Turbotodd

Ruminations on IT, the digital media, and some golf thrown in for good measure.

Archive for the ‘cybersecurity’ Category

IBM Delivers Watson For Cyber Security, New Watson-Powered Chatbot And Voice-Powered Assistant

leave a comment »

IBM security has announced the availability of Watson for Cyber Security, the industry’s first augmented intelligence technology designed to power cognitive security operations centers.

Over the past year, Watson has been trained on the language of cyber security, ingesting over 1 million security documents. Watson can now help security analysts parse thousands of natural language research reports that have never before been accessible to modern security tools.

Watson for Cyber Security will be integrated into IBM’s new Cognitive SOC platform, bringing together advanced cognitive technologies with security operations and providing the ability to respond to threats across endpoint, network, users and cloud.

The centerpiece of this platform is IBM QRadar Advisor with Watson, a new app available in the IBM Security App Exchange, which is the first tool that taps into Watson’s corpus of cyber security insights.

This new app is already being used by Avnet, University of New Brunswick, Sopra Steria and 40 other customers globally to augment security analysts’ investigations into security incidents.

IBM has also invested in research to bring cognitive tools into its global X-Force Command Center Network, including a Watson-powered chatbot currently being used to interact with IBM Managed Security Services customers.

IBM also revealed a new research project, codenamed “Havyn,” pioneering a voice-powered security assistant that leverages Watson conversation technology to respond to verbal commands and natural language from security analysts.

The project uses Watson APIs, Bluemix and IBM Cloud to provide real-time response to verbal requests and commands, accessing data from open source security intelligence, including IBM X-Force Exchange, as well as client-specific historic data and their security tools.

Watson is also currently engaging with clients daily via a new chatbot tool deployed in IBM’s X-Force Command Center Network, which manages over 1 trillion security events per month. Clients can choose to ask Watson questions via instant messaging about their security posture or network configurations.

For example, clients can ask Watson questions about a device or ticket status. The tool is also capable of executing commands from IBM MSS customers, such as reassigning a ticket to a new owner.

Go here to learn more about Watson for Cyber Security and the Cognitive SOC.

Written by turbotodd

February 13, 2017 at 8:49 am

IBM Plans to Acquire Security Visualization And Management Firm Agile 3 Solutions

with one comment

IBM Security today announced plans to acquire Agile 3 Solutions, a developer of software used by the C-Suite and senior executives to better visualize, understand and manage risks associated with the protection of sensitive data.

The addition of Agile 3 Solutions’ capabilities to IBM Security’s portfolio adds an intuitive tool to improve C-Suite decision making as businesses prepare to defend themselves against cybercrime.

As cybersecurity has become a board-level issue, there is a growing need for the C-suite and the Board to understand their security posture through the lens of business risk, not just the technical security data and metrics.

Business leaders must be equipped to make risk-based decisions and prioritize investments toward the cybersecurity readiness and resilience. In fact, Gartner predicted that “by 2017, 80% of IT risk and security organizations will report metrics to non-IT executive decision makers; however, only 20% will be considered useful by the target audience.”

Agile 3 Solutions is a San Francisco-based, privately held company that provides business leaders with a comprehensive, business-friendly dashboard and intuitive data risk control center to help uncover, analyze, and visualize data-related business risks.

Financial terms of the deal were not disclosed and the transaction is expected to close within several weeks.

For more information about Agile 3 Solutions, go to http://www.ibm.com/security/announce/agile3/

Written by turbotodd

January 23, 2017 at 8:43 am

The Yahoo Repo

leave a comment »

And you thought bad security didn’t cost your business anything to the downside?

A few months ago Verizon was posing the question “Should we Yahoo!?” and the answer was a resounding “Yes We Should!”

But after yesterday’s report of another Yahoo! hacking incident, this time dating back to 2013 and involving as many as 1 billion user accounts, the answer is quite different.

Bloomberg is reporting that Verizon is looking for either a price cut (“Hacker’s Discount!”) or even a “possible exit” from the $4.83 billion pending acquisition.

Yahoo shares have fallen as much as 6.5 percent since the news broke of the latest hack.

