Adira Finance’s security posture: before and after

Image courtesy of Adira Finance.

Adira Finance is an Indonesian financial services company that started operations in 1991 financing vehicles, new and used. Its IPO came in 2004, and today Bank Danamon owns 92.07% of Adira Finance’s shares. As a subsidiary of Bank Danamon, Adira Finance is part of the MUFG Group, which is one of the largest banks in the world.

Adira Finance has become a leading company in the financing sector in Indonesia, starting a multipurpose financing e-commerce platform service at, a marketplace for buying and selling vehicles at, followed by in 2018. Today Adira Finance operates 452 business networks throughout Indonesia, has over 20,000 employees, and serves 2.6 million customers with total receivables managed reaching IDR 50.4 trillion (US$3.6 Bilion).

Cybersecurity Infrastructure

Adira Finance’s cybersecurity infrastructure generally comprises three areas – to protect, detect and respond, according to Bien Costan, VP of IT Control and Compliance at Adira Finance. “This is usually done through implementing firewalls, antivirus solutions, and so on, which we had in place here at Adira Finance,” he says.

Costan’s team had a growing concern about data leakage and the need for data protection, and needed a solution that enabled them to detect threats outside the fence. Some examples of these threats were phishing emails and websites that linked to the company, and impersonation attacks that engaged in fraudulent business, posing a risk to external partners and stakeholders. 

Bien Costan, VP of IT Control and Compliance at Adira Finance.

The suite of solutions that the company had in place was limited in its offerings, so they decided to engage IntSights to provide a more holistic approach to threat intelligence for proactive cyber defense.

“Previously, we could only detect threats when they reached us. We realised that it is crucial to gather information and intelligence about our company’s security posture even before the threat reaches us, thus we wanted to bridge this gap with a solution that enables us to be more equipped and prepared to fend against potential threats,” Costan explains.

Vendor Choice

“With IntSights’ External Threat Protection (ETP) suite, we are able to monitor sources across the clear, deep and dark web for threats that are unique to Adira Finance’s digital footprint. The ability to access and find information and intelligence about the security posture of our company within the dark web was particularly important to us,” says Costan.

Another critical factor was IntSights’ ability to provide near real-time intelligence on six top areas of concern – data leakage, attack indicators, phishing, VIP, brand impersonation, and fraud.

Adira Finance works with a third party that manages its Security Operations Centre and the IntSights ETP suite seamlessly integrates into the SOC, which now also monitors the relevant threat intelligence on Adira Finance collected by IntSights.

Defending Against Bad Actors

IntSights’ speed of remediation is one of the first benefits that Costan’s team realised. “When we detect any possibility of threats, IntSights is extremely quick to remediate, and automate incident response activities. For example, when we encounter an impersonation or malicious activity related to our social media platforms like Facebook, Instagram and YouTube, IntSights is able to take down such threats within a short time frame of 12 to 24 hours, compared to 3 to 4 days required by other security companies that I had previously experienced,” reveals Costan.

Secondly, IntSights provides in-depth counsel with organisation-specific threat intelligence. Through curated, up-to-date and specific intelligence, Adira Finance now has greater clarity when faced with threats.

Most recently, one of the largest e-commerce platforms in Indonesia with millions of users faced a data breach. IntSights was able to gather all data related to users of the e-commerce platform that use Adira Finance’s domain for their account, and informed Costan’s team on whether the data was leaked, what the affected users should do, and what the solutions were, and conducted further investigation into the breached accounts.

“As such, we were able to undertake appropriate action on the affected accounts to minimise the impact of the attack on the users’ information and prevent any breach to our company,” says Costan.

COVID-19 Impact 

The overall threat landscape since COVID-19 has not evolved too much in Costan’s opinion. He has continued to observe the use of email phishing tactics, malware and activities in the dark web — all of which were heavily in use even before the pandemic started. 

With regards to COVID-19’s impact on Adira Finance’s security functions, Costan says that it has seen a small to medium impact with the shift to work from home as more devices tap on shared home networks or the public Wi-Fi to access the company’s IT infrastructure. Another challenge was that the IT team was unable to determine if employees had used endpoints — such as their work computers — to access malicious websites. Costan’s team had to implement a virtual private network (VPN) and virtual desktop infrastructure (VDI) to protect its infrastructure. 

This year, data leakage is the biggest concern for Costan, given the weight and value that data holds today — especially for FSIs, where it is now regulated by the Financial Services Authority (OJK). “We continue to prioritise data protection and at the same time navigate the threat landscape by leveraging the AI-driven analytics and intelligence provided by IntSights,” Costan concludes.