About Large Healthcare Organization
As a healthcare provider this organization holds very sensitive patient data and is subject to strict regulatory compliance, such as HIPAA.
Its Chief Information Security Officer (CISO) is very aware of the security threat posed: “We need the ability to detect and stop advanced attacks on our corporate network. There is also the very real risk of insider threats that we must address. Although our Security Operations Center (SOC) does a great job, we wanted to boost our productivity by focusing our analysts on investigating the threats that pose the highest risk to us.”
Protecting Sensitive Patient Data from Cyber Attacks
Micro Focus ArcSight Intelligence empowers security teams to find and respond to previously unknown threats – exactly what is needed in this situation. Its flexible deployment options aligned with the cloud vision for this organization and the team was particularly excited about ArcSight Intelligence’s unsupervised machine learning (ML) capabilities. Leveraging ML, “unique normal” baselines are learned, i.e., a digital fingerprint of each user or entity which can be continuously compared to itself or peers. This approach to behavioral analytics enables security teams to detect traditionally difficult-to-find threats.
Successful Attack Prevention with ArcSight Intelligence
Following its implementation, ArcSight Intelligence was able to identify and neutralize an external attacker, a great result for the organization.
The organization plans to continue leveraging ArcSight Intelligence to augment and streamline its security team’s efforts.