All Content IDC Expert ROI Spotlight Case Study: U.S. Bank Minimizes Security Risk with McAfee Security
IDC Expert ROI Spotlight Case Study: U.S. Bank Minimizes Security Risk with McAfee Security The bank now uses the SIEM solution in concert with the McAfee Data Loss Prevention and Advanced Threat Defense products, using McAfee Threat Intelligence Exchange to communicate what new threats are emerging so that necessary action can be taken. According to the information security officer: "The McAfee tools have been working together for the past two years and have shown that the unified solution is greater than the sum of the individual parts." Benefits With the deployment of the McAfee suite of security products and the Global Threat Intelligence service, the bank has considerably reduced its exposure to operational and reputational loss because of networkrelated security threats. It has achieved this benefit by substantially limiting the frequency of user-impacting security events and resolving them far faster, even as it has more than doubled the number of employees using applications on its network. As a result, it has minimized the impact of outages on its employees and business, which is especially beneficial given this growth. Further, it has avoided having its name tied to a major security-related event and positioned itself to compete more "We can now do more strongly for the business of security-conscious clients and businesses. valuable analyses and The information security officer explained that the McAfee suite of products his organization is using enables these benefits by integrating dynamic endpoint protection with intelligent analytics and a centralized management platform. This adaptive, open system reduces the number of threats that get through firewalls and helps the bank`s incident response teams find incidents in much less time. Security and threat insights trigger automated action to expedite cleanup and quickly adapt current security policies, further reducing the likelihood of events becoming user impacting and meaning that less IT staff time is needed to take these actions. Further, by learning from security incidents never seen before, the system evolves continually, providing better protection going forward. data correlations much faster. We can quickly identify events at different parts of the network, see if they`re related, and track back to the first instance to determine when, where, and how the incident occurred." The net result is that the McAfee products have better secured the bank`s employees, work devices, and servers. "We can now do more valuable analyses and data correlations much faster," said the bank`s information security officer. "We can quickly identify events at different parts of the network, see if they`re related, and track back to the first instance to determine when, where, and how the incident occurred. We can also monitor our environment through just one or two panes of glass, which makes it easier to figure out how to contain the problem and retain control of the environment." He explained that before deploying McAfee, the bank experienced more frequent user-impacting security events that generally took substantially longer to resolve. Most importantly for the bank, it has now minimized the risk of infrequent but damaging security events that can affect its entire business operations for days at a time. Further, these events required the time of up to six to eight members of the bank`s security and IT teams for up to a week to achieve full resolution. More commonly, events impacting individual users can require confiscation of the infected workstations, which limits productivity for the several days it would take to provide replacements or fully resolve the problem. Events affecting remote users were particularly disruptive; they might be without their workstations for three or four days. Medium-impact attacks affecting groups of 30 or 40 users would limit user productivity even more because of the importance of the workstations in their work. ©2017 IDC #US42210917 3 The information security officer reported that with McAfee in place, the frequency of user-impacting events has declined by almost 80% from about one per week to one per month, even as the bank`s employee user base has more than doubled. Moreover, McAfee helps identify and resolve potential issues in far less time: "Now we can detect an attack within 60 seconds and complete the analysis to contain it within five minutes," said the information security officer. "Removing the virus and cleaning up afterward might take one or two minutes." He compared this with the hours or even days it took to identify and remove security-related issues before using McAfee (>99% faster). Once security-related issues are identified, McAfee also helps the bank move to full resolution in far less time; the information security officer said that it now takes about four hours in total per security event compared with a full workweek previously (90% faster). For the bank, this means that McAfee has limited the disruption caused by network-related security events. Most importantly, the bank has confidence that it will not experience more significant security events that can affect its business. This has contributed to better positioning the bank to hold onto its clients and even win new business. Because of its track record of blocking attacks, the bank has avoided the unfavorable publicity suffered by other institutions. As the information security officer said, "McAfee has helped us stay out of the news, which is invaluable for us." "McAfee has allowed us to fundamentally tackle security, which has given us more comfort in handling customers and presenting our strong security posture in sales meetings." In addition, he noted that the prospective customers of the bank increasingly view its security capabilities as core to its value proposition. He said that he has been involved in many presentations with potential customers where security was a key topic, and he believes that improved security has contributed to winning a number of new clients worth millions of dollars of new revenue per year. He explained: "McAfee has allowed us to fundamentally tackle security, which has given us more comfort in handling customers and presenting our strong security posture in sales meetings." Quantifying the Benefits By interviewing the bank`s information security officer and asking questions about operations before and after deploying the McAfee suite of security products, IDC was able to quantify the benefits the bank is achieving. IDC calculates that when projected over four years, the benefits will average $3.02 million per year (see Figure 1). IDC used a four-year analysis because the bank required about one year to deploy the McAfee solutions and targets three-year refresh cycles. ©2017 IDC #US42210917 4 Please complete the form to gain access to this content Access Now Related Resources Navigating the General Data Protection Regulation Mini Guide Die Herausforderung „Endgerätesicherheit“ meistern Machine Learning optimiert die Arbeit der Sicherheitsteams Cloud-Sicherheit: Schutzmaßnahmen unter der Lupe Threat Visibility and the Zero-Trust Virtual Data Center Cloud Security: Defense in Detail if Not in Depth 10 Ways to Accelerate Time to Detection and Response Beyond the General Data Protection Regulation (GDPR) Integrating SIEM into Your Threat Hunting Strategy Automation and Analytics versus the Chaos of Cybersecurity Operations IDC MarketScape: Worldwide Endpoint Specialized Threat Analysis and Protection 2017 Vendor Assessment Machine Learning Raises Security Teams to the Next Level Atrius Health: Reducing Operational Costs and Combating Ransomware
