Hibank Replaces Legacy VPN with Zscaler Zero Trust

Name: Hibank Replaces Legacy VPN with Zscaler Zero Trust
Uploaded: 2026-06-28T12:39:12-04:00
Duration: 3 min 21 s
Description: Hibank, an Indonesian digital bank serving micro, small, medium businesses has its sights set on expanding to new markets. CISO Lim Siaw Liang knew that it was quickly outgrowing its legacy infrastructure consisting of VPN, network access control (NAC)...

Zscaler

06/28/2026

0 (0%)

Report Like Favorite

Transcript

to delivering secure innovation and user-friendly financial services. When traditional VPN, the traffic itself will be centralized in the data center, and then we need another tool to secure our environment within the head office and the branch using the NAC, while in Zscaler, all of the features are sitting under one tool. In HiBank, our size is only 600, and then the security operation here is less than 5% to manage the overall cybersecurity tools within the bank. So now in HiBank, we totally rely on Zscaler to do our operational things, not only for supporting for the back office, but also the front office. So with Zscaler, we can open a branch in anywhere where the marketing can do customer acquisition, not only on our branch. After that, we extend to the DLP part, where Zscaler is helping HiBank to cover DLP endpoint, DLP email, Caspi. We do a full suite DLP of Zscaler. So where we can do an application limitation on each row in the bank, we can avoid sort of like a lateral movement on each endpoint within the bank. So we can eliminate attack for sure as well, basically from the external, where usually on the traditional part, we must publish the IP public to the external, where usually attacker use that kind of IP public to discover and then try to penetrate the bank. With Zscaler, attack surface, we don't need to worry because they're doing a proxy there. So any attacker, they don't know the exact IP address or original IP address behind the VPN. It is helpful for the GSOs like us to reduce a lot of noise or maybe recon from the attacker, especially for the SIM or our SOC. So we can focus on protecting our data center. In future, we are trying to explore the new VM and then the asset discovery of the Zscaler where currently the bank itself, we would like to have a real time maturity assessment where we can find the overall gap within the tools that we have. So we expect Zscaler can fill out this gap so we can identify on the fly the gap and then remediate the gap itself as soon as possible. You should try Zscaler. This product is very impressive. You can have a lot of features within a single console and then along with the cost efficiency, you can replace the traditional network topology and then the latency itself is very low and then you don't need to manage a lot of tools just to protect your endpoint. So your security operation can focus more on data center protection.

TL;DR

Hibank replaced legacy VPN and NAC infrastructure with Zscaler Zero Trust Exchange to reduce management burden on a five-person security team serving 600 employees
The bank implemented Zscaler's full DLP suite covering endpoints, email, and cloud applications with role-based access controls to prevent lateral movement
Zero trust architecture eliminated the need to expose public IP addresses, significantly reducing reconnaissance attempts and attack surface for the SOC team

Summary

Hibank, an Indonesian digital bank serving micro, small, and medium enterprises, faced significant challenges with its legacy security infrastructure consisting of VPN, network access control, and fragmented point products. With only five security personnel managing a 600-person organization, CISO Lim Siaw Liang needed a solution that would reduce operational complexity while enabling the bank's expansion into new markets. The bank consolidated its security stack on Zscaler's Zero Trust Exchange platform, implementing unified data security across endpoints, email, and cloud applications. This transformation eliminated the need to publish public IP addresses, reduced attack surface through application segmentation, and enabled flexible branch expansion without traditional network constraints. The bank is now exploring Zscaler's vulnerability management capabilities to gain real-time visibility into security gaps and accelerate remediation efforts.

Chapters

0:00 - Hibank's Digital Banking Mission
0:16 - Legacy Infrastructure Challenges
0:44 - Operational Efficiency Gains
1:05 - Data Loss Prevention Implementation
1:49 - Attack Surface Reduction
2:17 - Future Vulnerability Management Plans

Key Quotes

0:27 "In Zscaler, all of the features are sitting under one tool."
0:34 "In HiBank, our size is only 600, and then the security operation here is less than 5% to manage the overall cybersecurity tools within the bank."
1:49 "With Zscaler, attack surface, we don't need to worry because they're doing a proxy there. So any attacker, they don't know the exact IP address or original IP address behind the VPN."

