Turbotodd

Ruminations on IT, the digital media, and some golf thrown in for good measure.

Archive for the ‘cybersecurity’ Category

IBM Watson for Cyber Security Powers Smarttech Security Ops

leave a comment »

IBM Security today announced Smarttech, a security services provider based in Ireland, is leveraging IBM Watson for Cyber Security in their Security Operations Center (SOC).

The new tool is enabling the company’s analysts to investigate and respond to three times as many security incidents with greater speed and accuracy. Smarttech was one of 40 companies around the world to participate in the IBM Watson for Cyber Security Beta Program, and is now a customer.

Powered by IBM QRadar Advisor with Watson, Smarttech’s SOC now takes advantage of the cognitive capabilities of Watson along with industry leading IBM Security QRadar Security Analytics Platform to uncover hidden threats and automate insights.

IBM has trained Watson on the language of cyber security, with the system ingesting over one million security documents, and can now help security analysts with insights from hundreds of thousands of natural language research sources that have never before been accessible to modern security tools.

Smarttech was looking for an intuitive solution to better manage an industry-wide workforce shortage of security analysts, and sought to augment the skills of its security team to stay ahead of ever evolving cyber threats targeting customers.

As part of its roll out of IBM QRadar Advisor with Watson, Smarttech found that the tool provided valuable additional perspective beyond what their analysts had initially discovered, highlighting new observations that the analysts had overlooked in about 20 percent of incidents.

“It’s not man versus machine—they very much work hand and hand,” said Ronan Murphy, CEO, Smarttech. “Our analysts continue to play a critical role in evaluating a cyber security incident, while Watson for Cyber Security enforces their decisions and validates what they are sharing with the customer at risk. It enables security analysts to deliver faster and more accurate details on a breach, so we may better protect our customers.”

IBM QRadar Advisor with Watson can help security teams respond to threats through the following:

  • Visibility into elements of a security incident – while investigating an incident, QRadar Advisor first gathers greater context about that incident by mining local data available in QRadar.​
  • Formulate a threat research strategy – QRadar Advisor formulates a threat query to send to Watson for Cyber Security, to perform external knowledge and threat discovery on discrete observations from the incident.
  • Threat research – Watson for Cyber Security taps its knowledge base of unstructured data and uses cognitive reasoning to discover additional insights and other threat entities related to the original incident.
  • Apply intelligence to understand the threat – QRadar Advisor refines information it receives from Watson, to zero in on the key insights relevant to the current incident. It validates the source of the offense and provides additional context to identify and understand the threat.

For more information on Watson for Cyber Security and the IBM Cognitive SOC, visit: http://www-03.ibm.com/security/cognitive/

Written by turbotodd

May 11, 2017 at 8:31 am

IBM X-Force: Financial Services Most Targeted By Cybercriminals Last Year

leave a comment »

IBM Security announced research from its IBM X-Force Research team which revealed the financial services industry was attacked more than any other industry in 2016 – 65 percent more than the average organization across all industries.

Or, as Willie Sutton famously asked why he robbed banks: “Because that’s where the money is!”

As a result of the increase, the number of financial services records breached skyrocketed 937 percent in 2016 to more than 200 million. While the financial services industry was targeted the most by cyberattacks in 2016, IBM X-Force Threat Intelligence Index data shows it ranked third by industry for the number of breached records – likely due to investments in enhanced security practices.

“Cybercriminals have always gone where there is money to be made. While financial services has been a highly targeted industry by cybercriminals, in previous years, their main focus shifted to other more lucrative industries like healthcare or retail,” said Nick Bradley, Practice Lead, IBM X-Force Threat Research. “However, in 2016 we saw a significant resurgence to financial services as criminals decided to go directly to the source money.” 

Insiders Pose Largest Threat to Financial Services

In looking at ways the financial services sector was attacked in 2016, the report found that the industry was more affected by insider attacks (58 percent) than outsider attacks (42 percent). This shows the genesis of many of the breaches were a result of malicious activity.

Malicious activity inside an organization can be a result of an inadvertent act (53 percent) such as an employee accidentally being tricked to download a malware-laden document through a phishing email which then gives attackers access to information. Many of these attacks occur without the user being aware of it.

Financial Malware Continues to Thrive

IBM X-Force found that some countries experienced a marked increase in financial cybercrime in 2016. Cybercriminals sharpened their focus on business bank accounts by using malware such as Dridex, Neverquest, GozNym and TrickBot to target business banking services.

