About the customer
Landsbankinn is one of Iceland’s leading financial institutions, operating in a highly regulated environment where operational resilience, information security, and customer trust are fundamental business priorities.
As a financial institution subject to international security standards and evolving European regulatory frameworks, the bank requires continuous visibility into its technical exposure and a structured, risk-based approach to vulnerability management.
We spoke to the Cyber Security Officer at Landsbankinn about how Outpost24 solutions have helped protect the bank and ensure they remain compliant.
Industry
Banking
Employees
1,200
Customer Since:
2014
Industry
Banking
Employees
1,200
Customer Since:
2014
Services Used
Landsbankinn Strengthens Continuous Exposure Management with Outpost24
Regulations and Compliance
Over the past decade, the cyber threat landscape has undergone significant changes. Attack surfaces have expanded, attacker capability has matured, and regulatory expectations for financial institutions have increased.
Frameworks such as ISO/IEC 27001 and the EU’s Digital Operational Resilience Act (DORA) require:
- Continuous identification and management of ICT risk
- Evidence-based governance and oversight
- Demonstrable control effectiveness
- Ongoing improvement of security posture
Point-in-time security assessments are no longer sufficient. Financial institutions must maintain continuous monitoring and risk-based prioritization to ensure operational resilience and compliance.
Our customer comments, “Compliance is a top priority for us, and maintaining continuous visibility into both internal and external threats is critical. Outpost24 supports our audit readiness by providing structured visibility and reporting that integrates into our broader compliance and governance framework.”
The Challenge for Landsbankinn
Landsbankinn required a vulnerability management solution that would provide continuous visibility into both internal and external vulnerabilities while enabling prioritization based on real business risk. Our customer comments, “The platform needed to integrate seamlessly into our existing operational and governance processes, deliver structured reporting suitable for management oversight and audit requirements, and support long-term security maturity rather than functioning as an isolated technical scanning tool.” In addition, Landsbankinn required a solution capable of evolving with the shifting threat landscape and changing regulatory obligations, ensuring sustained effectiveness and compliance over time.
Landsbankinn has worked with Outpost24 since 2014. Over time, the engagement has evolved from periodic vulnerability scanning to a continuous, risk-based exposure management model. The Cyber Security Officer at Landsbankinn says, “The platform delivers continuous monitoring of our internal and external attack surfaces with risk-based findings for us to prioritize risks effectively. It’s easy to use and delivers continuous visibility along with structured reporting and comprehensive historical trend analysis.”
Our customer continues, “The solution is integrated into our operational security processes, enabling findings to be managed within our established remediation workflows.”
How Outpost24 Supports Landsbankinn
The partnership with Outpost24 has significantly strengthened Landsbankinn’s ability to manage and mature its security posture. By implementing a continuous and structured approach to vulnerability management, the organization has gained meaningful, organization wide visibility into technical weaknesses across its infrastructure. This ongoing insight reduces the likelihood of unknown exposures and ensures that risks are identified before they can escalate into exploitable issues.
Rather than reacting to raw vulnerabilities, Landsbankinn now operates with a clear, risk-based focus. Our customer comments, “Our remediation efforts are prioritized according to actual risk exposure, enabling technical teams to concentrate on the vulnerabilities that matter most to the business. This targeted approach optimizes resources, shortens response times, and drives more effective risk reduction.”
Governance has also been strengthened. The platform provides structured, reliable reporting for management and auditors, demonstrating active monitoring and disciplined remediation practices. This transparency enhances internal accountability while reinforcing stakeholder confidence driven by measurable insights.
Red Teaming
With the addition of red teaming assessments from Outpost24, Landsbankinn were able to experience a real-world attack simulation that mirrored the tactics, techniques, and procedures used by modern threat actors. These engagements went beyond traditional vulnerability testing by emulating sophisticated adversaries leveraging social engineering, credential compromise, lateral movement, privilege escalation, and data exfiltration techniques. This approach enabled Landsbankinn to identify not only technical weaknesses within their infrastructure, applications, and endpoints, but also helped the security team to quickly identify gaps in detection capabilities, incident response processes, and internal security awareness. By testing people, processes, and technology in a controlled but realistic scenario, Landsbankinn gained valuable insight into how effectively its security controls performed under pressure, where response times could be improved, and how resilience internally can be strengthened to secure against real-world threats.
Our customer comments, “Red team assessments conducted by Outpost24 are a critical component of our security program. The red team engagements provide our internal teams with actionable insights to strengthen detection and response capabilities.”
Alignment with Regulatory Expectations
The solution also supports Landsbankinn’s regulatory and governance obligations by embedding security best practices directly into operational processes. It contributes to continuous ICT risk identification in alignment with DORA requirements, strengthens structured vulnerability management processes consistent with ISO 27001 principles, and enables evidence-based reporting and management review.
Rather than functioning as a simple compliance checkbox, the Outpost24 platform operates as an integrated supporting control within the bank’s broader risk management framework. It reinforces resilience, improves accountability, and ensures that regulatory alignment is achieved through genuine operational improvement rather than periodic assessment alone.
“Landsbankinn’s continued collaboration with Outpost24 reflects an evolution in both technology and security strategy over the past ten years. What began as vulnerability scanning, has developed into a more mature, continuous exposure management capability integrated into our daily operations. As regulatory expectations and cyber threats continue to evolve, the focus remains on resilience, risk transparency, and measurable improvement.”
Cyber Security Officer, Landsbankinn