With a SIEM system, critical infrastructure company has its cyber risks under control

Cybersecurity
Power and Distribution
The customer used to record logs in a technology infrastructure environment; however, the data was collected in multiple databases, and there was no analytical tool that would allow these basic reports to be put into context and thus allow for the identification of relevant security incidents. The company’s management therefore decided to deploy a technologically advanced and comprehensive Security Information and Event Management (SIEM) solution.
Case study was published 12.06.2023

background

  • The client is responding to the growing threat of cyberattacks, which in extreme casesmay result in a complete shutdown in power supply.
  • The company did not have a tool to collect logs important for evaluating security risksand operation issues.
  • They lacked the ability to correlate different events, analytics, and incidentinvestigation and audit trails.
  • Compliance with new legislative requirements imposed by the Cybersecurity Act washard to achieve.

solution

  • The QRadar system for recording, evaluating, and managing security incidents (SIEM).
  • An analysis and the integration of QRadar with the IT and OT infrastructure for comprehensive log collection.
  • The development and setup of dozens of different customer-specific security and operational scenarios for the SIEM system to respond to.
  • The implementation of the Watson artificial intelligence add-on to support the aggregated data correlations and analysis.

benefits

Increased protection against cyber risks and the elimination of operational issues that could result in service outages.

An easier job for administrators and security specialists.

Automated risk alerts derived from the infrastructure data and event analysis.

The secure storage of logs with the ability for retrospective evaluation, auditing, and reporting.

Read more
Back to list