Rallying troops against cybercrime with QRadar SIEM – IBM Blog

Cybersecurity is everyone’s business—as it should be, given the staggering surge in cyberattacks. Today, these attacks exhibit an unprecedented level of frequency, ingenuity and speed.

The cyberthreat landscape is evolving and countries such as India are facing an alarming rate of increase in cyberattacks (Q2 of 2023 saw a 90% increase). Driven by accelerated hybrid cloud adoption and digital transformation efforts, the region is currently a beacon of innovation and a battleground for cyberthreats. This is creating more attack opportunities and vulnerabilities for businesses than ever before.

The IBM Security® X-Force® Threat Intelligence Index 2023 revealed that Asia Pacific experienced the most attacks globally (31% of total incidents X Force responded to) for the second year in a row. Backdoor deployments, which enable remote access to systems, were the most common type of attacker action that X-Force incident responders handled. Furthermore, 21% of incidents saw backdoors deployed, 17% of attacks were ransomware and 41% of incidents involved phishing for initial access.

These attacks have an exponentially ascending impact on the reputation and bottom line of businesses. IBM’s 2023 Cost of a Data Breach report reveals that the average cost of a data breach in India has increased to an all-time high of INR 179 million in 2023, which is approximately a 28% increase since 2020.

As cyberthreats continue to grow in number, severity and complexity, investing in cybersecurity for Indian organizations to ensure robust provisions is the need of the hour. Businesses, regardless of their size, are recognizing the importance of a solid security strategy—especially having a strong SOC. Some are investing in expensive security infrastructure and setting up internal security teams. However, these teams often lack the expertise, skills and resources to effectively combat increasingly sophisticated threats and provide the required security armour.

Here come the MSSPs

This is where Managed Security Service Providers (MSSPs) come into the picture. Armed with domain expertise and provisions of scalability (hence cost effectiveness), they offer a better return on investment to the businesses that may not have expansive budgets for security. Their expert, round-the-clock monitoring and management, threat detection and incident response capabilities ensure organizations can stay resilient. Mirroring the growth of cyberattacks, MSSPs have also seen rapid growth—the APAC MSSP market is expected to touch USD 14.7 billion with a compound annual growth rate (CAGR) of 14.1%, with India contributing USD 2.1 billion at an impressive CAGR of 19.3%.

On a mission to provide robust and holistic next-generation SOC solutions to its clients, eSec Forte offers state of the art security monitoring, user analytics, security audits, compliance management, digital forensics investigation and security incident response services as a service powered by IBM Security QRadar Suite.

Headquartered in Delhi, India and with operations across the globe, eSec Forte’s clientele spans different industries, with a strong presence in BFSI, IT, ITES and government sectors. Due to the evolving cybersecurity risks, threats, stringent and industry-specific regulations and compliance requirements within these sectors, their clients face a unique set of challenges, making the guidance and expertise of an expert MSSP such as eSec Forte indispensable.

Why did eSec Forte choose IBM?

eSec Forte chose the IBM Security QRadar Suite as the core solution to offer a comprehensive, next-generation SOC solution for clients to effectively monitor, manage and protect their hybrid, multicloud environment, addressing the aforementioned challenges of compliance. eSec Forte evaluated and tested the functionalities of the QRadar Suite and other solutions for an array of functionalities, ease of deployment, differentiated use cases and reporting templates, architecture conducive for the MSSPs and MITRE mapping—plus several other advanced features that its customers required to address their cybersecurity needs.

