Laya Healthcare is the second largest provider of private medical insurance here in
Ireland and that means we're protecting over half a million members' lives.
It means that when they take out insurance that they are relying on us
then if they are ill and have to go into hospital Laya Healthcare will look
after their insurance needs during that period. The challenge is the
volume of data that's there in security event logs, when you look at your
firewalls, when you look at your web firewalls, your physical firewalls.
We have web servers which are public-facing which people can
join online and do member-service online. Then you look at all your internal
infrastructure, your data, your virtualisation, there's your hardware,
your network layer, there is an incredible volume of security
information there and how can you tell that this event over here and that
event over there are actually correlated? You can't really and we don't
have the resources to keep throwing people as we get new systems in and
we're installing new systems every quarter so those systems need to be
mapped out and then understood by a security event manager. When Smarttech engaged with
Laya Healthcare for cyber security services, it became obvious that Laya
had invested in best-of-breed business intelligence platforms. These platforms
process large volumes of sensitive data on a daily basis. Securing this data
was a key priority for the leadership team. They wanted a simple solution that
was straightforward to deploy that could crunch large volumes of data and it
could most importantly give real-time visibility into the organisation's
overall risk and security posture. We looked at a range of different
technologies and we used Gartner's Magic Quadrant to look and see
which technologies are particularly strong in this area and
we had always known of Smarttech so we began the conversation with Smarttech because
they were able to provide the QRadar technology. As we see in Smarttech
organizations are wrestling with three core challenges. Firstly, the volume
and the sophistication of malware. Secondly, the complexity of network
architecture, the adoption of cloud and the question of where is it that our
data sits and who's accessing that data. Thirdly, the skills and the lack thereof
for implementation, for management, for monitoring of all of the various
technology platforms so Smarttech and QRadar SIEM solution allow Laya Healthcare
to address all these problems by identifying the more sophisticated cyber
attacks through advanced correlation driving vulnerability management with
QVM and consolidating multiple security feeds, AntiVirus, IPS, apt technologies
into a single pane of glass for real-time Security Intelligence. Smarttech
came on board with us initially that they were really advising us on
the correct type of technology and the correct way to implement it and what
would be the process and that was done from the first days really in terms of
this is what you would do so it wasn't an actual engagement where we were
paying for the advice we were getting but as we moved forward once we evaluated all the
different technologies Smarttech were an obvious choice for us in terms of a
company that had worked with us on that journey to work out exactly what we
needed. Securing today's business environment requires a fresh approach
and organizations need visibility across the entire security timeline. They need
have the ability to assess risk in real time, they need to be able to correlate
all of their security feeds, manage and understand vulnerabilities and
deploy forensics when required and I guess ultimately understand anomalous
behavior within their network. QRadar is a simple solution that delivers all of this
functionality for Laya Healthcare and allows them to concentrate on their core
business
When we started installing IBM QRadar with Smarttech the initial
implementation took about 3 months and these
solutions are not
something you bring in, you turn a switch and all of a sudden it's
magically installed so as you install you begin to see more and more and
you'll understand more and more about your own infrastructure. It takes
time then to go away and remediate something or improve something and
then you go back to QRadar and you say okay we've got that done now. It gave us
was two-fold: at a business level it gave us better visibility of
what was going on within our networks within our infrastructure so that we're
assured we've got the level of protection we want to apply. At a
technical level it gave us tremendous visibility into all of the security
event logs and as with every IT shop there's an
awful lot of security events and it's very difficult to stay on top of it.