Case Study: Regional US Bank achieves 5-minute incident resolution and 360° network visibility with IBM QRadar and CarbonHelix

Reclassifying a false positive security event triggers a service provider change

Regional US Bank, a U.S. regional bank operating 60 branches with a small internal security team augmented by managed services, faced a critical challenge when its existing provider misidentified an incident as a “high” external network threat. To gain better internal visibility and detect insider threats, the bank turned to IBM—implementing IBM QRadar SIEM with managed security services delivered by IBM Business Partner CarbonHelix.

IBM, using IBM QRadar SIEM and CarbonHelix managed services, pinpointed the true cause in 5 minutes—a benign network configuration issue from an unscheduled change—versus the prior 3-hour investigation that generated 300 alerts, 100 emails and 3 phone calls with no resolution. The solution provided a 360-degree view of internal and external network activity, improved the bank’s security posture with a more advanced managed SIEM, and dramatically reduced investigation time from 3 hours to 5 minutes.