Case Study: BRAC Bank achieves stronger privileged access security and regulatory compliance with CyberArk

Brac Bank satisfies compliance and protects digital assets with privileged access management

BRAC Bank is a leading private commercial bank in Bangladesh with about 7,000 employees serving roughly two million customers. Although it already held ISO 27001 certification and ran a Security Operations Centre, the bank faced persistent risks from malware, spoofing and unmanaged privileged accounts, alongside evolving regulatory requirements (PCI‑DSS, SWIFT, local ICT security guidelines) and pressure to justify and retain scarce security resources.

To address this, BRAC Bank selected CyberArk with local partner OneWorld and rolled out a phased deployment of Privileged Access Manager, Endpoint Privilege Manager, Secrets Manager, *NIX Server Protection and Discovery & Audit—completing the rollout in six months. The implementation stopped password sharing and reduced hardcoded credentials, strengthened compliance and monitoring, improved detection and incident response, and materially raised defenses against internal/external attacks and ransomware.

BRAC Bank

B M Zahid-ul Haque

Head of Information Security