Case Study: Canadian Automobile Association (CAA) achieves centralized, PCI-compliant SIEM and log management with LogRhythm

Sister organizations pool their resources to share SIEM and logging

Five Canadian Automobile Association (CAA) clubs pooled funds to meet PCI logging and SIEM requirements after individual purchases proved too costly. Faced with vendors unwilling to support a shared deployment, the five clubs — CAA Saskatchewan, Manitoba, Atlantic, Niagara and North & East Ontario — sought a solution that delivered enterprise-grade features without quintuple the expense.

They implemented LogRhythm’s multi‑tier SIEM hosted at CAA Saskatchewan, using agents and VPNs to centralize logs for analysis and alerting. The shared system gave each club richer functionality at one‑fifth the cost, rapid deployment (about 40 total man‑hours), PCI QSA‑approved compliance, consolidated reporting and audit trails, and improved incident correlation and troubleshooting.

CAA

Paul Schubert

Director of Technology Services