Security as a Key Enabler of Emerging Technology
Bryan Casey 270003BSJV BFCASEY@US.IBM.COM | | Tags:  ibm pulse #ibmpulse security
0 Comments | 2,150 Visits
At Pulse, we’ve all seen hundreds, if not thousands of Smarter Planet slides detailing how our world is rapidly becoming more instrumented, interconnected and intelligent. Steve Robinson’s keynote Tuesday morning was no exception to that.
As the General Manager of IBM Security Solutions, his talk took a bit of a different angle on the conversation though. He wanted to ask the question...
We've seen a lot over the course of the past year in terms of internal and external security incidents. From stuxnet...
One of the questions that we have to ask ourselves is, "what do these events mean?" At IBM, we have an entire advanced research team dedicated to looking at these single incidents and understanding them in the context of the broader security landscape. Twice a year, IBM X-Force publishes their findings in the annual IBM X-Force Trend and Risk Report. Their job is to be constantly evaluating the question...
There are a few things that they've noted and that Steve focused on during his talk. There's a lot of debate around whether internal or external threats represent the greater threat, but one thing is for certain- a good security strategy will take both into account.
Mobile devices offer lots of new opportunities from both a personal and enterprise perspective when we think about efficiency and convenience. However, as these devices develop in popularity, and they are increasingly used to access sensitive information, we must also consider some of the emerging security questions.
Steve also spoke about the continued rise of government regulation. Every company is dealing with extensive compliance mandates and that trend doesn't seem to be slowing. However, at Pulse we've started to notice a subtle shift in the way executive level security professionals are thinking about the relationship between security and compliance. While in the past they may have been focused on becoming compliant, organizations today are starting to think about doing whatever it takes to become secure, with compliance following from that. Again, the shift is a subtle one, but it's interesting once we realize that this is really a change in who is actually driving security requirements. It's transitioning from governments, to the individual organizations.
One of the most significant points that Steve made is that security professionals can no longer say "no." Security needs to become an enabler of...
Cutting edge security is ultimately what allows organizations to confidently adopt emerging technologies. With that in mind, the question you're probably asking is,
IBM recently released the IBM Security Network Intrusion Prevention System. Boasting 100% inspection and speeds twice that of our closest competitors, this product is an enormous step forward in network security. It is also just one example of how IBM has a significant focus on what we would consider to be traditional security. We...
With 9 security operations center around the world, we are also focused on...
..so that our clients can consume security in the way that's right for them.
We're seeing a convergence of systems management and security management with the endpoint being prime example of this. Built on Bigfix technology, Tivoli Endpoint Manager was designed with the philosophy that a well managed endpoint is a secure endpoint.
The real key is to take these technologies and practices and deploy them in a way that is focused on
Security is all about building in that top layer of visibility, automation and control, but to do that, to make security "operational," we need to first build security into the core foundational elements of the IT Infrastructure, into the elements of the IBM Security Framework (people and identity, data and information, application and process, network, server and endpoint and the physical infrastructure) .
Listening to Steve talk reminded me of a quote from one of the recent IBM Centennial videos. A former Director of IBM Research made the comment that, "doing science in isolation will not work." Both Steve's discussion, and IBM Security seem to be built on that foundational understanding. Our technology and approach is based on, and driven by the world we live in. IBM X-Force takes information about security events and vulnerability disclosures and turns that information into real intelligence. They then turn around and build that intelligence into our products. These products are then deployed into environments that are often under the management of our Managed Security Services team. As mentioned earlier, IBM has 9 security operation centers around the world, and from these centers we managing over 4,000 clients and 13 billion security events every single day. We take that first hand information and experience and funnel it back into our X-Force research team. The cycle of information, intelligence and innovation begins again.
The circular nature of our approach to security helps to ensure that our technology is constantly being evaluated and created with an understanding of the world it will be deployed into, your world.