IBM > Case Studies > Regional bank Reclassifying a false positive security event triggers a service provider change

Regional bank Reclassifying a false positive security event triggers a service provider change

IBM Logo
Customer Company Size
Mid-size Company
Region
  • America
Country
  • United States
Product
  • IBM QRadar SIEM
Tech Stack
  • Security Information and Event Management
Implementation Scale
  • Enterprise-wide Deployment
Impact Metrics
  • Productivity Improvements
  • Customer Satisfaction
Technology Category
  • Cybersecurity & Privacy - Network Security
Applicable Industries
  • Finance & Insurance
Applicable Functions
  • Business Operation
Use Cases
  • Cybersecurity
Services
  • System Integration
  • Cybersecurity Services
About The Customer
The customer is a regional bank located in the United States. The bank operates 60 branches and manages security with a small internal team augmented by managed security services. The bank was using a managed security services provider for its security needs. However, the provider misidentified an attack as a high external network threat, revealing the bank's need for an advanced solution that could detect insider threats.
The Challenge
The regional bank was facing a challenge with its existing managed security services provider, which had misidentified an attack as a high external network threat. This misidentification revealed the bank's need for an advanced solution that could detect insider threats. The original investigation consumed 3 hours and produced 300 alerts, 100 emails, 3 phone calls, but no resolution. The bank needed a solution that could accurately identify and resolve security threats in a timely manner.
The Solution
The bank decided to switch to IBM QRadar SIEM, delivered by IBM Business Partner CarbonHelix managed security services. IBM QRadar SIEM is an advanced solution that provides a 360-degree view of the network, both internally and externally. It is capable of accurately identifying and resolving security threats in a timely manner. In this case, the IBM QRadar SIEM was able to identify the cause of the security attack in just 5 minutes. The cause was found to be a non-threat resulting from a common network configuration problem caused by an unscheduled network change.
Operational Impact
  • The bank now has an improved security posture with a more advanced managed SIEM solution.
  • The bank can now resolve the cause of a security attack in just 5 minutes, compared to the previous 3 hours.
  • The bank now has a 360-degree view of its network, both internally and externally, with IBM QRadar and CarbonHelix.
Quantitative Benefit
  • Reduced time to resolve security attack from 3 hours to 5 minutes.
  • Reduced number of alerts from 300 to a manageable number.

Case Study missing?

Start adding your own!

Register with your work email and create a new case study profile for your business.

Add New Record

Related Case Studies.

Contact us

Let's talk!
* Required
* Required
* Required
* Invalid email address
By submitting this form, you agree that IoT ONE may contact you with insights and marketing messaging.
No thanks, I don't want to receive any marketing emails from IoT ONE.
Submit

Thank you for your message!
We will contact you soon.