In Sweden, heightened cybersecurity laws left public sector organizations struggling to raise their IT security profiles. Atea, a leading provider of IT infrastructure, used the IBM® QRadar® Security Information and Event Management (SIEM) platform to build security operations center (SOC) solutions that can be deployed and tuned in less than six months, improving time to value by more than a year.
With increased cyberattacks on critical infrastructure, the European Union (EU) heightened security requirements, leaving small and midsized organizations struggling to improve their security profiles.
Atea built a platform based on the QRadar SIEM solution to help small and midsized organizations meet growing cybersecurity demands and quickly deploy SOCs on premises or from its certified data center.
Cyberattacks that target essential public services—like power and water supplies—are growing with alarming frequency. Public companies that provide these services are often the most vulnerable. If IT security departments lack the tools, time and security expertise required to effectively manage threats, incidents can go undetected and pose serious risks to a community.
Every day, cybercriminals infiltrate networks around the world with increasingly sophisticated methods—in fact, accessing a network with compromised credentials was the top tactic used by hackers in data breaches over the last year¹ (PDF, link resides outside of ibm.com), and 53 percent of organizations have experienced an insider threat in the last 12 months. As more than 99 percent of attacks leave traces on the network³ (PDF, link resides outside of ibm.com), every company requires superior security tools that can detect, analyze and respond to threats in real time.
Atea, Sweden’s leading provider of IT infrastructure and services, saw a need in the market to ensure that small and midsized organizations—particularly public sector companies—had access to security tools that could detect malicious attacks. Facing heightened requirements mandated by the EU’s Network and Information Security Directive, providers of critical services in energy, transportation, banking, finance, healthcare, water supply and digital infrastructure sectors needed to better safeguard people and essential resources by enhancing IT security.
Atea chose the QRadar SIEM solution as the foundation for its SOC as a service platform because of its superior tools for incident detection and response to advanced and unknown threats. Using out-of-the-box capabilities in the QRadar SIEM solution for integration and automation, Atea can quickly deploy and tune a SOC for a customer on premises or in the company’s certified data center. With a staff of 30 highly trained security experts, Atea customers benefit from around-the-clock monitoring of their environments and guidance to continually elevate their security postures.
“Most of our customers have never had the capacity for good incident detection,” says Gustav Rydmark, Atea Managed Security Services Engineer. “One of the main reasons we chose QRadar for our SOC solution is that you can take a customer from no operational security all the way up to a very mature security posture using the same platform.”
The Atea solution delivers built-in network traffic analysis competencies in QRadar to help customers analyze network data in real-time to quickly detect and respond to malware attacks, insider threats and phishing campaigns. The IBM QRadar User Behavior Analytics (UBA) solution provides customers with greater visibility into their IT environments. The UBA tool uses machine-learning to analyze user behavior, track suspicious activity and detect potential incidents—for example, insider threats such as users accessing the network from a previously unused location, or a user performing job functions outside of his or her role.
Atea anticipates incorporating AI technologies such as machine learning, cognitive and natural language processing to enable analysts to respond to threats with greater confidence, consistency and speed. The IBM QRadar Advisor with Watson solution uses automation for routine SOC tasks and provides actionable feedback to analysts to help reduce incident investigation time from days and weeks to minutes or hours.
With the QRadar SIEM solution, Atea gained the ability to deploy and tune a SOC solution for a customer in less than six months, improving time to value by more than a year. Atea can deliver a cost-efficient solution to customers, taking advantage of the out-of-the-box capabilities for integration and automation in the QRadar SIEM offering to help customers clean up their environments and continually build advanced means for detection and response.
With 70 percent of its customers in the public sector, Atea provides a critical need in Sweden by helping to ensure that organizations that provide essential services are protected.
“Atea’s SOC as a service isn’t just about compliance,” says Albin Zuccato, Head of Cybersecurity at Atea. “It’s about social responsibility. Atea is a very large provider of IT solutions in the public and private sector, and with that comes responsibility. We built the solution so it would be accessible for all sizes of clients at a reasonable cost.”
Atea (link resides outside of ibm.com) is the market leader in IT infrastructure for businesses and public-sector organizations in Europe’s Nordic and Baltic states. The company has 7,400 employees and 4,000 consultants located in 87 offices across Sweden, Norway, Denmark, Finland, Lithuania, Latvia and Estonia. Atea is committed to building a sustainable future for customers and the community at large.
Legal
© Copyright IBM Corporation 2019. IBM Corporation, IBM Security, New Orchard Road, Armonk, NY 10504
Produced in the United States of America, May 2019.
IBM, the IBM logo, ibm.com, QRadar, and Watson are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the web at “Copyright and trademark information” at ibm.com/legal/copyright-trademark.
This document is current as of the initial date of publication and may be changed by IBM at any time. Not all offerings are available in every country in which IBM operates.
The performance data and client examples cited are presented for illustrative purposes only. Actual performance results may vary depending on specific configurations and operating conditions. THE INFORMATION IN THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING WITHOUT ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OR CONDITION OF NON-INFRINGEMENT. IBM products are warranted according to the terms and conditions of the agreements under which they are provided.
The client is responsible for ensuring compliance with laws and regulations applicable to it. IBM does not provide legal advice or represent or warrant that its services or products will ensure that the client is in compliance with any law or regulation.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.