“IBM’s deep industry expertise in security domain was a big reason. QRadar aligned with our specific requirements, enabling us to deliver comprehensive and advanced security services to clients while ensuring regulatory compliance—ticking all boxes on our checklist with satisfying results”, said Priyakant Taneja, Vice President, eSec Forte Technologies. “In addition to helping us set up the SOC, IBM also helped in building baselines, use cases and dashboards, which resulted in quicker go-to-market for us. The seamless collaboration facilitated by joint sessions and several hands-on immersive workshops, enriched by with the wealth of industry experience brought in by eSec Forte and IBM, played a pivotal role in the successful deployment of the Security Operations Center (SOC).

eSec Forte adopted the QRadar Suite as the preferred SOC solution that provides security intelligence by collecting and analyzing data from various sources throughout an organization’s IT environment while offering near real-time event correlation, alerting, prioritization, incident investigation and response. The solution, deployed in a multi-tenancy model, helps manage security operations for multiple clients from a centralized platform—streamlining security management, reducing complexity and enhancing operational efficiencies—while ensuring data privacy 24×7, making it a powerful platform for enhancing their customer’s cybersecurity posture. Furthermore, the SOC has been enriched with over 15 custom apps, more than 200 advanced use cases, reports and dashboards, along with threat feeds and IOCs integration for early detection of security incidents.

What is the next frontier?

eSec Forte’s SOC migrated from an existing platform to IBM Security QRadar in Q1 2022. eSec Forte started with small EPS but has expanded multifold within one year. The in-scope sources have also increased ­to over 1000 event sources, including firewalls, DLP, WAF, SaaS applications and cloud deployments. They were able to ensure that customers could demonstrate compliance for PCI and RBI audits. What started with one onboarded customer as operations began, is now a scaled-up, immensely successful offering with several new names added to eSec Forte’s customer roster in a short span of time—a roster that includes highly regulated FinTech players and banks.

“We experienced a transformative impact on our business after implementing QRadar SIEM’s multi-tenancy solution. The consolidation of client environments within a centralized platform streamlined operations, improved scalability and reduced costs. It has opened up the customer expansion route for our SOC services,” Mr. Priyakant Taneja concludes.

Additionally, the QRadar Suite platform brings the power of AI to empower SOC teams in several ways. It offers a unified analyst experience (UAX) for quicker decision-making, provides accurate risk insights through automated AI-driven threat detection, and streamlines workflows with continuously updated X-Force expertise. With AI-powered alert triage and correlation, threats are handled efficiently upon detection, and automated investigations and response recommendations ensure a comprehensive approach to threat detection and response, enhancing overall cybersecurity effectiveness.

 “We are glad to have partnered with eSec Forte’s MSSP success with IBM Security QRadar. We firmly believe that IBM Security QRadar Suite platform embedded with enterprise-grade AI and automation will help to dramatically increase analyst productivity, help resource-strained security teams work more effectively across core technologies and provide fast and user-friendly threat hunting with detailed, actionable threat intelligence to identify and prioritize the threats that are most relevant to specific industry and region,”adds Pradeep Vasudevan, Country Leader, IBM Security Software, India/South Asia.

No more policy vacuum

Cybersecurity in business strategy is taking center stage in India. As the policy vacuum gets addressed with the new Digital Personal Data Protection Act 2023, a new wave of Indian businesses will leapfrog onto the digital transformation path—however, very few have an active security strategy in place. As per the recent IBV report, Prosper in the cyber economy, 72% of surveyed Indian companies have a security strategy, but only 23% of those companies have started executing those strategies.

MSSPs such as eSec Forte are a solution to the mounting costs of securing businesses and attending to skill deficiencies to address the security gaps. Leveraging their expertise along with a trifecta of plan, upgrade and upskill are the next steps for businesses to prepare themselves for the future. MSSPs can benefit from amping up the scalability that IBM Security QRadar’s multi-tenancy solution offers and bring in the formidable force of AI, to leverage and further their security offering process, leading to rapid customer acquisition and business expansion.

Explore QRadar SIEM today

About eSec Forte: eSec Forte® Technologies are a CMMi Level 3 certified Global Consulting and IT Security Services company with offerings across cloud security, cyber forensics, malware detection, security audits, red team assessment, threat hunting, security operations control, penetration testing, secure access management, risk assessment, IoT Security, and more. CERT-INDIA empanelled for providing Information Security Auditing Services. Global PCI DSS QSA and are authorized by the PCI Security Standards Council to validate an entity’s adherence to PCI DSS. www.esecforte.com