August 3, 2015 By Jay Bretzmann 3 min read

Why Security Intelligence?

Talk to people about analyzing security data and you’ll likely hear story after story about how many were quickly overwhelmed, overloaded and overtaxed while searching through millions of data points. Security intelligence, such as security information and event management (SIEM), is actually done best when more data is collected rather than just the obligatory logs from assets, applications and data sources associated with regulatory compliance mandates. But more data usually means longer searches and potentially uncorrelated data points that end up being false positives.

That’s where a security intelligence platform and similar security solutions can help. Programs like IBM’s QRadar were designed with a cohesive architecture so all the modules share a common code base and development framework. They also use automatic sensing of SYSLOG devices to take the sting out of initial deployments, while monitoring capabilities help identify network assets and register them as enterprise resource planning (ERP) servers, email servers, chat servers, etc.

Download the complete Client Study to learn more

Finding the Right Solutions

IT security teams often want to use the same Web-based console interface to operate all the log management, SIEM, risk and vulnerability management and forensics investigations components involved in the day-to-day operations of an enterprise. This all sounds good, but during the request for proposal (RFP) process, prospects want to know more about what it really takes to deploy, tune and maintain a security intelligence environment. What special data analytics skills and experience are required? What does it take to apply a security solution?

Those are broad questions that span elements of time, skills and infrastructural resources. It’s like asking, “What does it take to win the Boston Marathon?” Or, “How fast do you need to be to win a gold medal at the world championships?” And then there are other special talents that are required to achieve success. So the answers depend a lot upon the dimensions of your environment and the people you’re able to attract for security purposes.

What better way to answer these questions than to hire an IT security research organization and have it conduct a study of the security intelligence solution installed on a base of clients? IBM did just that, asking the Ponemon Institute to poll its RIM Council and provide a statistically valid assessment of many QRadar operational metrics and user experiences.

Understanding the User Experience

What IBM discovered was an essential validation of insights collected from customers and sellers over the last several years. Their feedback indicated QRadar delivered quick time to value, had terrific out-of-the-box content and required a very minimal amount of professional services to become fully operational. In most cases, no services were required at all.

Clients also described how they were able to reduce dedicated IT security head count and eliminate many point solution products as a result of deploying QRadar. It’s now even easier with cloud-based security intelligence, which allows a third-party security provider to manage the security infrastructure for you.

Download: Ponemon Institute’s IBM QRadar Security Intelligence Client Study

Read the full study and see if your organization can benefit from the security intelligence dynamics. What if your team only had to conduct 15 security investigations per day? Are you overwhelmed, overloaded or just using the wrong solution? The results may be able to shed some light on your needs, increase the efficiency of your operations and improve your overall security environment.

If you would like to learn even more about how to use IBM Security intelligence and analytics to protect your business data, we invite you to watch this presentation from a recent IBM event:

https://www.youtube.com/watch?v=BJIoriDQx-c

 

More from Intelligence & Analytics

New report shows ongoing gender pay gap in cybersecurity

3 min read - The gender gap in cybersecurity isn’t a new issue. The lack of women in cybersecurity and IT has been making headlines for years — even decades. While progress has been made, there is still significant work to do, especially regarding salary.The recent  ISC2 Cybersecurity Workforce Study highlighted numerous cybersecurity issues regarding women in the field. In fact, only 17% of the 14,865 respondents to the survey were women.Pay gap between men and womenOne of the most concerning disparities revealed by…

Protecting your data and environment from unknown external risks

3 min read - Cybersecurity professionals always keep their eye out for trends and patterns to stay one step ahead of cyber criminals. The IBM X-Force does the same when working with customers. Over the past few years, clients have often asked the team about threats outside their internal environment, such as data leakage, brand impersonation, stolen credentials and phishing sites. To help customers overcome these often unknown and unexpected risks that are often outside of their control, the team created Cyber Exposure Insights…

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today