A few years ago, I worked on organizing an analyst summit for IBM where we announced the (then new) IBM Security Framework.*
Cut to today and the IBM Security Framework is still at the foundation of Smarter security solutions from IBM.
The IBM Security Framework. Visibility, Control and Automation.™
when we talk to customers about how to address their business pains, the fundamentals remain the same even though the technology continues to advance in new directions.
With Cloud and Virtualization in particular, the technology is certainly changing at a pretty fast clip.
Take a look at the fourth video in our series, "Cloud Enabling Your Data Center: Security and the Cloud" where Joe Anthony, IBM Director, Security, Risk & Compliance Product Management, talks about the IBM Security Framework and how it addresses the Cloud and business pains our customers are trying ot address.
The message and the focus of security and the Cloud is still very much rooted in the IBM Security Framework.
As a reminder, the entire video series can be seen using the YouTube Playlist (Get Cloud Ready).
* To be clear, I had nothing to do with building the IBM Security Framework. I was just the project manager for the event. Like Jarvis in the Avengers. (as a side note: one thing I learned about event planning - coffee, coffee, coffee!)
We are increasingly living our lives in online spaces, and as a result, the monetary value of those spaces seems to be rising every day. Billions and billions of dollars are spent every single year on online advertising. One of the challenges is not only making sure that your money is well spent, but also that your spend won't have a negative impact on your brand. If you're wondering how that could happen, think about this: it's estimated that about 10% of all online ads wind up in places they shouldn't be.
I actually had the pleasure of having lunch with Ian Lightstone (CFO ArtsandTV) a few months back while we were originally filming this video. It was my first exposure to the project and I have to say, it's pretty fascinating what they're working on. As someone who spends all their time talking about vulnerabilities and attack types and all the other pieces of the security conversation, advertising wasn't something that came up a lot. SEO attacks are probably the closest I'd ever gotten to thinking about advertising in the context of security. So how does security intersect with advertising?
ArtsandTV is a relatively small company that needed a lot of data. Data is something that IBM has. Specifically, we have one of the largest URL filtering databases in the world (Security Content Analysis SDK). This product is something typically used to enhance existing security offerings, but it is being used a bit differently here. The Project Sunblock team wanted to improve the way advertisers spend their money.
As you can probably imagine, there are a lot of inappropriate websites on the internet, places where you wouldn't want your brand to appear. In addition to the obvious places you want to avoid, there are other places that are more subtle. Imagine you are a bank, and you advertise a lot on some popular news site. One day, that site runs a story about the financial crisis and is extremely critical of the banking system. Despite the fact that you might frequently advertise on this site, you likely do not want your brand associated with that story.
So, ArtsandTV had the algorithms and IBM had the data. The combination of the two became Project Sunblock, an ad spend optimization and brand protection tool. Project Sunblock can help to keep your brand from appearing on inappropriate pages through the use of content and image analysis combined with a real-time decision making engine. This applies to both generally inappropriate sites, as well as the instances of specific articles and stories that you don't want your brand associated with.
One last thing to remember is that 10% figure I cited at the beginning this post. Not only is this solution protecting the image of a brand, it is also a way to get a better return on your investments. That 10% can be better spent elsewhere.
While preventing security breaches is paramount, security administrators are frequently bogged down with tedious, time-consuming, complex day-to-day tasks that divert their attention from security issues.These time-consuming tasks can be reduced by improving security administration processes and automating audit documentation, allowing administrators to focus on innovative extensions to their business applications in order to maximize investments.
Join us for this webcast on July 14th to learn about the new capabilities in Security zSecure suite, Security Key Lifecycle Manager, Tivoli Federated Identity Manager, Tivoli Security Information and Event Manager, and other security products that enhance cloud security on the mainframe.
