How IBM Is Redefining Security
Over the years, IBM has been known as a leader in various segments of the IT market, including mainframe computers, software, personal computers, technology services and the cloud. So you probably don’t think of IBM as being an expert in information security. Think again.
The company is helping to redefine security with its strategy for the market. A key to this strategy is an understanding that organizations need to grasp the new “security reality” that has arrived.
Part of this new reality is how cyber criminals have gotten ahead in the game. Attackers and attacks have become much more sophisticated than in the past, and these attackers are breaking through conventional safeguards on a regular basis.
Industry studies have shown that data theft and cybercrime are among the greatest threats organizations face today. And the costs of security attacks are by no means incidental. The average cost of a data breach is $3.5 million, according to the 2014 Cost of Data Breach Study: Global Analysis, by the Ponemon Institute. This includes spending on investigations, notification and response when sensitive and confidential information was lost or stolen, and the average cost rose 15% compared with the previous year.
Also, part of the new reality are “modern trends in enterprise computing — the rise of social media, the cloud, mobility and the era of big data — make threats from employees, contractors, partners and others with trusted access harder to identify and give insiders more ways to pass protected information with less chance of discovery,” according to IBM’s 2015 “X-Force Threat Intelligence Quarterly” report.
The state of security
Given the prevalence of cloud services and the growth of mobile devices and apps in the workplace, these concerns will likely continue to grow. The bring-your-own-device (BYOD) trend, which offers a number of benefits such as increased collaboration and data access for workers, also presents its own set of security challenges.
On top of these challenges, many organizations are struggling to find the security skills they need to address today’s threats. And while the typical large organization has dozens of security tools in place from a multitude of vendors, huge data breaches are occurring at a frightening level.
Recent years have seen a significant rise in the number of breaches and they impact they’re having on companies. Hundreds of millions of records have been leaked in these attacks, including highly sensitive customer information. This not only results in monetary impact on businesses, but damages their reputation and brand.
The types of attacks have also broadened, and now include such tactics as distributed denial of service, malware, spear phishing, SQL injection, physical access, third-party software and other methods.
Given the high stakes and growth in the number of threats, information security is gaining more attention at the highest levels of organizations, including board rooms. Security and business executives are more accountable than ever for incidents that could affect business operations, customer relationships, market share, regulatory compliance, stock prices and other areas.
Giving the one-two security punch
IBM’s security approach includes several strategic imperatives for organizations. One is to use analytics and insights to create a smarter security program. This involves using intelligence and anomaly detection across all domains.
Organizations should enable their security teams to look for breaches by gathering security-relevant data from everywhere in the enterprise. They can deploy security intelligence technologies that provide real-time analysis, fraud prevention and anomaly detection. External threat intelligence and expertise can help augment the inside security knowledge base.
This imperative also involves building an “intelligence vault” around key business information assets. To do this, companies need to discover and classify the most vital assets in the organization and protect this data, employees and transactions with intelligent controls. They need to monitor who has access to these resources and from which types of devices. Organizations can then detect anomalies and unauthorized access, and discover subtle indicators of an attack using security analytics capabilities.
Many companies are sitting on enormous amounts of data gathered from security tools as well as Web sites, social media and enterprise applications, and much of this data can be analyzed to detect potential criminal behavior.
In addition, it’s a good idea to create an incident response team that is on the lookout for attackers and can launch a coordinated response plan using the tools, information and skills to limit the impact of a breach.
Securing IT megatrends
Another strategic imperative is to become knowledgeable about how to secure mobile devices and apps, cloud services, big data environments and social media. These IT “megatrends” are essentially unstoppable in many organizations — and that can be a positive development if the right security initiatives are in place to ensure that these developments don’t create new risks.
If a company lacks the internal expertise to deal with security in these new environments, it should tap into experts from outside to deploy secure solutions. It’s important to mandate security in the cloud, in the mobile environment, on social media and in big data initiatives early on in the process.
That includes deploying the latest technologies specifically aimed at these different areas. So for example, implement mobile device management and enterprise mobility management to better control the mobile environment.
These trends can also help organizations bolster their security. For instance, cloud-based security-as-a-service can improve intelligence; crowd-sourced threat intelligence can provide tips on potential attacks; and data analytics can allow faster breach detection.
Using an integrated security program
A third strategic imperative is to do a thorough assessment of the organization’s security posture, and get help in developing an integrated approach to security. This means evaluating the company’s security maturity compared with other similar companies and testing for compliance with industry standards.
IT and security executives should work with key stakeholders and the board of directors to quickly implement any needed changes in the security program. And again, if internal expertise is lacking, find qualified partners such as consultants and managed services providers to help with security assessments, product deployments and ongoing security services.
Partnering with information security experts
A key part of IBM’s security market strategy, in fact, has been to work closely with partners that are experts in different areas of information security, and acquire companies that can help it build a comprehensive security portfolio.
Among IBM’s security technology acquisitions are Dascom, the basis for its Access Manager portfolio; Access 360, the basis for its Identity Manager portfolio; Internet Security Systems, the basis for its IBM X-Force IT security research team and IBM network protection product family; Consul, to help accelerate data and governance strategy; Encentuate, the basis for Enterprise Single-sign-on; Guardium, a market leader in real-time enterprise database monitoring and protection; Trusteer, for mobile and application security, counter-fraud and malware detection; and Fiberlink, to expand its MobileFirst solutions with new cloud-based capabilities to deliver a comprehensive mobile management and security solution.
IBM has also benefited from partnerships with key industry players. For example, it has worked with IT solutions provider Insight for the past decade to keep up with the continually changing needs of the business environment.
Insight’s specialized teams consult with companies to help select the best solution from a diverse selection of IBM products and services. Then certified staff members help ensure that the products selected are deployed effectively.
Working with IBM, Insight helps clients stay ahead of the latest threats as well as audits by building a solid security framework.
A Leading enterprise security organization
Clearly, providing comprehensive security solutions through acquisitions and partnerships has become a priority for IBM. In 2012, the company created the IBM Security Systems Division, which brought multiple solutions within the organization together to improve focus and help drive the long-term security strategy.
With more than 6,000 researchers, developers and subject-matter experts involved in security initiatives, the company now operates one of the world’s broadest enterprise security organizations. It has 10 security operations centers, 10 security research centers, 15 software security development labs and three IBM Institute for Advanced Security Chapters in the United States, Europe and the Asia Pacific region.
While IBM might not be as well-known as a security solutions provider as others in the industry, the company offers not only a broad portfolio of products, but the expertise and partnership base to deliver results for customers.
Insight and IBM are here to help you with your business security needs. Take advantage of their combined technology and expertise.
Bob Violino is a freelance writer sharing news about technology, science and other areas of interest. Follow him on Twitter @BobViolino.