The document discusses how an insurance company used ArcSight to build custom risk-based workflows that automated incident response. Rules and events were assigned risk scores based on severity, and filters and cases were created to escalate only the highest risk events. This reduced the number of generated cases while still addressing critical issues. The solutions provider helped implement this system to make the SIEM more effective for the company's needs.