In this session, you’ll learn how Tivoli Security Management for zEnterprise can help:
·Reduce the cost of administrating security on the mainframe by reducing complexity and using fewer staff resources
·Automate security policy enforcement to implement best practices and compliance requirements
·Analyze data to detect and respond rapidly to the large volume of security events and threats both internal and external
·Proactively handle events with automated closed-loop remediation that closes exposures
·Protect sensitive data and simplify the lifecycle management of encryption keys
·Consolidated cloud security management for zEnterprise
Today's post comes from Sandy Hawke, Manager IBM Security Solutions.
I recently presented to the ISACA community on a live webinar. I focused the discussion on how to leverage automation to improve endpoint security and compliance. The archived webinar is available here. Just as a brief background, ISACA is an international professional association that focuses on all aspects of IT Governance and has over 95,000 members worldwide.
The online event drew a pretty substantial audience which is good, and yet a bit surprising in two key ways. First of all, many of the recommendations I made to the audience were not radically new concepts, but basic foundational controls that all security professionals agree are critical for achieving and maintaining solid security and demonstrable compliance. So haven't they heard this story before?
Maybe not. And that's the second observation. Most of the ISACA membership is in the IT audit/Risk Management line of business. While they're not the folks who are implementing security technologies on a daily basis (i.e. "hands at keyboards")- they are keen to understand how security is implemented, how it works, how automation can be used to facilitate audits, etc. And that's the new trend we've been witnessing. While the audit team knows what the policy controls should be, they may not know if/how these controls get enforced, maintained, monitored and reported on- essentially how security is "operationalized." The more that they know what's possible with respect to security operations and automation, the better they'll be at knowing what questions to ask IT operations during audits, what technologies to recommend, etc.
Years ago, the IT Audit/Risk Manager organization and activities were kept quite separate from the IT Operations/IT Infrastructure teams. And at the time there were pretty good reasons to keep these groups as distinct as possible- you've all heard of "keeping the fox out of the hen house" analogy, right? The IT Audit/Risk Mgmt teams could set and enforce policy and conduct assessments that wouldn't be influenced by the operations staff. Well, with the advent of converging technologies, economic trends, and the increased importance of measuring security investments and compliance program- in real time, these groups are coming together. More so than ever before.
And technologies that can foster that type of trust, cooperation, and collaboration are indispensable.
So, I was at Pulse this year and was the source of a pretty constant ridicule for carrying around what felt like a fifty pound laptop bag.It was horrible, and inconvenient, and not even effective.I had hard copies of schedules that were out of date about 30 seconds after I clicked print.By the end of the conference I had calluses on my fingers and I couldn’t walk more than about ten steps without having to change hands.It was really a constant reminder that I need to go to the gym more.
Anyway, interestingly enough, most vendors in the endpoint security space have basically adopted this same approach in designing their technology.Incoming attacks get blocked by signatures, and in order to keep you “prepared,” some companies just create and update these huge signature files, shoot them across the network, fold their hands and hope they get properly installed, and then get right back to work because the files they just sent are more or less immediately out of date.I can tell you from experience that lugging around a bulky bag of incomplete, outdated information is no way to do your job.It’s also no way to keep your employees, and by extension, your company, ahead of threats.
What companies need to do is focus on what a defense-in-depth of the endpoint would really look like.It means you need a lot of things.You need to have antivirus and firewall protection.You need a patch process that actually works.You need centralized policy management that is easily enforceable.And, of course, you need all of this in real-time.Until recently, that also meant you needed a lot of aspirin.
With its acquisition of BigFix last July, IBM basically invested in the convergence of security and systems management, two pieces of the operational infrastructure that will continue to become more intertwined.You can’t just write the policy, or obtain the patch, you also need to be confident that these changes and updates are continually being enforced at every single endpoint.Try automatically applying patches to computers that aren’t turned on and you’ll pretty quickly understand why convergence is so important.
