Rabo Security Awards: stronger together

A customer accidentally tells you his pin number on the phone. Or you get a quick coffee and forget to lock your laptop. People often know very well what the risks are, but are quick to think that security is the responsibility of the IT department. But ensuring a secure environment is everyone's responsibility.

During the month of October, extra attention is being raised worldwide for cybersecurity awareness. Of course, smart technical solutions contribute to a secure environment, but even more important is the behavior of people in that environment. Reason enough to hold the Rabo Security Awards for the first time. These awards have been created to celebrate the contribution of colleagues from different functions and backgrounds in keeping customers, colleagues, and society secure.

The awards are presented in 4 categories: We make it happen, We build security, We protect our customer, and We celebrate together. The last category was all about having fun and engaging in team building with activities such as Capture the Flag, the Social Engineering Escape Room and Phishing HeroesIn different events, teams could put their hacking skills to the test. At the Capture the Flag event, teams competed against each other to solve as many challenges as possible. In the Social Engineering Espace Room, teams got to work on cracking the code without, for example, falling into phishing mails and other malware or paying ransomware. In the Phishing Heroes challenge, the teams that recognized the most phishing mails won..

The Rabo Security Awards were presented in the following categories:

  • We make it happen: collaboration between the business and IT teams, making decisions based on data and risk analysis.
  • We build security: stories where collaboration between IT communities has had a significant impact on security.
  • We protect our customer: attention to customer needs and the potential security risks involved.
  • We celebrate together: team-building activities that took place during Cybersecurity Month 2022.

Winner ‘We make it happen’

Story: Get started with your own cyber agility

Martijn Roseboom, Account Director ICT & Services Rabobank Corporate Insurance: “This is an award for the entire team working to increase the cyber resilience of our customers and ourselves. People worry about cyber risks, but often don’t know what to do to protect themselves.”

“That’s where we took our first step: educating our customers and colleagues. The next step was to see how we can support our customers with specific insurance products. And we’re not done yet. We are now looking at the impact of cyber risks on Rabobank’s financing proposition. What does it mean for the bank when a customer falls victim and how can we make it safer?”

Winner ‘We protect our customer’

Story: Profile name can no longer contain passcode

Martin Timmers, Product Specialist: “We are always looking for ways to make the Rabo App even more secure for our customers. We discovered that customers sometimes mixed up their profile name and password. When we get signals like this, it’s our job to raise the issue with the DevOps teams and get it fixed as soon as possible.”

Paranthaman Kuppurathinam, Engineer: “What we developers think is a logical way of doing things, is sometimes understood differently by everyday users. In this case, the solution was simple. We have modified the code so that you can no longer enter numbers when entering your profile name and thus we protect our customers.”

Martin Timmers: “The team has moved quickly and handled this well. It is a textbook example of the cooperation between the customer department and the development teams.”

Winner ‘We build security’

Story: Those who can, do and teach

Tess Sluijter-Stek, Security consultant: “My team works to increase the level of knowledge about security within Rabobank’s DevOps squads.In a DevOps team, developers and IT operations work on automating the infrastructure, workflow, and monitoring to increase the speed and quality of software and its deployment. We do this with training, coaching, and develop tools that make their daily work easier. For example, we made a tool that is used in our deployment pipelinesA deployment pipeline is a system of automated processes that ensure that new or modified code and updates become available on the production environment. A modification to the Rabo App, for example, is made available to all customers quickly and securely via such an automated process. that automatically checks for programming errors. With this, we catch problems before code goes live.”

“In terms of security, people often are unaware of what is possible. And with just a little extra knowledge, it’s easy to make work more secure. That’s why we will continue what we are already doing: further developing the tooling that supports that and helping teams solve problems.”

Rabo Security Awards: next steps?

All stories submitted for the 2022 edition of Rabo Security Awards portray how security is for everyone. Cindy Santos, Security and IT Risk Awareness Professional at Rabobank: “These stories make security tangible and far-reaching at Rabobank. Stories told by real people that build a secure culture in and outside the organization.” Cindy wrote her own story too, about the 3 secrets in the world of cyber security (that shouldn’t be secrets).

Chris Karelse, Team Lead Global Security & IT Risk Awareness: “These awards help create awareness about cybersecurity within Rabobank and beyond. Instead of telling people how to do it, these stories inspire others to share their stories as well. And to collaborate with their colleagues. At next year’s award ceremony, we hope to tell many more stories and thereby make the bank and society stronger and safer!”