Brian Murphy, CEO & Founder
Security information and event management (SIEM) systems, with their ability to centralize analysis and reporting for an organization's security events, are providing a single pane of glass visibility into the threat events. Helping companies to maximize the value of their SIEM, security professionals bring best practices and skills to remediate security incidents comprehensively. By simplifying the addition of more data sources to SIEM and developing an effective security framework, these experts enable companies to be combat-ready for tomorrow’s cyber challenges. On the flip side, while the threat landscape is becoming more complex each passing day, there has never been a higher demand for expert SIEM professionals in the cybersecurity industry.
While companies stand in dire need of a deft cybersecurity workforce, there is an opportunity for innovation. As such, companies like ReliaQuest were born. Instead of lamenting the skill crunch, the company believes in cultivating new talent. Focused on building a team of cybersecurity workforce that has in-depth knowledge and exposure to threat intelligence and forensics, ReliaQuest strengthens the security of companies by positioning the best-of-breed talent on the frontlines. Founded in 2007, the next-gen security solutions provider, ReliaQuest, brings a trinity of cutting- edge tools, uber security talent, and a data-driven approach to push the boundaries of IT security.
"At ReliaQuest, we bring the knowledge and best practices, taking into account comprehensive security data in the client environment to architect the SIEM solution, providing clients the vantage point to make accurate security decisions"
Painting a clear picture of the current situation, Brian Murphy, CEO and founder of ReliaQuest, informs that one of the major challenges faced by the enterprise today is keeping up with licensing costs they incur on collecting raw data—much of which is not directly relevant to security—from an array of sources that are fed into the SIEM. The reality is that, in most instances, the SIEM lacks an effective mechanism in place to make contextually-driven decisions. “We want to limit valuable licensing dollars spent on non-actionable data,” says Murphy. ReliaQuest understands that access to actionable information in a timely manner is the name of the game today. This is precisely why the company has always focused on being more than just a managed services provider. “The value that we bring to the table is unprecedented, which makes us unique in the industry,” adds Murphy.
Navigating a company through a labyrinth of cyber risks is always a challenge, and it is one that has kept Murphy busy outside of his regular office hours. With him at the helm, the dynamic team at ReliaQuest is all-hands-on-deck to safeguard clients from cyber vulnerabilities, round the clock. Focused on a risk-based strategy and proactive intelligence, ReliaQuest is a one-stop cybersecurity shop that takes a technology-independent approach to reduce clients’ expenditures on tools and technologies.
We want to limit valuable licensing dollars spent on non-actionable data
ReliaQuest leverages clients’ existing technology and develops security tools and technologies that fit their needs.
The company has built proven methodologies and intellectual property that is implemented in its two security operations centers (SOCs) in Tampa and Las Vegas. “At ReliaQuest, we bring knowledge and best practices, taking into account comprehensive security data in the client environment to architect the SIEM solution, providing clients the vantage point to make accurate security decisions,” says Murphy.
The Hunt for Actionable Data
ReliaQuest builds an advanced architecture to normalize the collected data, parse it, and correlate it with contextual data to separate relevant alerts from irrelevant data and false positives. Facilitating communication between various endpoint systems and the SIEM platform, ReliaQuest removes the blind spots in identifying threats and improves the visibility with its power-packed services that facilitate detection and response, security engineering, threat management, delivery management, and business analytics. Unlike other providers who just manage the basic SIEM capabilities, the company goes one step ahead and builds automation technologies to monitor the health of the log sources into the SIEM, improving the efficacy of data correlation and data processing workflow.
While the role of technology in ReliaQuest’s client engagement strategy is indispensable, what really sets the company apart is its team of cybersecurity experts. Since its inception, the company has acknowledged the need for security specialists and has built a strong team of cybersecurity experts, classified into four categories with different skillsets. The security engineering team focuses on parsing new data sources to provide visibility into the log sources. Their unique threat management team builds complex correlations and content packages, which are essentially a series of rules, reports, and dashboards that filter all of the log sources coming into the SIEM, helping clients reduce the unnecessary spend while tapping key data from disparate sources. These content packages are tested by the company’s internal Red Team to verify data accuracy prior to introducing new content packages into the client environment. The Red Team can test the strength of the content throughout its lifecycle. The upshot is that a client using one brand of SIEM can easily move to another technology without rewriting the content packages.
