Customer Story

Banco Latinoamericano de Comercio Exterior, S.A. Finances LATAM Trade While Improving Ease of Compliance, Advanced Threat Awareness and Endpoint Protection

Banco Latinoamericano de Comercio Exterior, S.A. (“Bladex” or the “Bank”), a multinational bank originally established by the central banks of Latin-American and Caribbean countries, began operations in 1979 to promote foreign trade and economic integration in the Region. The Bank, headquartered in Panama, also has offices in Argentina, Brazil, Colombia, Mexico, the United States of America, and a Representative License in Peru, supporting the regional expansion and servicing of its customer base, which includes financial institutions and corporations.

Bladex is listed on the NYSE in the United States of America (NYSE: BLX), since 1992, and its shareholders include central banks and state-owned banks and entities representing 23 Latin American countries, commercial banks and financial institutions, and institutional and retail investors through its public listing.

Bladex has been investing to protect itself from cyber threats, such as ransomware and other advanced attacks on endpoints. “The main concern is to protect our end users” Vice President of IT Diogenes Martinez explains.

What Bladex requires, Martinez said, are tools that could protect the end users from zero-day attacks and other sophisticated threats while making it easy for administrators to manage them. That need was heightened by Bladex’s on-premises solution, which required six servers and one console per server to manage. In addition, “keeping the platform updated in terms of the agents and the different servers that are needed to cover the entire cybersecurity scheme by investing staff time,” Martinez says. “Several internal projects were required every year, with test environments, controlled deployments and even new installations for the management servers.”

Bladex Replaces Multiple Legacy Products with CrowdStrike Falcon Platform

“We are confident in CrowdStrike’s ability to deliver on its powerful promise: “We stop breaches,” says CISO Juan Jose Chang. “With CrowdStrike, you only deploy the agents to the servers and to the endpoints,” added Martinez. “Everything is being reported to the cloud, and all of the modules are in one place.” Therefore, Bladex deployed the CrowdStrike Falcon® platform across 350 laptops and servers, replacing legacy products that required several on-premises servers and lacked the cloud- native benefits, as well as 100 mobile devices.

Underscoring its belief in CrowdStrike’s ability to cover all its security needs, Bladex has a comprehensive solution that combines integrated advanced threat-protection modules with managed professional services. Its CrowdStrike solution includes Falcon InsightTM endpoint detection and response, Falcon PreventTM next-gen antivirus, Falcon IntelligenceTM threat intelligence, Falcon OverWatchTM threat hunting, Falcon DiscoverTM IT hygiene, Falcon Device ControlTM, Falcon SpotlightTM vulnerability management and Falcon for Mobile.

Cloud-native Platform Simplifies Security Management

Because the Falcon platform is comprehensive and based in the cloud, Martinez says Bladex has realized considerable cost savings in infrastructure. The Bank no longer needs to maintain or routinely replace multiple servers to support multiple security solutions, as it did in the past.

The Falcon platform is an incredibly easy tool to use, providing the security levels that we required,” Martinez says. “The portal is intuitive. When I log in, I find everything that I need easily. Everything is simple.
Diogenes Martinez, Vice President of IT
Bladex
Replacing legacy products with the Falcon cloud-native solution has accelerated Bladex’s digital transformation, reduced infrastructure costs and improved the bank’s security to meet strict regulations.
Juan Jose Chang, CISO
Bladex

Martinez and his team are also happier because the CrowdStrike solution is significantly easier to manage, requiring only one console compared to the previous solution’s six. “With CrowdStrike I can build one dashboard that includes everything from its different modules,” he says. Martinez also appreciates that CrowdStrike’s support and Falcon OverWatch teams are ready to help Bladex in the event of a cyber-attack.

“The concept of being able to have everything centralized in one place, in addition to having a whole team of experts 24/7 who help us reinforce our security, makes us feel more comfortable,” he says. “CrowdStrike stood out as the right solution for Bladex because with a single solution we have great visibility and protection of our endpoints.”

Endpoint Data Collection Eases Regulatory Compliance

As Chang notes, in the process of protecting endpoints, the CrowdStrike solution collects a large amount of data that, in providing full visibility of everything running on endpoints, eases Bladex’s ability to comply with regulations — another significant improvement over the legacy solutions Bladex sought to replace.

“We have a lot of requirements that continually ask for data on a specific device or endpoint, and that data was pretty hard to obtain with our previous solutions,” he says. “With CrowdStrike, however, it’s very easy to obtain all of the information or data that the external auditors generally ask us for every year.”

Increased Visibility into Endpoints Heightens Awareness

Having previously separate solutions contained in a single platform offers additional benefits for the Bladex team. Martinez cites the Falcon SpotlightTM vulnerability management module as an example.
“The Spotlight module not only gives us great visibility into vulnerabilities on our endpoints, but it also allows us to establish immediate action plans — including even sending patches to endpoints — to cover these vulnerabilities,” he says. “For example, when a new vulnerability is detected in Microsoft, we can patch that directly from CrowdStrike.

“As a result, the time it takes us to administer our security solution has been significantly reduced thanks to CrowdStrike,” Martinez adds. “That allows us to focus on other tasks, resulting in an economic benefit for our organization.”

Security Transformation Enables Digital Transformation

“The global pandemic has been a turning point in how we manage cybersecurity,” Chang says. “It has caused us to accelerate other processes such as digital transformation and the adopting of remote work. CrowdStrike enables us to be more productive: Our users can focus on their activities and on maintaining operational continuity without having to worry about security events or incidents on their computers or with user accounts.”

Chang says the lightweight CrowdStrike Falcon agent “is invisible in most cases,” yet its impact has been obvious to end users, who no longer call the Bladex IT team to complain about their laptops running too slowly.

“My support team is happier because our end users have a better experience being protected by CrowdStrike,” Chang says. “And our help desk has not had to open any tickets related to security events.”

Long-term Cost Savings and Viability

Bladex’s security leaders both point to the cloud-native aspect of the CrowdStrike solution as the basis for their confidence in having made the best choice for securing the bank’s future, enabling it to keep following its mandate of supporting economic development in Latin America.

With the Falcon platform in the cloud, we have achieved significant cost savings.
Diogenes Martinez, Vice President of IT
Bladex

“Previously, our policy was to replace our legacy solution servers every five years. And those servers required a maintenance contract for part replacements, for software support and licensing, everything. CrowdStrike doesn’t require us to maintain all of that overhead.”

The cloud-native architecture contributes to other aspects of the CrowdStrike solution they favor. Martinez appreciates the ease of trying any Falcon module from within the CrowdStrike Store, for example, while Chang values the ability of the Falcon platform to readily interact with other platforms (e.g., email and web security gateway) “to enhance our security posture.”

“CrowdStrike continuously adds new modules and capabilities to expand visibility and protection from new attacks,” Chang says. “I feel very confident that CrowdStrike can respond to any threat in the future.”