FAQ

How did Zscaler help Hibank reduce its attack surface?

Zscaler eliminated the need to publish public IP addresses to external networks by acting as a proxy. This prevents attackers from discovering and targeting the bank's actual infrastructure, reducing reconnaissance attempts and allowing the SOC team to focus on protecting the data center rather than filtering external noise.

Categories:

Tags:

Show more Show less

Browse videos

Upcoming Webinar Calendar

06/30/2026

01:00 PM

06/30/2026

Master Active Directory Certificate Services and Maintain Your Edge

https://www.truthinit.com/index.php/channel/2018/master-active-directory-certificate-services-and-maintain-your-edge/
07/01/2026

04:00 AM

07/01/2026

Integrating Security in AI: Automated Red Teaming Strategies for Private Models

https://www.truthinit.com/index.php/channel/1969/integrating-security-in-ai-automated-red-teaming-strategies-for-private-models/
07/01/2026

04:00 AM

07/01/2026

Schutz von KI in Anwendungen, Agenten und APIs.

https://www.truthinit.com/index.php/channel/2008/schutz-von-ki-in-anwendungen-agenten-und-apis/
07/01/2026

01:00 PM

07/01/2026

How to Prevent Your AI from Outsmarting You

https://www.truthinit.com/index.php/channel/2021/how-to-prevent-your-ai-from-outsmarting-you/
07/02/2026

10:00 AM

07/02/2026

Resilience Insights from Hybrid Threats in a Dark Cloud Environment

https://www.truthinit.com/index.php/channel/2011/resilience-insights-from-hybrid-threats-in-a-dark-cloud-environment/
07/08/2026

02:00 PM

07/08/2026

Understanding the Crucial Role of Context in AI Data

https://www.truthinit.com/index.php/channel/2037/understanding-the-crucial-role-of-context-in-ai-data/
07/09/2026

01:00 PM

07/09/2026

The HUMAN Experience: Empowering Agentic Trust in Practice

https://www.truthinit.com/index.php/channel/2026/the-human-experience-empowering-agentic-trust-in-practice/
07/14/2026

01:00 PM

07/14/2026

Crafting a Championship-Worthy Security Team for Maximum Defense Effectiveness

https://www.truthinit.com/index.php/channel/2025/crafting-a-championship-worthy-security-team-for-maximum-defense-effectiveness/
07/21/2026

04:00 AM

07/21/2026

Strategies for Managing AI Governance and Securing App-to-LLM API Traffic

https://www.truthinit.com/index.php/channel/1967/strategies-for-managing-ai-governance-and-securing-app-to-llm-api-traffic/
07/21/2026

01:00 PM

07/21/2026

HUMAN Dialogue: Insights from Attackers During the FIFA World Cup

https://www.truthinit.com/index.php/channel/2029/human-dialogue-insights-from-attackers-during-the-fifa-world-cup/
07/22/2026

06:30 AM

07/22/2026

Insights and Strategies from the DPDP Webinar

https://www.truthinit.com/index.php/channel/2000/insights-and-strategies-from-the-dpdp-webinar/
07/28/2026

01:00 PM

07/28/2026

Illumio + Netskope: Zero Trust in the Age of AI Autonomy

https://www.truthinit.com/index.php/channel/2031/illumio-netskope-zero-trust-in-the-age-of-ai-autonomy/
07/29/2026

04:00 AM

07/29/2026

Real-Time Strategies for Safeguarding Against Prompt Injections

https://www.truthinit.com/index.php/channel/1968/real-time-strategies-for-safeguarding-against-prompt-injections/
08/19/2026

12:00 PM

08/19/2026

Get Prepared to Thrive as an Agent in Just 30 Days

https://www.truthinit.com/index.php/channel/2036/get-prepared-to-thrive-as-an-agent-in-just-30-days/
09/30/2026

04:00 AM

09/30/2026

AI Command Center: Optimizing Visibility and Control in Your Operations

https://www.truthinit.com/index.php/channel/2024/ai-command-center-optimizing-visibility-and-control-in-your-operations/