Up until this week there were four offerings that were part of the Tivoli Endpoint Manager suite of products, all of which are managed under the same roof.We have solutions for lifecycle management, security and compliance, power management and patch management.This week, we were pleased to announce Tivoli Endpoint Manager for Core Protection, a solution designed to add another layer of depth to your endpoint security posture.Tivoli Endpoint Manager for Core Protection is the result of the relationship between IBM and Trend Micro, and offers the real-time, lightweight threat protection that other endpoint security solutions can’t really compete with.
I spoke earlier about how other vendors were sending these huge signature files across their network, files that were outdated before you even figured out how to install them on your PC.Tivoli Endpoint Manager for Core Protection is different because while it does employ the use of some signature files, it also leverages the cloud to reduce the amount of information that needs to be sent across the network and also provides the real-time protection that static signature files cannot.As the cloud is updated with the latest threat information, so too are all of the endpoints that are in conversation with that cloud.
This has proven to be extremely effective. In a recent third party test, the Trend Micro technology blocked 100% of all incoming malware (the second place competitive product came in at 77%) by taking a multi-layer approach. Nearly all (97.5%) of the malware was detected and blocked in the first layer (URL reputation) and the remaining pieces of malware were blocked in the two subsequent layers of defense. Now, here's where it gets even more impressive. An hour after the original test, they again tested just the malware that got through URL reputation, but this time it did not get through even that first layer of defense. This is protective technology that is updating and hardening its defenses as new threats come in.
I don't think I really need to explain the importance of endpoint security to anyone reading this. We all have different things at stake, whether it's your back accounts, your music collection, confidential information for work or even just a photo album. What I can say is that 77% isn't good enough when it comes to protecting any of those things.
The strength of Tivoli Endpoint Manager is that it combines first-rate security with the systems management capabilities needed to ensure that protection is deployed across the entire infrastructure. When it comes to endpoint management, it's about no longer looking at technology in silos, it's about understanding why and how we can integrate different complementary offerings. Tivoli Endpoint Manager is built on that philosophy.
For more information about Tivoli Endpoint Manager, please visit:
One of the trends that we are seeing today is the convergence of security management and systems management.The better job you can do managing your infrastructure, the better equipped you will be to define and enforce security policies and controls across that infrastructure.There are few places where this convergence is more evident than the endpoint.
As the notion of a perimeter disappears, and we see the continued proliferation of an increasing number of traditional and non-traditional endpoints, such as servers, desktop PCs, laptops, ATMs, point-of-sale devices, and self-service kiosks, organizations are looking for a comprehensive approach to how they best manage and secure all of their endpoints.This includes, but is not limited to, identifying all of the endpoints that you have in your environment, managing the complete lifecycle of that endpoint, providing continuous security and compliance, effectively deploying patches in a timely manner and finally, managing the power usage of that endpoint.
Tivoli Endpoint Manager, built on BigFix technology, can address all of those needs, but in this blog, I want to focus on that last piece of the conversation, because it is one that does not immediately come to mind when people are typically thinking about the most critical elements of managing an endpoint.However, we have seen that effective power management is something that can actually pay for all of the other benefits that Tivoli Endpoint Manager can provide.You can ultimately end up saving money, the environment, and in the process, deploy critical security and systems management controls across all of your endpoints (even the ones you didn’t originally know you had).
In a recent article (click here), Penn State wrote about their deployment of Big Fix (now called Tivoli Endpoint Manager) and indicated that it could save them about $800,000 annually.At a large university like Penn State, they have thousands of computers that can be included in their power management initiative, and many of these computers are only heavily used during peak hours.Tivoli Endpoint Manager allows the Penn State IT staff to automatically put these computers in sleep mode when they aren’t in use.They are anticipating not only a significant ROI (about $800,000 annually), but are also hoping to reduce the amount of carbon dioxide released into the atmosphere by 60,000 tons.
