Securing Financial Inclusion: A Comprehensive Cybersecurity Transformation at Annapurna Finance

Annapurna Finance Pvt. Ltd. (AFPL) is a prominent non-banking financial company (NBFC) and microfinance institution in India, established in 2009. Initially part of the non-profit organisation People’s Forum, AFPL focuses on serving economically disadvantaged communities by providing accessible financial services. Registered as an NBFC-MFI in 2013, AFPL is dedicated to driving financial inclusion and empowering underserved clients through innovative products and services.

AFPL faced increasing cyber threats that jeopardized its operations and customer data. The complexity of its IT infrastructure made vulnerability management challenging, with a lengthy assessment and patching process exposing the organisation to numerous high-severity vulnerabilities. Partnering with Workmates as a Managed Security Services Provider (MSS), AFPL initiated a comprehensive security transformation to enhance its security posture and operational efficiency.

• Vulnerability Management: Slow quarterly assessments exposed over 100 high-severity vulnerabilities across critical servers.
• Web Application Security: Public-facing applications were targets of various cyberattacks, leading to successful exploitation of vulnerabilities, affecting application availability and integrity.
• Lack of Intrusion Detection and Prevention Systems: The absence of Intrusion Detection Systems (IDS) and Intrusion Protection Systems (IPS) solutions for critical servers heightened the risk of sophisticated attacks.
• Alert monitoring and response: AFPL lacked a comprehensive alert monitoring system, leading to delayed awareness of potential security incidents.
• Visibility and Compliance: Limited insight into cyber risks hindered resource allocation and compliance with ISO27001 and RBI guidelines.

• Vulnerability Management: Automated near realtime vulnerability assessment to reduce mean time to detect and patch.
• Web Application Security: Deployed AWS WAF to protect against threats like SQL injection and implemented regular security testing.
• Network Firewall Implementation: A robust network firewall was deployed to secure the cloud infrastructure and prevent unauthorised
  access.
• Threat Detection and Response: Integrated SIEM solution for real-time monitoring and incident response for all workstations and servers.
• Compliance Support: Assisted with aligning security controls to ISO27001 and RBI requirements.
• Security Governance: Established a security steering committee and conducted employee training to foster a culture of security.

• Vulnerability Response: Reduced detection and remediation time from 4-5 months to weeks, cutting high-severity vulnerabilities by over 80%.
• Incident Management: Decreased the time to detect and contain security incidents by 60%.
• Enhanced Monitoring: Increased identified security incidents by 70% through improved threat detection capabilities.
• Compliance Achievement: Achieved ISO27001 certification and met RBI guidelines.
• Web Application Security: Experienced a 95% reduction in successful web application attacks, improving application response times by 30%.