Given the better defenses at large financial institutions, IBM X-Force researchers recently identified TrickBot malware campaigns targeting the less common brands in the industry, like private banks, wealth management,  and high value account types, indicating this ambitious malware gang plans on attacking in new territory.

Mitigating Risk

As cybercriminals continue to pivot and identify lucrative tactics to steal valuable information, IBM X-Force experts recommend the following tips to protect financial services organizations from attacks: 

  • Conduct Employee Awareness Training: Continuously train and test employees to teach them how to identify suspicious emails to avoid falling victim to phishing scams.
  • Reduce Exposure to Insider Threats: Combine data security and identity and access management solutions to protect sensitive data and govern the access of all legitimate users.
  • Apply a Cognitive Approach: Augment a security analyst’s ability to identify and understand sophisticated threats by tapping into unlimited amounts of unstructured data from blogs, websites, research papers and the like, and correlating it with relevant security incidents.
  • Develop and Implement an Incident Response Plan: Identify the data necessary to respond to an attack, understand how to mitigate an attacker’s access.

You can download a copy of the IBM X-Force Financial Services report here.

Written by turbotodd

April 27, 2017 at 11:44 am

Over 90 Custom Apps Now ON IBM Security App Exchange

leave a comment »

The IBM Security App Exchange has now grown to over 90 custom applications from IBM and Business Partners.

Over 30,000 apps, content packs and tools have been downloaded since the launch of the App Exchange, allowing users to extend the capabilities of IBM’s Security technologies with custom apps and integrations.

Launched in December 2015, the IBM Security App Exchange is a community marketplace for customers, Business Partners and other developers to build and share applications which build upon and integrate with IBM Security products.

The IBM Security App Exchange has been populated with new applications from more than 30 Business Partners, including Trend Micro, Recorded Future, BluVector and Ziften.

Through this collaboration, customers now have access to new solutions which can help them streamline their security operations, potentially saving valuable resources and allowing their security teams to remain focused on the latest threats rather than technology management and integration.

Combining these partner applications with innovative new security apps developed within IBM Security, the App Exchange is now home to 92 applications which extend across the IBM Security portfolio, including IBM QRadar security intelligence platform,BigFix endpoint management, Guardium data protection, MaaS360 mobile device management, Resilient incident response platform, and IBM’s open source threat intelligence platform, X-Force Exchange.

“As threats are evolving faster than ever, collaborative development amongst the security community will help organizations adapt quickly and speed innovation in the fight against cybercrime,” said Sandeep Mukherjee, Marketing Manager, IBM Security. “The rapid growth of the IBM Security App Exchange shows the value that this collaboration is providing to partners and customers.”

You can visit the IBM Security App Exchange here.

Written by turbotodd

April 20, 2017 at 8:47 am

IBM QRadar Named as a Leader in Security Analytics Platforms

leave a comment »

IBM Security has announced IBM QRadar, the company’s security intelligence platform, has been named a “Leader” and received the highest scores in the three categories – current offering, strategy, and market presence – of all evaluated solutions in the March 2017 report, “The Forrester Wave™: Security Analytics Platforms, Q1 2017,” by Forrester Research, Inc.

For this report, Forrester evaluates companies based on a number of criteria, including deployment options, detection capabilities, risk prioritization, log management, threat intelligence, dashboards and reporting, security automation, end user experience, and customer satisfaction.

Forrester surveys indicate that 74% of global enterprise security technology decision makers rate improving security monitoring as a high or critical priority.

According to the report, IBM Security “has an ambitious strategy for security analytics that includes cognitive security capabilities from its Watson initiative and security automation from its Resilient Systems acquisition.”

Forrester also notes IBM’s investments in security with its QRadar Security Intelligence Platform emerging as “one of the key pieces of its portfolio.” The analyst firm also notes that “those looking for advanced capabilities and a flexible deployment model should consider IBM.”

Written by turbotodd

March 10, 2017 at 8:49 am

IBM Delivers Watson For Cyber Security, New Watson-Powered Chatbot And Voice-Powered Assistant

leave a comment »

IBM security has announced the availability of Watson for Cyber Security, the industry’s first augmented intelligence technology designed to power cognitive security operations centers.

Over the past year, Watson has been trained on the language of cyber security, ingesting over 1 million security documents. Watson can now help security analysts parse thousands of natural language research reports that have never before been accessible to modern security tools.

Watson for Cyber Security will be integrated into IBM’s new Cognitive SOC platform, bringing together advanced cognitive technologies with security operations and providing the ability to respond to threats across endpoint, network, users and cloud.