One of the objections that people often bring up when it comes to power management for the endpoint is that it can interfere with the patch process.This is one of the areas where the convergence of security and systems management is so important.The policies that you create and enforce from a systems management perspective need to work hand-in-hand with the policies related to security management.For that reason, Tivoli Endpoint Manager was built on the core concepts of convergence, scalability and granular policy setting.It allows an IT staff to automatically wake computers at a designated time, apply required patches or enforce configuration policies, reboot, and then bring the endpoint back down to a hibernated, low energy state, or shut it down altogether.
The Chichester School District (click here) provides yet another great example of power management savings. This regional school district in Delaware County, Pennsylvania, manages more than 2,000 Microsoft Windows desktops and 50 Microsoft Windows servers throughout a six-school network.The Chichester School District implemented energy conservation using the power management capabilities of Tivoli Endpoint Manager to help reduce computing energy costs by 70 percent. Their IT team also uses the distributed “Wake-on-LAN” functionality to distribute and install patches to those machines that are turned off at night. This allows for a reduction of energy resources and confirms machines are securely patched—without impacting employee productivity.
The integrated patch and power management capabilities of IBM Tivoli Endpoint Manager provides IT staff with real-time information on remote endpoints to simplify patch processes, conserve energy and reduce on site troubleshooting.
When I saw Tom Cross give a talk at Innovate 2010 in June, I was first struck with the nonchalance with which he spoke of the black market business of Internet data. I could not have been more intrigued if I were watching a movie adapted from a John Grisham novel. He seemed to have some emotional distance from what creeps most of us out about our mail. And I’m not even talking about email. I mean the good old-fashioned USPS mail. I KNOW I am not the only one who has worn out a few paper shredders thanks to Citibank, Chase, and the like.
The second thing that hijacked my thought train for more than a few moments was how network vulnerabilities are created for the explicit purpose of learning cyber criminal behavior. Like signing up for as much spam as you can. Sure it makes sense to me now. But I am still vaguely uncomfortable talking publicly about threat and attacks. It seems akin to Batman and the Joker building websites to promote their plans to outsmart the other. What was I not getting? By now I was considering slipping quietly out of the room to silence the voice in my head saying I had been foolish, very, very foolish in my confidence as a clever and vigilant consumer of Internet Things.
Realizing that I had some mental catching up to do, I stayed for the lasting impression that could keep me awake at night: just how easy it is to steal digital data. As I struggled with the impartial irony of how enormous yet simple a cat and mouse game Web App security is, visions of Tom and Jerry danced in my boggled brain.
Recent IBM news on “Smarter Cities” is invoking fond
memories of one of my favorite courses at Rensselaer
Polytechnic Institute: Politics
of design taught by Professor
Langdon Winner. Some of my favorite discussions during this course focused
on urban theory and planning and environmentally and ethically responsible
innovations. A few of my favorite personal readings included:
While innovations and technologies always fascinate
me, personally I’m most interested in the political, socio-cultural aspects of
Palmisano’s statement below:
“All the ways in which the world
works come together in our cities. They are the proverbial melting pot -- not
only for immigrants, but for systems, blending them together to engender new
forms of commerce, of culture, of science, of life and of society. Which is why
cities -- more than states, provinces or even nations -- are likely to be the
crucible for human progress and evolution in the coming century.”
Smart cities require smart people and deliberate thinking. How will SmarterCity designs and innovations enable and constrain our attempts
to build ethical, sustainable, humane systems and relationships? What are key
philosophical and socio-cultural issues to consider in this endeavor?
If you are friends of Tivoli experts on Twitter, you may see #tivtour tweets quite a bit this week. See my recent write up on this topic to learn more about the mystery event. Also, see Twitter Search for #tivtour on Twazzup
for a running stream of related tweets and photos. The Tivoli Tour runs
at many IBM locations this week and in Brazil on May 29. So you can
expect to see more Twitter conversations in the near future.
This week IBM kicked off the Impact conference from May 3 - 8 in Las Vegas at the Venetian Resort Hotel Casino. In addition to focusing on Smart SOA and WebSphere, themes will concentrate on Smart, Economic Climate, Cost Optimization & Agility, Cloud computing, and Service Management.