Next in line is the business analytics team that takes all of the alerts out of the SIEM and other tools, aggregates the information together, and creates valuable reports for an executive view. The report depicts the ROI gained by the client and a customized report on the security status. Bringing finesse to their service delivery, ReliaQuest’s delivery management team members, working from the SOCs, act as a single point of contact to pull the data from all four teams.
Working as an extension of the clients’ team, the seasoned and experienced teams at ReliaQuest have developed several intuitive tools, such as rqAWARE and rqGREYMATTER. While the rqAWARE platform deduplicates threat intelligence data and eliminates outdated data, rqGREYMATTER uses artificial intelligence to take charge of live reporting of forensic data.
In addition, rqAHM (Advanced Health Monitoring) runs consistent checks with minimal use of resources. Doubling down their efforts to streamline the data ingestion process, the company will soon introduce rqTRANSLATE, which takes any log source and converts it into a single data type. Having all data normalized into a single data type, companies can meet the necessary compliance mandates and gain the maximum ROI for their SIEM investments.
Security—A Team Sport
Leveraging a client-first approach, a primary focus is on what’s best for their customers. “For ReliaQuest, it’s the client, not the SIEM, that is the platform,” says Murphy. In doing so, the process is set in motion by understanding a client’s network architecture, their valuable data, and security priorities, to build an evolution map. ReliaQuest is proud of the fact that they work alongside their clients with absolute transparency into each other’s activities. While this edges out any communication hiccups, a dedicated program delivery manager is assigned to track project performance and monitor the progress by providing timely reports. ReliaQuest serves Fortune 1,000 enterprises across a broad span of industries, including finance, healthcare, retail and energy. The company also serves a number of regional healthcare and financial organizations, who have their own data security complexities. “Our clients are those who want to be at the leading edge of security, taking a proactive stance beyond just compliance,” says Murphy. For instance, one of ReliaQuest’s clients, a $3bn media company, had made several unsuccessful attempts to streamline its security visibility before engaging ReliaQuest. The challenge was converting the overabundance of alerts into actionable information and fine-tuning the SIEM. In just 90 days, ReliaQuest was able to parse the data, tune the content and drop in the RQ content packages to provide the client with more visibility. “We reduced the non-meaningful alerts and false positives by 90 percent, freeing up the team to address relevant alerts,” says Murphy.
The Right ‘Mindset’
Murphy firmly believes that the most effective way to counteract cyberthreats is through education. Considering the significant skill and talent crunch in the cybersecurity space, ReliaQuest was early to set up a university with the belief that continuous development, training, and improvement is the way to get ahead. “We don’t foster just a culture, but an attitude that centers on accountability, focus, adaptability, and the zeal to help. What we look for in a candidate is the right attitude, energy, and effort. Everything else can be taught,” says Murphy. The university has full-time instructional designers and custom-architected proprietary training content that culminated last year into the development of a full-scale Cyber Simulator, which allows ReliaQuest to provide a lab-based learning environment. “We are growing to almost 100 percent year over year, all while winning accolades in the industry for great employee satisfaction. These results are due to our inventive training strategies.”
ReliaQuest will soon launch a custom security data lake where teams can create visualizations and offer that information to other departments. Taking their value proposition to stellar heights, ReliaQuest is planning to launch its third SOC in Dublin, Ireland, with another 200 recruits added company-wide by the end of 2019. That’s not all. The company will also soon make its training courses available for clients, allowing them to get trained on SIEM and cybersecurity strategies, free of cost. Murphy puts it enthusiastically as he concludes, “Our capability is your capability. We encourage growing cybersecurity teams to bring their analysts, and we will provide them with full incident response and security engineering training and theReliaQuest certification—at no cost.”