The National Information Resources Management Institute (formerly the Government Integrated Computer Center) played a pivotal role in consolidating scattered e-government systems into the world’s first intergovernmental data center in 2005. Currently, it efficiently manages data from government agencies in one location, but the integration of continuously increasing data from various heterogeneous devices and ongoing threat factors has become unavoidable.
As a solution to this, the National Information Resources Management Institute set the goal of establishing a next-generation security monitoring system in 2013, and the performance and functionality of SecureLayer's solution were recognized and adopted through a fair testing process.
Through Guppy for Big Data, batch analysis of long-accumulated data has been conducted, and a big data log analysis system based on eyeCloudSIM has been established to enable log collection and event configuration from all heterogeneous devices, as well as event correlation analysis. A system based on the SOC portal BlueBird has been built to create a response system that allows real-time situation dissemination and ticket sharing and transfer in the event of a threat. Approximately 7 specialized personnel from SecureLayer participated in the configuration and operation.
- Enhanced attack response capabilities through integrated management of logs collected from various devices and real-time correlation analysis
- Behavioral analysis possible through understanding the flow of cyber threats and incidents
- Improved detection rate of attack indicators through correlation analysis
- Rapid decision-making enabled by a standardized event targeting system