IBM Watson for Cyber Security Powers Smarttech’s Security Operation Center
Powered by IBM QRadar Advisor with Watson, Smarttech’s SOC now takes advantage of the cognitive capabilities of Watson along with industry leading IBM Security QRadar Security Analytics Platform to uncover hidden threats and automate insights. IBM has trained Watson on the language of cyber security, with the system ingesting over one million security documents, and can now help security analysts with insights from hundreds of thousands of natural language research sources that have never before been accessible to modern security tools.
Smarttech was looking for an intuitive solution to better manage an industry-wide workforce shortage of security analysts, and sought to augment the skills of its security team to stay ahead of ever evolving cyber threats targeting customers. As part of its roll out of IBM QRadar Advisor with Watson, Smarttech found that the tool provided valuable additional perspective beyond what their analysts had initially discovered, highlighting new observations that the analysts had overlooked in about 20 percent of incidents.
“It’s not man versus machine—they very much work hand and hand,” said Ronan Murphy, CEO, Smarttech. “Our analysts continue to play a critical role in evaluating a cyber security incident, while Watson for Cyber Security enforces their decisions and validates what they are sharing with the customer at risk. It enables security analysts to deliver faster and more accurate details on a breach, so we may better protect our customers.”
IBM QRadar Advisor with Watson can help security teams respond to threats through the following:
- Visibility into elements of a security incident – while investigating an incident, QRadar Advisor first gathers greater context about that incident by mining local data available in QRadar.
- Formulate a threat research strategy - QRadar Advisor formulates a threat query to send to Watson for Cyber Security, to perform external knowledge and threat discovery on discrete observations from the incident.
- Threat research - Watson for Cyber Security taps its knowledge base of unstructured data and uses cognitive reasoning to discover additional insights and other threat entities related to the original incident.
- Apply intelligence to understand the threat - QRadar Advisor refines information it receives from Watson, to zero in on the key insights relevant to the current incident. It validates the source of the offense and provides additional context to identify and understand the threat.
For more information on Watson for Cyber Security and the IBM Cognitive SOC, visit: http://www-03.ibm.com/security/cognitive/
Smarttech is a 24/7 cyber security organization that provides innovative solutions to global companies. The Smarttech SOC (Security Operations Centre) is ISO9001/ISO27001 NSAI certified and it delivers a wide range of cybersecurity solutions, including cognitive security services using IBM Watson for Cybersecurity. Our innovative services are designed to enhance the efficacy of your security infrastructure and deliver business-sensitive cyber security solutions that build and optimize your protection, detection and remediation strategies. For more information please visit www.smarttech247.com or follow us on Twitter @Smarttech247
About IBM Security
IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio, supported by world-renowned IBM X-Force research, provides security intelligence to help organizations holistically protect their people, infrastructures, data and applications, offering solutions for identity and access management, database security, application development, risk management, endpoint management, network security and more. IBM operates one of the world’s broadest security research, development and delivery organizations, monitors billions of security events per day in more than 130 countries, and holds more than 3,500 security patents. For more information, please visit www.ibm.com/security, follow @IBMSecurity on Twitter or visit the IBM Security Intelligence blog.