Cloud & Service Management blog
Rebecca Swindell 270003U1MK REBECCA.SWINDELL@UK.IBM.COM Tags:  infosec ibm pulse xforce robert_freeman 2,471 Visits
Rebecca Swindell 270003U1MK REBECCA.SWINDELL@UK.IBM.COM Tags:  xforce infosecurity q1_labs siem robert_freeman mobile_device_management 2,080 Visits
It was great to be back at Infosec, with a very colourful IBM booth, that clearly stands out from the crowd! We had four sessions during the day, and below are the key points that I thought were raised.
Our first session was given by Robert Freeman, Manager of X-Force Advance Research Strategy, on The Advanced Persistent Threat in 2012, who opened by talking to the audience about the role of the X-Force team at IBM. He spoke about how 2011 was the year of the security breach, and went into some specific, well known examples that made it into the news during the year. Robert then talked to the audience about who is actually attacking our networks - attacker types and techniques based on the X-Force research, be it off the shelf versus sophisticated attacks, broad versus targeted, financially motivated, state sponsored, or all out cyber war!
The next IBM session was given by Steve Durkin, who joins IBM from our recent acquisition of Q1 labs, whose session was titled “providing your business, total security intelligence”. Steve Durkin opened the session by talking about Security and Information Event Management or SIEM for short! He wanted the audience to understand that SIEM leads to actionable and comprehensive insight into their security infrastructure. He also took the audience through the industry examples of attacks on businesses we have all seen in the press during the last few years. Steve spoke about the four domains or pillars that IBM see as forming a comprehensive IT Security – People, Data, Applications and Infrastructure - if you have got all four areas covered you've cracked it. He then explained that Q1 labs products should been seen as the glue that hold all of these together. Steven urged that internal threats are just as dangerous as external ones. He wanted the audience to ask themselves if they have taken the best steps to protect against these.
Vijay Dheap was next up for IBM, who talked to the audience about Securing Mobile Devices in the Enterprise. He gave some very interesting stats, such as in 2011 sales of smart phones surpassed that of PCs, soon they will dwarf the sales of PC, by 2015 40% of Enterprise devices will be mobile devices – (an IBM projection) and 50% of all apps send device information or personal details. Social norms are now different - mobile devices used in way more locations, mobile devices shared more often, and user experience is prioritised. He continued by talking about how apps now push the boundaries of collaborations, but unfortunately leave you open to attacks. He urged the audience to have visibility to what mobile devices are connected to their corporate network and be reactive, be responsive, and be transparent.
Our final session of the day was given by Simon Smith who presented on Infrastructure Protection - Towards an Optimised Security Position. He talked about how IBM is keen to usher in new era of security intelligence. He then took the audience through what he saw where the different stages companies are at when it comes to IT Security, asking the audience to share where they thought they were in the journey. He first discussed what “basic” security looks like: point solutions, stand alone products & deployments, different solutions for every problem block and prevent attacks, and analysis is mostly manual & reactive.
This is combined with correlation and analytics, alerts based on predefined rules and information, auto analysis and assessment reports and alerts. Simon closed by saying there are no absolutes, no scoring systems, you should look at where we are and your aspirations.
Simon mentioned that there will be new product announcements tomorrow morning, so be sure to follow me @RSwindell and @IBMSecurity to find out what they are! #
If you would like copies of any of the presentations, please email be at email@example.com.
Come back tomorrow evening for my thoughts from day 2 of Infosecurity 2012!