IBM Case Studies Regional bank Reclassifying a false positive security event triggers a service provider change

Edit This Case Study Record

	Regional bank Reclassifying a false positive security event triggers a service provider change IBM

Regional bank Reclassifying a false positive security event triggers a service provider change

IBM

Technology Category	Cybersecurity & Privacy - Network Security
Applicable Industries	Finance & Insurance
Applicable Functions	Business Operation
Use Cases	Cybersecurity
Services	Cybersecurity Services System Integration
Challenge	The regional bank was facing a challenge with its existing managed security services provider, which had misidentified an attack as a high external network threat. This misidentification revealed the bank's need for an advanced solution that could detect insider threats. The original investigation consumed 3 hours and produced 300 alerts, 100 emails, 3 phone calls, but no resolution. The bank needed a solution that could accurately identify and resolve security threats in a timely manner. Read More
About Customer	The customer is a regional bank located in the United States. The bank operates 60 branches and manages security with a small internal team augmented by managed security services. The bank was using a managed security services provider for its security needs. However, the provider misidentified an attack as a high external network threat, revealing the bank's need for an advanced solution that could detect insider threats. Read More
Solution	The bank decided to switch to IBM QRadar SIEM, delivered by IBM Business Partner CarbonHelix managed security services. IBM QRadar SIEM is an advanced solution that provides a 360-degree view of the network, both internally and externally. It is capable of accurately identifying and resolving security threats in a timely manner. In this case, the IBM QRadar SIEM was able to identify the cause of the security attack in just 5 minutes. The cause was found to be a non-threat resulting from a common network configuration problem caused by an unscheduled network change. Read More Log in to view content
Contents

Technology Category

Cybersecurity & Privacy - Network Security

Applicable Industries

Finance & Insurance

Applicable Functions

Business Operation

Use Cases

Cybersecurity

Services

Cybersecurity Services

System Integration

Challenge

The regional bank was facing a challenge with its existing managed security services provider, which had misidentified an attack as a high external network threat. This misidentification revealed the bank's need for an advanced solution that could detect insider threats. The original investigation consumed 3 hours and produced 300 alerts, 100 emails, 3 phone calls, but no resolution. The bank needed a solution that could accurately identify and resolve security threats in a timely manner.

About Customer

The customer is a regional bank located in the United States. The bank operates 60 branches and manages security with a small internal team augmented by managed security services. The bank was using a managed security services provider for its security needs. However, the provider misidentified an attack as a high external network threat, revealing the bank's need for an advanced solution that could detect insider threats.

Solution

The bank decided to switch to IBM QRadar SIEM, delivered by IBM Business Partner CarbonHelix managed security services. IBM QRadar SIEM is an advanced solution that provides a 360-degree view of the network, both internally and externally. It is capable of accurately identifying and resolving security threats in a timely manner. In this case, the IBM QRadar SIEM was able to identify the cause of the security attack in just 5 minutes. The cause was found to be a non-threat resulting from a common network configuration problem caused by an unscheduled network change.

Impact #1	The bank now has an improved security posture with a more advanced managed SIEM solution.
Impact #2	The bank can now resolve the cause of a security attack in just 5 minutes, compared to the previous 3 hours.
Impact #3	The bank now has a 360-degree view of its network, both internally and externally, with IBM QRadar and CarbonHelix.

Impact #1

The bank now has an improved security posture with a more advanced managed SIEM solution.

Impact #2

The bank can now resolve the cause of a security attack in just 5 minutes, compared to the previous 3 hours.

Impact #3

The bank now has a 360-degree view of its network, both internally and externally, with IBM QRadar and CarbonHelix.

Benefit #1	Reduced time to resolve security attack from 3 hours to 5 minutes.
Benefit #2	Reduced number of alerts from 300 to a manageable number.

Benefit #1

Reduced time to resolve security attack from 3 hours to 5 minutes.

Benefit #2

Reduced number of alerts from 300 to a manageable number.

Download PDF Version

Overview

Regional bank Reclassifying a false positive security event triggers a service provider change

Operational Impact

Quantitative Benefit