The centerpiece of this platform is IBM QRadar Advisor with Watson, a new app available in the IBM Security App Exchange, which is the first tool that taps into Watson’s corpus of cyber security insights.

This new app is already being used by Avnet, University of New Brunswick, Sopra Steria and 40 other customers globally to augment security analysts’ investigations into security incidents.

IBM has also invested in research to bring cognitive tools into its global X-Force Command Center Network, including a Watson-powered chatbot currently being used to interact with IBM Managed Security Services customers.

IBM also revealed a new research project, codenamed “Havyn,” pioneering a voice-powered security assistant that leverages Watson conversation technology to respond to verbal commands and natural language from security analysts.

The project uses Watson APIs, Bluemix and IBM Cloud to provide real-time response to verbal requests and commands, accessing data from open source security intelligence, including IBM X-Force Exchange, as well as client-specific historic data and their security tools.

Watson is also currently engaging with clients daily via a new chatbot tool deployed in IBM’s X-Force Command Center Network, which manages over 1 trillion security events per month. Clients can choose to ask Watson questions via instant messaging about their security posture or network configurations.

For example, clients can ask Watson questions about a device or ticket status. The tool is also capable of executing commands from IBM MSS customers, such as reassigning a ticket to a new owner.

Go here to learn more about Watson for Cyber Security and the Cognitive SOC.

Written by turbotodd

February 13, 2017 at 8:49 am

IBM Plans to Acquire Security Visualization And Management Firm Agile 3 Solutions

with one comment

IBM Security today announced plans to acquire Agile 3 Solutions, a developer of software used by the C-Suite and senior executives to better visualize, understand and manage risks associated with the protection of sensitive data.

The addition of Agile 3 Solutions’ capabilities to IBM Security’s portfolio adds an intuitive tool to improve C-Suite decision making as businesses prepare to defend themselves against cybercrime.

As cybersecurity has become a board-level issue, there is a growing need for the C-suite and the Board to understand their security posture through the lens of business risk, not just the technical security data and metrics.

Business leaders must be equipped to make risk-based decisions and prioritize investments toward the cybersecurity readiness and resilience. In fact, Gartner predicted that “by 2017, 80% of IT risk and security organizations will report metrics to non-IT executive decision makers; however, only 20% will be considered useful by the target audience.”

Agile 3 Solutions is a San Francisco-based, privately held company that provides business leaders with a comprehensive, business-friendly dashboard and intuitive data risk control center to help uncover, analyze, and visualize data-related business risks.

Financial terms of the deal were not disclosed and the transaction is expected to close within several weeks.

For more information about Agile 3 Solutions, go to http://www.ibm.com/security/announce/agile3/

Written by turbotodd

January 23, 2017 at 8:43 am

The Yahoo Repo

leave a comment »

And you thought bad security didn’t cost your business anything to the downside?

A few months ago Verizon was posing the question “Should we Yahoo!?” and the answer was a resounding “Yes We Should!”

But after yesterday’s report of another Yahoo! hacking incident, this time dating back to 2013 and involving as many as 1 billion user accounts, the answer is quite different.

Bloomberg is reporting that Verizon is looking for either a price cut (“Hacker’s Discount!”) or even a “possible exit” from the $4.83 billion pending acquisition.

Yahoo shares have fallen as much as 6.5 percent since the news broke of the latest hack.

Me, I stopped Yahooing the first time around, going so far as to completely delete my Yahoo! account (one, by the way, I’d probably had for going on 17 years!)

(See IBM’s cognitive security to learn how you can prime your company’s digital immune system.)

In other breaking tech news and also from Bloomberg, VC-backed unicorn and developer-can’t-live-without coding platform, GitHub, lost $66M in nine months over 2016.

GitHub received a $250M funding round by Sequoia Capital in 2015, but has apparently been burning through cash as fast as developers can create new repos.

And seemingly straight outta the HBO show, “Silicon Valley,” GitHub’s San Fran HQ apparently has a lobby modeled after the White House’s Oval Office, which in turn leads to a replica of the Situation Room.

Let’s hope they won’t be needing to go to DefCon 4 anytime soon — the software development world would likely come to a screeching halt if GitHub were to head south.

If only they could just commit!

{{IF you think that was a bad joke, THEN I’ve got plenty more where that one came from.}}

Written by turbotodd

December 15, 2016 at 4:16 pm

%d bloggers like this: