacked visibility into security threats. Further, it wanted to reduce reaction time to high-risk, high-threat activities, all without a large investment in increasing staff.
“As a digital bank we move really fast, and we wanted to move fast enough to be in front of the bad things happening out there,” said Thomas Hill, Live Oak’s chief information officer. “But our systems were all on an island. In the world of cybersecurity you really need to know everything, and quickly.”
Examining data to detect threats would normally take hours and require a dedicated team. When it came to searching network data, custom searching was costly. It required the use of secondary systems that cost the company between $30,000 and $60,000 annually. Further, the bank needed a tool to improve its incident response speed, as a typical analysis could take up to three hours.
To solve this issue, the bank implemented technology from DefenseStorm (in which it has a minor investment) that enabled the bank to create a single view of all security data. The data is put into one analysis engine that supports advanced searching and incident management, Hill said.
Essentially, DefenseStorm allows Live Oak Bank to see security data faster, and puts more context around that data, said Neil Underwood, president of the bank.
“There’s a lot of false positives out there; and you have to throw a lot of human personnel to analyze them” to see what is or is not a genuine threat, Underwood said. “But machines can recognize patterns and apply context to large data sets.”
The bank said that since using DefenseStorm it has seen a 50% to 60% improvement in its internal process workflow and incident discovery. Live Oak’s security research has also increased substantially with single-click features included in the new platform. Previously, the average time spent on any given event was 15 minutes to an hour. Now, employees can determine the scope of an event in less than five minutes, and can escalate the event into the incident remediation process with a single click, the bank said.
Further, Live Oak has also saved the money it previously spent on the extraneous systems to conduct custom searches.
Banks can be successful in cybersecurity only if it’s a top-down priority rather than a task relegated to the chief information security officer and forgotten about, Underwood said.
“It has to be a bankwide priority,” he said. “We as an industry have to look at cybersecurity not as something that’s a function performed in the bowels of IT, but at the board level.”