The bank now uses the SIEM solution in concert with the McAfee Data Loss Prevention and Advanced Threat Defense products, using McAfee Threat Intelligence Exchange to communicate what new threats are emerging so that necessary action can be taken. According to the information security officer: "The McAfee tools have been working together for the past two years and have shown that the unified solution is greater than the sum of the individual parts." Benefits With the deployment of the McAfee suite of security products and the Global Threat Intelligence service, the bank has considerably reduced its exposure to operational and reputational loss because of networkrelated security threats. It has achieved this benefit by substantially limiting the frequency of user-impacting security events and resolving them far faster, even as it has more than doubled the number of employees using applications on its network. As a result, it has minimized the impact of outages on its employees and business, which is especially beneficial given this growth. Further, it has avoided having its name tied to a major security-related event and positioned itself to compete more "We can now do more strongly for the business of security-conscious clients and businesses. valuable analyses and The information security officer explained that the McAfee suite of products his organization is using enables these benefits by integrating dynamic endpoint protection with intelligent analytics and a centralized management platform. This adaptive, open system reduces the number of threats that get through firewalls and helps the bank`s incident response teams find incidents in much less time. Security and threat insights trigger automated action to expedite cleanup and quickly adapt current security policies, further reducing the likelihood of events becoming user impacting and meaning that less IT staff time is needed to take these actions. Further, by learning from security incidents never seen before, the system evolves continually, providing better protection going forward. data correlations much faster. We can quickly identify events at different parts of the network, see if they`re related, and track back to the first instance to determine when, where, and how the incident occurred." The net result is that the McAfee products have better secured the bank`s employees, work devices, and servers. "We can now do more valuable analyses and data correlations much faster," said the bank`s information security officer. "We can quickly identify events at different parts of the network, see if they`re related, and track back to the first instance to determine when, where, and how the incident occurred. We can also monitor our environment through just one or two panes of glass, which makes it easier to figure out how to contain the problem and retain control of the environment." He explained that before deploying McAfee, the bank experienced more frequent user-impacting security events that generally took substantially longer to resolve. Most importantly for the bank, it has now minimized the risk of infrequent but damaging security events that can affect its entire business operations for days at a time. Further, these events required the time of up to six to eight members of the bank`s security and IT teams for up to a week to achieve full resolution. More commonly, events impacting individual users can require confiscation of the infected workstations, which limits productivity for the several days it would take to provide replacements or fully resolve the problem. Events affecting remote users were particularly disruptive; they might be without their workstations for three or four days. Medium-impact attacks affecting groups of 30 or 40 users would limit user productivity even more because of the importance of the workstations in their work. ©2017 IDC #US42210917 3 The information security officer reported that with McAfee in place, the frequency of user-impacting events has declined by almost 80% from about one per week to one per month, even as the bank`s employee user base has more than doubled. Moreover, McAfee helps identify and resolve potential issues in far less time: "Now we can detect an attack within 60 seconds and complete the analysis to contain it within five minutes," said the information security officer. "Removing the virus and cleaning up afterward might take one or two minutes." He compared this with the hours or even days it took to identify and remove security-related issues before using McAfee (>99% faster). Once security-related issues are identified, McAfee also helps the bank move to full resolution in far less time; the information security officer said that it now takes about four hours in total per security event compared with a full workweek previously (90% faster). For the bank, this means that McAfee has limited the disruption caused by network-related security events. Most importantly, the bank has confidence that it will not experience more significant security events that can affect its business. This has contributed to better positioning the bank to hold onto its clients and even win new business. Because of its track record of blocking attacks, the bank has avoided the unfavorable publicity suffered by other institutions. As the information security officer said, "McAfee has helped us stay out of the news, which is invaluable for us." "McAfee has allowed us to fundamentally tackle security, which has given us more comfort in handling customers and presenting our strong security posture in sales meetings." In addition, he noted that the prospective customers of the bank increasingly view its security capabilities as core to its value proposition. He said that he has been involved in many presentations with potential customers where security was a key topic, and he believes that improved security has contributed to winning a number of new clients worth millions of dollars of new revenue per year. He explained: "McAfee has allowed us to fundamentally tackle security, which has given us more comfort in handling customers and presenting our strong security posture in sales meetings." Quantifying the Benefits By interviewing the bank`s information security officer and asking questions about operations before and after deploying the McAfee suite of security products, IDC was able to quantify the benefits the bank is achieving. IDC calculates that when projected over four years, the benefits will average $3.02 million per year (see Figure 1). IDC used a four-year analysis because the bank required about one year to deploy the McAfee solutions and targets three-year refresh cycles. ©2017 IDC #US42210917 4
