IBM Launched Open Technology to Respond to Cyber Threats Across Clouds

IBM Launched Open Technology to Respond to Cyber Threats Across Clouds
Fotolia

IBM recently announced Cloud Pak for Security, featuring industry-first innovations to connect with any security tool, cloud or on-premise system, without moving data from its original source. The platform includes open-source technology for hunting threats, automation capabilities to help speed response to cyberattacks, and the ability to run in any environment.

Cloud Pak for Security is the first platform to leverage new open-source technology pioneered by IBM, which can search and translate security data from a variety of sources, bringing together critical security insights from across a company's multicloud IT environment. The platform is extensible, so that additional tools and applications can be added over time.

Attempts to protect fragmented IT environment often require security teams to undertake complex integrations and continuously switch between different screens and point products. In a recent SANS Institute report, sponsored by IBM Security, more than half of security teams surveyed said they struggle to integrate data with disparate security and analytic tools and combine that data across their cloud environments to spot advanced threats.

Hrvoje Pavičić, IBM Security Leader for South East Europe, talked about three initial capabilities of Cloud Pak for Security: run anywhere and connect security openly; gain security insights without moving data; and respond to security incidents faster with automation.

IBM Cloud Pak for Security installs easily in any environment, on premises, private cloud or public cloud. It is comprised of containerized software pre-integrated with the Red Hat OpenShift, the industry's most comprehensive enterprise Kubernetes platform. Through the OASIS Open Cybersecurity Alliance, IBM has also forged partnerships with dozens of companies to promote interoperability and help reduce vendor lock-in across the security community through co-developed open source technologies.

Transferring data in order to analyze it creates additional complexity. IBM Cloud Pak for Security can connect data sources to uncover hidden threats and help make more-informed risk-based decisions, while leaving the data where it resides. Through the use of open standards and IBM innovations, clients can access IBM and third-party tools to search for threat indicators across any cloud or on-premise location.

Via the Cloud Pak for Security's Data Explorer application, security analysts can streamline their hunt for threats across security tools and clouds. Without this capability, security teams would have to manually search for the same threat indicators within each individual environment. It is the first tool that allows this type of search without needing to move that data into the platform for analysis.

Cloud Pak for Security connects security workflows with a unified interface to help teams respond faster to security incidents. According to IBM Security estimates, security teams have to manage an average of 200,000 potential security events per day, and coordinate responses across dozens of tools.

New solutions package allows clients to orchestrate and automate their security response so they can prioritize their team's time. The platform allows companies to orchestrate their response to hundreds of common security scenarios, guiding users through the process and providing quick access to security data and tools.

IBM's Security Orchestration, Automation and Response capability integrates with Red Hat Ansible for additional automation playbooks. By formalizing security processes and activities across the enterprise, companies can react quickly and efficiently, while arming themselves with information to help address regulatory requirements.

Tomislav Balun, Country Leader, IBM Croatia presented results from the annual 2019 IBM X-Force Threat Intelligence Index highlighting that the transportation industry has become a priority target for cybercriminals as the second-most attacked industry, up from tenth in 2017, attracting 13% of observed attacks. Since January 2018, 566 million records from the travel and transportation industry have been leaked or compromised in publicly reported breaches.

„Attacks in the travel and transportation industry are becoming more frequent, opening already unwary travelers to cybersecurity threats during their journeys.", said Balun. "Cybercriminals are drawn to the travel industry because of the wealth of data it holds and the economic value it drives. IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio, supported by X-Force research, enables organizations to effectively manage risk and defend against emerging threats,“ Balun added.