The Impact conference is using social media in some of the most creative ways I’ve seen at IBM yet! They have a cool social media game where you can earn points for participating in Twitter, blogs, videos, etc. Hmm, I wonder how many points I can earn? Check out these links to learn more:
IBM Service Management is a big theme at the conference since Smart SOA makes business processes easy to change, but those changes create the demand for a Dynamic Infrastructure to be adaptive and support those business processes. IBM Service Management anticipates how business processes shift their pressures on the infrastructure, enabling the infrastructure to adapt quickly while enabling smart choices for a smarter world.
As Robert LeBlanc said at Pulse 2008, you can have Service Management without SOA, but you can’t have SOA without Service Management. Al Zollar, IBM General Manager of Tivoli Software, will give a keynote on May 5 during the Impact general session, discussing how a smarter planet requires a dynamic infrastructure based on IBM Service Management capabilities.Expect to hear announcements on ServiceManagementCenter for Cloud Computing, ITCAM for SOA Platform, and IBM Service Management for Healthcare.
IBM Service Management has the following activities at Impact:
18 IBM Service Management experts and executives will be available for one-on-one meetings with clients.
Smart SOA Service Management in the IBMSOAFitnessCenter.
Two pedestals in the Expo:
-Service Management (ITCAM for Transactions | OMEGAMON XE for Messaging, TBSM | ITCAM for SOA Platform, TUAM, ITCAM for WebSphere)
-Security Management (TSPM/TFIM)
Service Management speaking sessions include:
TSM - Managing the Virtual Enterprise
Rob Goodling, IBM
Venetian - Murano 3305
TSM - SOA Management on IBM System z®,
Divyesh Vaidya, IBM
Venetian - Murano 3203
BIA - The Last Mile to SOA Success: Service Management,
Casey Plunkett, IBM
Venetian - Galileo 1003
BID - Transforming Your Business Through BPM - Four Primary Use-Cases ,
Janelle Hill, Gartner, Inc , Kramer Reeves, IBM
Venetian - Galileo 904
TMC - Managing your IBM WebSphere MQ and IBM WebSphere Message Broker Environment
Jim Palistrant, IBM
Venetian - Delfino 4105
TSM - Lab: Monitoring Transactions in SOA Infrastructure,
Pradeep Nambiar, IBM, Jim Palistrant, IBM
Venetian - Marcello 4403
TMC - Meet the Experts and Demo for WebSphere MQ and Message Broker management
Divyesh Vaidya, IBM
Venetian - Tech Zone – Messaging
TSM - Manage your SOA Environment with IBM Tivoli
Todd Kindsfather, IBM and Jim Palistrant, IBM
Venetian - Palazzo D
BIS - Extending SOA Principles to the Infrastructure for Greater Flexibility and Cost Effectiveness
Kristin Hansen, IBM and Bruce Otte, IBM
Venetian - Galileo 907
BIS - Creating Secure and Compliant SOA Environments
Casey Plunkett, IBM and Ravi Srinivasan, IBM
Venetian - Galileo 906
TSM - Service Automation: Key To Exploiting and Managing the Virtual Enterprise
When IBM first kicked off the Dynamic Infrastructure announcement at Pulse 2009 conference, we heard some rumblings on whether Dynamic Infrastructure was just another executive buzzword or if there was real meat behind "the concept."
Doug McClure summarized the feeling well in his blog: “While this is great for executive level folks, I think we needed to drive this message into consumable and actionable things that lower level technical attendees could take back to their companies. They may be the ones who need to execute and show how previous or planned investments could help their company become smarter and more dynamic.”
After IBM’s announcement yesterday on new Dynamic Infrastructure offerings, critics will be hard-pressed to wonder whether Dynamic Infrastructure is actionable.Not only did IBM announce new products and services in the areas of Information Infrastructure, Virtualization, Service Management, and Energy Efficiency, but they also demonstrated how these solutions are helping three of our clients--the Taiwan High Speed Rail Corporation, Tricon Geophysics and the United States Bowling Congress--build new, more dynamic infrastructures to help reduce costs, improve service and manage risk.
