IBM's integrated security framework

August 2012 Information Security

To address the increasing need for an integrated security offering to deal with the growing security threats businesses face, IBM launched IBM Security Systems (ISS) late last year following its purchase of Q1 Labs. Joe Ruthven, business unit executive, IBM Security Systems, IBM Middle East and Africa, spoke to Hi-Tech Security Solutions about the new division.

Joe Ruthven
Joe Ruthven

Ruthven says the company had security products in its software portfolio before the Q1 acquisition, but not an integrated Security Information and Event Management (SIEM) system that could consolidate security threats in real-time. Now there is a single brand with a single team behind the security drive.

There are for key trends in the market driving the need for an integrated security offering in business, according to Ruthven. These are:

* The explosion of data in all areas of business, much of it not being secured appropriately.

* Nobody can deny the growth of mobile computing and this is creating a serious security vulnerability. Users are far too trusting when it comes to downloading apps and business must take the appropriate measures to protect itself.

* Cloud computing is also creating a headache for businesses and consumers as they adopt strategies that could see their data held by third parties in a variety of locations.

* Attacks on business IT are also increasing, not only in frequency, but also in sophistication. It’s no longer malware or kids having fun, but organised crime is profiting from hacking attacks, making hacking in its various forms the third most lucrative crime in the world.

These trends, among others have made security a pressing concern for business, a concern ISS is addressing through its unified offering. Ruthven says there are four dimensions to ISS’s service.

* People: Companies need to ensure the right people have access to the right privileges and access to do their jobs efficiently, but they also need to ensure that the wrong people don’t have access to information they don’t need, or may want to access for nefarious purposes.

* Data: Securing data is somewhat lower on organisations’ priorities, but with mobile and cloud services becoming more popular, as well as the rise of ‘big data’ along with governance requirements, managing your data is becoming more important than ever.

* Infrastructure: Business is good at securing its infrastructure, but securing the perimeter is no longer enough to protect from attacks.

* Applications: Applications are also under pressure, not from an access perspective, but also regarding how they behave. Again, this is especially relevant in the mobile space.

To support its security service, IBM also has its X-Force research team that monitors the security market. Its IBM X-Force Trend and Risk Report is produced twice per year and provides statistical information about all aspects of threats that affect Internet security, including software vulnerabilities and public exploitation, malware, spam, phishing, Web-based threats, and general cyber criminal activity.



Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

NEC XON shares lessons learned from ransomware attacks
NEC XON Editor's Choice Information Security
NEC XON has handled many ransomware attacks. We've distilled key insights and listed them in this article to better equip companies and individuals for scenarios like this, which many will say are an inevitable reality in today’s environment.

Read more...
iOCO collaboration protection secures Office 365
Information Security Infrastructure
The cloud, in general, and Office 365, in particular, have played a significant role in enabling collaboration, but it has also created a security headache as organisations store valuable information on the platform.

Read more...
Cybercriminals embracing AI
Information Security Security Services & Risk Management
Organisations of all sizes are exploring how artificial intelligence (AI) and generative AI, in particular, can benefit their businesses. While they are still figuring out how best to use AI, cybercriminals have fully embraced it.

Read more...
From the editor's desk: AI and events
Technews Publishing News & Events
      Welcome to the 2024 edition of the SMART Surveillance Handbook. Reading through this issue will demonstrate that AI has undoubtedly made its mark on the surveillance industry. Like ‘traditional’ video ...

Read more...
The TCO of cloud surveillance
DeepAlert Verifier Technews Publishing Surveillance Infrastructure
SMART Security Solutions asked two successful, home-grown cloud surveillance operators for their take on the benefits of cloud surveillance to the local market. Does cloud do everything, or are there areas where onsite solutions are preferable?

Read more...
Surveillance on the edge
Axis Communications SA Guardian Eye Technews Publishing Surveillance
Edge processing, a practical solution that has been available for some time, has proven its utility in various scenarios, tailored to the unique requirements of each user.

Read more...
AI developments in surveillance
DeepAlert Secutel Technologies Technews Publishing Surveillance
When AI-powered video analytics first emerged in the surveillance market, it was heralded as a game-changer, promising near-magical object recognition and identification. As always, it was oversold, but times have changed and we are close to seeing the ‘magic’ at work.

Read more...
Putting cyber into surveillance
Dallmeier Electronic Southern Africa Cathexis Technologies Technews Publishing Editor's Choice
Cybersecurity has become an essential part of the physical security industry. However, unlike other IoT technologies, of which security products are a part, surveillance technologies have more to protect.

Read more...
A strong cybersecurity foundation
Milestone Systems Information Security
The data collected by cameras, connected sensors, and video management software can make a VMS an attractive target for malicious actors; therefore, being aware of the risks of an insecure video surveillance system and how to mitigate these are critical skills.

Read more...
Surveillance and cybersecurity
Cathexis Technologies Information Security
Whether your business runs a security system with a handful of cameras or it is an enterprise company with thousands of cameras monitoring sites across a multinational organisation, you must pay attention to cybersecurity.

Read more...