Hawks are some of the most intelligent birds on the planet and widely recognized for their sharp vision and hunting prowess. So “Hawkeye” is an appropriate name for a security management and control system designed to rapidly pinpoint critical security incidents to enable immediate response.
China Pacific Insurance Group (or CPIC), one of the top three insurance companies in mainland China, developed the Hawkeye system in response to the ongoing transformation of the insurance industry. As in so many industries worldwide, the widespread adoption of the Internet, smartphones, Big Data, and cloud computing has enabled better interactions with customers, more personalized service, and new business opportunities; however, these disruptive technologies have also produced huge security challenges.
CPIC initially implemented a SIEM to provide tighter security across its 30,000 endpoints. However, its original SIEM couldn’t log the massive amount of security-related events and flows fast enough for timely analysis, and was further hindered by passive and fragmented monitoring. With so much valuable data at stake, even a few seconds of delay to stop a breach could spell incalculable losses to the business.
After multiple rounds of evaluation and comparison of leading SIEM options, CPIC decided to build a security management and control system based on McAfee Enterprise Security Manager, the heart of the McAfee SIEM solution system. “The McAfee SIEM solution underlying our Hawkeye Big Data security management and control platform makes it possible to identify risks, control security events, view trends, and run security operations—all much faster and more effectively than in the past,” says CPIC Deputy General Manager of Information Security and Internal Control Department Mr. Zhang Jun.
The Hawkeye system has garnered widespread recognition and accolades in China, including second place at the 2nd Conference on Information Security in China and the 2015 Futures Award for IT Governance and Management Practice in China. In short, CPIC’s Hawkeye system has become a model of information security excellence for financial industries in China.
Hawkeye automatically collects and stores approximately 1.5 billion logs daily and keeps the information available for immediate ad hoc queries, forensics, rules validation, and compliance. As soon as the log data is captured, Hawkeye automatically indexes, normalizes, and correlates the information to discover isolated events from among the massive and diverse body of data.
“The McAfee SIEM-based system empowers us to discover, prioritize, and respond to threats faster and more efficiently,” summarizes Jun. “As a result, CPIC can focus more on business innovation and embrace with confidence the new technologies that enable greater customer satisfaction and business growth.”