A key piece of the announcement is the IBM Service Management Center for Cloud Computing, which now includes new IBM Tivoli Identity and Access Assurance, IBM Tivoli Data and Application Security, and IBM Tivoli Security Management for z/OS, for Cloud environments. I don’t know about you, but all that’s more meat than this vegetarian can handle. :)
To continue driving home the Dynamic Infrastructure success, IBM is sponsoring a variety of events for the public to learn more. Register for a free, local Pulse Comes to You event to see how Service Management is a key component for enabling a DyanmicInfrastructure for a Smarter Planet.
This post is dedicated specifically to IBM Business Partners, but we encourage all security professionals to help make our world a better place to live. So read on.
If you haven’t heard by now, IBM will be talking security at the place where “the world talks security” next week—the RSA 2009 conference. On April 23, Brian Truskowski, GM of Internet Security Systems (ISS), will provide an RSA keynote on “Securing the Smarter Planet.” His talk will address how security professionals are in a key position to enable effective change to create a smarter planet as our world and systems become more instrumented, interconnected, and intelligent.
As an IBM Business Partner, you are critical to the success of using innovative security solutions to enable a smarter planet. We'd like you to join us in shaping this conversation and activity in new IBM Security social media channels on ibm.com, LinkedIn, Twitter, and YouTube.
Use this presentation to get a quick overview of these new channels and how you can help.
Personally, I never really got hooked on American Idol, but next month IBM is releasing a Software Development reality TV series at the 2009 Rational Software Conference that I'd love to watch! Yup, I'm a nerd. :) This stuff fascinates me. I'm looking forward to the drama, laughs and intrigue. Get an overview of the new reality TV series and view a trailer with the videos below:
Overview: IBM Rational's Walker Royce discusses the Reality TV series as he fills you in on some of what you can expect to see at RSC 2009.
IBM customers: Join IBM on April 21 for the exciting SC Magazine awards presentation and dinner! RSVP to Karen Krieger at email@example.com if you would like to attend.
Date: April 21, 2009
Time: 6:30 pm – 10:30 pm
Where: Hilton San Francisco, 333 O’Farrell Street
We are very excited since IBM is a finalist in several categories:
Best Security Company!
Best Enterprise Firewall: IBM Proventia Network Intrusion Prevention as Layer II Firewall
Best Identity Management Solution: IBM Tivoli Access Manager for Enterprise Single Sign-On
Best Integrated Security Solution: IBM Proventia SiteProtector
Best Vulnerability Management Solution: IBM Proventia Network Enterprise Scanner
Best Web Application Security Solution: IBM Rational AppScan
Best Security Software Development Solution: IBM Rational AppScan Developer Edition
As part of the IT security industry's leading global awards program, the SC Awards U.S. was organized to honor the professionals, companies and products that help fend off the myriad security threats confronted in today's corporate world.
SC Awards hones in on the achievements of the guys and gals in the trenches, the innovations happening in the vendor and service provider communities, and the passionate work of government, commercial and nonprofits working to help the industry.
It’s Good Friday, and it not only has been a good, but a GREAT week. Did you hear? IBM made the list of Top 50 social brands for March 2009: “The Social Radar Top 50 measures the most social brands by the number of unique topics of conversation. These brands are top of mind for consumers and bloggers today.”
If you haven’t noticed by now. IBM’s presence is growing more and more in the social media arena. Below are some of the hot topics lighting up this space this month.
Ewwww, that almost sounds as decadent as eating chocolate. If you’re into networking with SOA strategists and architects, learning about real-life examples and benefits of SOA in action, then this event is for you. Dressed in character as an Imperial Servant, an IBM virtual guide will lead a tour of Virtual Worlds and share how SOA can solve architectural challenges, adding immediate value and business flexibility.