People First Bank Achieves Continuous SaaS Security with Falcon Shield

People First Bank is a leading Australian customer-owned bank with over 750,000 customers across the country. Formed by a merger in 2023 between People’s Choice Credit Union and Heritage Bank, People First Bank’s early priority was to unify its cybersecurity operations and systems.

“Our cybersecurity teams were unified on day one to protect the bank’s joint interests from the outset,” said Rob Testi, Head of Cyber Security.

Within nine months of amalgamation, and in line with the organization’s cloud-first strategic direction, the bank had consolidated its security stack on the cloud-native CrowdStrike Falcon® platform, gaining superior visibility, detection, and response across the enterprise.

Prior to the merger, People’s Choice Credit Union relied on CrowdStrike Falcon® Insight XDR and CrowdStrike Falcon® Identity Protection for unified endpoint and identity protection. Testi knew these tools would be essential for his expanded security estate.

“The first thing I did was roll CrowdStrike out across the rest of the estate, so we had a unified toolset, because having a quality EDR with a single pane of glass was mission number one.”

People First Bank’s goal is to have fewer vendors in its security stack, but deeper relationships with those vendors. Executing on this strategy, the bank has continued to consolidate on CrowdStrike, adding CrowdStrike Falcon® Data Protection to control data movement and secure sensitive data, CrowdStrike Falcon® Exposure Management to reduce risk with AI- powered vulnerability management, and most recently, CrowdStrike Falcon® Shield to provide visibility and threat detection across its growing SaaS footprint.

“With CrowdStrike, everything is on one platform. Taking the ‘best-of-ecosystem’ approach gives us a single view, a consistent training regime, a single agent and faster response times. The single agent means that if we want to deploy new capabilities, we just flick a switch at the backend. From an endpoint perspective, we don't need to rewire the organisation which greatly speeds up our time to market,” said Testi.

Central to People First Bank’s strategy is its focus on digital enablement, simplicity, and a commitment to doing good. The bank also committed to reduce operational costs, which flows through to its approach to security, explained Testi.

“Our security strategy is scalable, sustainable, and simple — that includes vendor simplification, commercial simplification, and application simplification. Consolidating with CrowdStrike ticked all those boxes and made financial sense as well.”

To deliver outstanding digital experiences and security for its customers, the bank has a cloud- first strategy for its technology platforms and applications. It currently relies on more than 30 SaaS platforms across the organization, but it lacked visibility into the security posture of these cloud-based services.

In addition, while People First Bank has a robust cyber assurance framework as part of its strict procurement policies for SaaS solutions — which includes regular pen-testing — there was no continuous validation and management of the security posture of these services.

“Between pen-tests, it was challenging to understand if there had been any drift in secure configuration.” explained Testi.

To address this, the bank undertook a proof-of-concept with SaaS security posture management (SSPM) platform Adaptive Shield. When Adaptive Shield was acquired by CrowdStrike in 2024 and incorporated into the CrowdStrike Falcon® platform as Falcon Shield, it immediately presented People First Bank with a compelling proposition. Falcon Shield was rolled out to 54 connected instances across more than 30 SaaS platforms in just three months.

As a result, Falcon Shield has strengthened both the bank’s third- and fourth-party risk management capabilities (the process of identifying, assessing, and mitigating the cybersecurity risks posed by the vendors of its third-party vendors). The ability to connect to Falcon Shield is now an assessment component in the assurance process of any new SaaS platform.

“Trust and security are everything for a bank. Before a SaaS application goes live, we ensure the SSPM component is completed first. That means if any mistake is made on one of our SaaS platforms, with Falcon Shield we know about it in real time. If it’s a critical issue, our SOC can take any appropriate action,” said Testi.

However, the biggest value for People First Bank is Falcon Shield’s longer-term impact on building better SaaS services. Shield provides the bank’s vulnerability hardening and policy compliance team with a security posture percentage score for every SaaS instance, along with a set of recommendations to increase that score and harden that application, as well as any downstream processes. Based on Falcon Shield’s reports, the compliance team works with the bank’s platform owners on a continuous security improvement program or remediation plan.

“We’ve received insight into our SaaS applications that we’ve never had before, including our own cloud-based security tooling. Falcon Shield gives us a very clear indication of where we need to focus our attention and shows us what actions we need to prioritise to yield the greatest value,” said Testi.

Consolidating with CrowdStrike has removed several ‘point solutions’ from the security stack, creating significant benefits for the organization. People First Bank has a continual process of optimising its security estate.