The attack surface is a 200-year-old bank with over five million customer accounts. Citizens Financial Group, headquartered in Providence, Rhode Island, operates as the 13th largest retail bank in the United States. It provides standard retail banking through its Everyday Banking products and wealth management services, serving individuals, companies, and nonprofits. The threat model is straightforward: protect a massive volume of financial data and transactions across a sprawling, legacy-laden infrastructure.
A cybersecurity operation here means defending the perimeter and the core of a major financial institution. This involves securing systems that handle everything from basic checking accounts to complex financial planning portfolios. The scale - spanning nearly two centuries of operation - means dealing with technical debt and integrating modern security practices into a deeply established ecosystem. The goal is direct: maintain the integrity and availability of services that millions of customers and businesses depend on daily.
The bank's stated commitment to continuous improvement and expanding economic opportunity provides the business context for the security team's mandate. Protecting customer data and transaction integrity isn't just a technical requirement; it's foundational to the mission of supporting small businesses and homeownership programs. Security here is about enabling the bank's core function - financial services - without interruption or breach.