eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
IBM announced new cyber-security software to help fight cyber-threats in a way similar to the way the human immune system works.
On May 5, IBM introduced comprehensive new security software and services to help organizations protect their data in an environment where advanced persistent threats, zero-day attacks, breaches and the financial impact on an organization continue to rise. Through pervasive behavioral analytics and deep research expertise, IBM can help organizations stop attackers from exploiting these vulnerabilities.
According to two IBM-commissioned studies from the Ponemon Institute, the average cost of a data breach increased by 15 percent globally, reaching an average of $3.5 million. The majority of companies surveyed say targeted attacks are the greatest threat, costing them on average $9.4 million in brand equity alone.
The announcement of the IBM Threat Protection System and Critical Data Protection Program represents two years of investment in organic development and the acquisition of companies, including Q1 Labs, Trusteer, Guardium, Ounce Labs, Watchfire and Fiberlink/MaaS360.
Since forming a dedicated cyber-security business in late 2011, IBM has risen to become one of the largest players in enterprise security and has achieved six straight quarters of double-digit growth in that space, the company said. According to IDC’s Software Tracker, IBM moved from the fourth-largest security vendor to the third in 2013.
The new IBM Threat Protection System leverages security intelligence and behavioral analytics to go beyond traditional signature-based defenses and firewalls to disrupt attacks across the entire attack chain—from break-in to exfiltration. The IBM Threat Protection System includes an end-to-end architecture of analytic and forensics software that helps organizations continuously prevent, detect and respond to ongoing cyber-attacks, and in some cases, eliminate the threat before the damage has occurred.
For prevention, IBM announced a new Trusteer Apex solution for endpoint malware blocking, significant enhancements to the IBM Network Protection appliance for quarantining against attacks and new integrations with key partners’ network sandbox capabilities. For detection, IBM enhanced its QRadar Security Intelligence platform with new capabilities—allowing organizations to detect attacks at new scale and actively block exploits with a click. And for response, IBM introduced IBM Security QRadar Incident Forensics. IBM also continues to expand its emergency response services globally.
“Advanced persistent threats have fundamentally changed the way organizations have to approach data security,” said Brendan Hannigan, general manager of IBM Security Systems, in a statement. “Today, defending against cyber-attacks requires more than a signature-based or perimeter approach. Deep analytic capabilities and forensics are vital and need to include endpoint prevention, perimeter protection and the ability to guard against attacks before they can do damage.”
IBM Launches New Cybersecurity Software, Services
IBM said clients testing the IBM Threat Protection System have seen quick results. For example, a health care provider with thousands of endpoints immediately found dozens of instances of malware present, despite their use of many more traditional security tools. This malicious code could be used to remote control endpoints or exfiltrate data, but instead was instantly disabled. Likewise a large European bank recently tried this capability and was able to disable undetected malware across the enterprise.
The IBM Threat Protection System is supported around the world by IBM’s managed security operations centers (SOCs), which can monitor the system once deployed by clients. IBM’s SOC Optimization consultants can also deploy and integrate them into customer SOCs.
Meanwhile, the new Critical Data Protection Program helps safeguard critical data — a corporation’s “Crown Jewels.” An organization’s fortune is often driven by less than two percent of its enterprise data, which has major impact on competitive advantage, brand reputation, market value and business growth, IBM said.
“Concerns over the ability to protect critical data from cyber attacks have moved center stage in the board room,” said Kris Lovejoy, general manager of IBM Security Services, in a statement. “Cyber attacks and loss of data have the ability to impact brand reputation, reduce shareholder value and open an organization to litigation. IBM’s new software and services are designed to provide these executives with a unique solution that lets them keep their focus on the day-to-day needs of their customers and driving business revenue.”
Organizations are increasingly turning to IBM to help them build comprehensive approaches to quickly identify and stop advanced threats before they do damage. Recently, IBM began providing external vulnerability scanning and expert hotline support services to AIG’s CyberEdge insurance clients.
“We look forward to IBM continuing to build on its unique ability to combine market-leading software, services, research capabilities and industry partnerships to counter the momentum of sophisticated attacks,” said Tracie Grella, head of professional liability for the Global Financial Lines at AIG, in a statement.
Moreover, IBM’s newly announced consulting services are based on IBM’s Data Centric Security Model, under which IBM deploys assets from Guardium, StoredIQ and IBM Research to help protect business critical information.
This critical data — which may include such high value data assets as acquisition and divestiture plans, executive and board deliberations and intellectual property — accounts for an estimated 70 percent of the value of a publicly traded corporation. As a result, this type of data is extremely valuable to hostile forces – whether company insiders or sophisticated attackers.
Yet, despite the importance and value of critical enterprise data, many organizations are not aware of what their Crown Jewel information is, where it resides, who has access to it, or how it is protected, making it more difficult to monitor and protect, IBM said. In fact, data loss can take days or more to discover in more than 95 percent of cases, and weeks or more to contain in more than 90 percent of cases, a lag that can have a catastrophic impact on a business, the company said.
IBM’s new Critical Data Protection Program offers an iterative multi-phased approach of Define, Discover, Baseline, Secure and Monitor for a full lifecycle of data security to protect profitability, competitive position and reputation.