KBC has been providing banking services in Ireland for over 40 years. For much of that time they focused primarily on wholesale finance, but they have recently transformed themselves into a full service challenger retail bank.
The bank has 15 hubs around Ireland and this is supported with their leading edge digital offering for consumers through their apps and website. They plan to expand these services over the next two years and into the future.
The challenge: meeting key PCI standards and enhancing security posture
At KBC, client security is at the heart of their business. As a result, a robust risk management strategy supports their offering of appropriate, fair and sustainable products and services.
In line with a company culture that aims to continually improve security levels and exceed strict PCI (Payment Card Industry) compliance and regulations, the bank conducted a company-wide cyber risk project, to ensure they were as protected as possible.
Even though they found that their existing SIEM (Security Information and Event Management) system was fit for purpose, KBC decided to implement an even more comprehensive solution.
The solution: IBM QRadar SIEM provides comprehensive security intelligence
Careful research led to a shortlist of on-premise SIEM solutions and providers. The final decision about which to choose was made much easier following Zinopy’s proof of concept of IBM’s QRadar solution.
IBM QRadar Security Intelligence Platform products provide a unified architecture for integrating security information and event management, log management, anomaly detection, incident forensics and configuration and vulnerability management.
Zinopy worked closely with KBC Bank, setting objectives for the introduction of IBM QRadar into their systems, pinpointing critical success factors for the rollout and usage of the software, and planning to ensure those factors were achieved.
Key benefits: Improved visibility to act on potential threats, time saving and ease of integration.
IBM QRadar products are designed to provide advanced threat detection, greater ease of use and lower total cost of ownership.
Research shows that after deploying IBM QRadar, users experience the following benefits:
- Average time to detect compromises – Decreased / significantly decreased
- False positive rates – Decreased / significantly decreased
- Average time to contain compromises – Decreased / significantly decreased
(From Ponemon Institute study: IBM QRadar Security Intelligence: Evidence of Value Feb 2014.)
Paul Collins, Information Security Officer and Head of ICT Risk at KBC, believes that a major benefit of working with Zinopy and introducing IBM QRadar has been the ease of integrating the solution into current systems.
There have been other valuable benefits, too. “Our greatest saving is time,” Paul explained, “and being able to spot potential risks and respond quickly before they become incidents.” Zinopy’s John Ryan agreed, adding that in doing so, ‘IBM QRadar also enables KBC to protect their brand, a valuable asset.’
A key feature of IBM QRadar is its ability to expand to match an organisation’s growing needs.
So far, KBC has integrated 150 systems into IBM QRadar, and they aim to continue retiring legacy systems and introducing the solution across their core banking system.
With IBM QRadar now such a key element of the bank’s security framework, KBC’s Paul Collins summed up its value to the organisation, “It’s hard to imagine our processes working without it.”
Download the PDF Case Study: Zinopy KBC Case Study - July 2016