Atea Sverige AB

With increased cyberattacks on critical infrastructure, the European Union (EU) heightened security requirements, leaving small and midsized organizations struggling to improve their security profiles. 

Atea built a platform based on the QRadar SIEM solution to help small and midsized organizations meet growing cybersecurity demands and quickly deploy SOCs on premises or from its certified data center.

Cyberattacks that target essential public services—like power and water supplies—are growing with alarming frequency. Public companies that provide these services are often the most vulnerable. If IT security departments lack the tools, time and security expertise required to effectively manage threats, incidents can go undetected and pose serious risks to a community.

Every day, cybercriminals infiltrate networks around the world with increasingly sophisticated methods—in fact, accessing a network with compromised credentials was the top tactic used by hackers in data breaches over the last year¹ (PDF, link resides outside of ibm.com), and 53 percent of organizations have experienced an insider threat in the last 12 months. As more than 99 percent of attacks leave traces on the network³ (PDF, link resides outside of ibm.com), every company requires superior security tools that can detect, analyze and respond to threats in real time.

Atea, Sweden’s leading provider of IT infrastructure and services, saw a need in the market to ensure that small and midsized organizations—particularly public sector companies—had access to security tools that could detect malicious attacks. Facing heightened requirements mandated by the EU’s Network and Information Security Directive, providers of critical services in energy, transportation, banking, finance, healthcare, water supply and digital infrastructure sectors needed to better safeguard people and essential resources by enhancing IT security.

Atea chose the QRadar SIEM solution as the foundation for its SOC as a service platform because of its superior tools for incident detection and response to advanced and unknown threats. Using out-of-the-box capabilities in the QRadar SIEM solution for integration and automation, Atea can quickly deploy and tune a SOC for a customer on premises or in the company’s certified data center. With a staff of 30 highly trained security experts, Atea customers benefit from around-the-clock monitoring of their environments and guidance to continually elevate their security postures.

“Most of our customers have never had the capacity for good incident detection,” says Gustav Rydmark, Atea Managed Security Services Engineer. “One of the main reasons we chose QRadar for our SOC solution is that you can take a customer from no operational security all the way up to a very mature security posture using the same platform.”

The Atea solution delivers built-in network traffic analysis competencies in QRadar to help customers analyze network data in real-time to quickly detect and respond to malware attacks, insider threats and phishing campaigns. The IBM QRadar User Behavior Analytics (UBA) solution provides customers with greater visibility into their IT environments. The UBA tool uses machine-learning to analyze user behavior, track suspicious activity and detect potential incidents—for example, insider threats such as users accessing the network from a previously unused location, or a user performing job functions outside of his or her role.

Atea anticipates incorporating AI technologies such as machine learning, cognitive and natural language processing to enable analysts to respond to threats with greater confidence, consistency and speed. The IBM QRadar Advisor with Watson solution uses automation for routine SOC tasks and provides actionable feedback to analysts to help reduce incident investigation time from days and weeks to minutes or hours.

With the QRadar SIEM solution, Atea gained the ability to deploy and tune a SOC solution for a customer in less than six months, improving time to value by more than a year. Atea can deliver a cost-efficient solution to customers, taking advantage of the out-of-the-box capabilities for integration and automation in the QRadar SIEM offering to help customers clean up their environments and continually build advanced means for detection and response.

With 70 percent of its customers in the public sector, Atea provides a critical need in Sweden by helping to ensure that organizations that provide essential services are protected.

“Atea’s SOC as a service isn’t just about compliance,” says Albin Zuccato, Head of Cybersecurity at Atea. “It’s about social responsibility. Atea is a very large provider of IT solutions in the public and private sector, and with that comes responsibility. We built the solution so it would be accessible for all sizes of clients at a reasonable cost.”

Atea (link resides outside of ibm.com) is the market leader in IT infrastructure for businesses and public-sector organizations in Europe’s Nordic and Baltic states. The company has 7,400 employees and 4,000 consultants located in 87 offices across Sweden, Norway, Denmark, Finland, Lithuania, Latvia and Estonia. Atea is committed to building a sustainable future for customers and the community at large.