Me, I stopped Yahooing the first time around, going so far as to completely delete my Yahoo! account (one, by the way, I’d probably had for going on 17 years!)

(See IBM’s cognitive security to learn how you can prime your company’s digital immune system.)

In other breaking tech news and also from Bloomberg, VC-backed unicorn and developer-can’t-live-without coding platform, GitHub, lost $66M in nine months over 2016.

GitHub received a $250M funding round by Sequoia Capital in 2015, but has apparently been burning through cash as fast as developers can create new repos.

And seemingly straight outta the HBO show, “Silicon Valley,” GitHub’s San Fran HQ apparently has a lobby modeled after the White House’s Oval Office, which in turn leads to a replica of the Situation Room.

Let’s hope they won’t be needing to go to DefCon 4 anytime soon — the software development world would likely come to a screeching halt if GitHub were to head south.

If only they could just commit!

{{IF you think that was a bad joke, THEN I’ve got plenty more where that one came from.}}

Written by turbotodd

December 15, 2016 at 4:16 pm

IBM Study: Business More Likely To Pay Ransomware Than Consumers

leave a comment »

IBM Security has announced results from a study finding 70 percent of businesses infected with ransomware have paid ransom to regain access to business data and systems.

In comparison, over 50 percent of consumers surveyed said they would not pay to regain access back to personal data or devices aside from financial data.

For those not familiar with the practice, ransomeware is an extortion technique used by cybercriminals where data on computers and other devices is encrypted and held for ransom until a specified amount of money is paid.

The IBM X-Force Study, “Ransomware: How Consumers and Businesses Value Their Data’ surveyed 600 business leaders and more than 1,000 consumers in the U.S. to determine the value placed on different types of data.

Key findings from the survey:

  • While over half of consumers surveyed initially indicated they would not pay the ransom, when asked about specific data types, 54 percent indicated they would likely pay to get financial data back
  • More than half (55 percent) of parents surveyed would be willing to pay for access to digital family photos vs. 39 percent of respondents without children

Businesses Held For Ransom Likely To Pay

Nearly one in two business executives surveyed have experienced ransomware attacks in the workplace. The study found 70 percent of these executives said their company has paid to resolve the attack, with half of those paying over $10,000 and 20 percent paying over $40,000.

Nearly 60 percent of all business executives indicated they would be willing to pay ransom to recover data. Data types they were willing to pay to recover included financial records, customer records, intellectual property, and business plans.

Overall, 25 percent of business executives said, depending upon the data type, they would be willing to pay between $20,000 and $50,000 to get access back to data.

As for small businesses, well, they remain a ripe target. Only 29 percent of small businesses surveyed have experience with ransomware attacks compared to 57 percent of medium-sized businesses. While cybercriminals may not view these businesses as offering a big payday, a lack of training on workplace IT security best practices can make them vulnerable. The study found that only 30 percent of small businesses surveyed offer security training to their employees, compared to 58 percent of larger companies.

Preparing For And Responding To Ransomware

Preparing for and Responding to Ransomware
With the financial returns on ransomware growing north of a $1 billion for cybercriminals, IBM anticipates it and other extortion schemes will continue to grow. ‘
Both businesses and consumers can take some steps to help defend themselves from ransomware. IBM X-Force experts recommends the following tips to protect yourself and your business:

  • Be vigilant. If an email looks too good to be true, it probably is. Be cautious when opening attachments and clicking links.
  • Backup your data. Plan and maintain regular backup routines. Ensure the backups are secure, and not constantly connected or mapped to the live network.
  • Disable macros. Document macros have been a common infection vector for ransomware in 2016. Macros from email and documents should be disabled by default to avoid infection.
  • Patch and purge. Maintain regular software updates for all devices, including operating systems and applications. Update any software you use often and delete applications you rarely access.

For additional tips and details on the survey findings, you can download the full report at: https://ibm.biz/RansomwareReport.
In addition, Resilient, an IBM Company, today announced an industry-first Dynamic Playbook to help organizations respond to ransomware and other complex attacks. Resilient Dynamic Playbooks orchestrate response in real-time, adapting the actions organizations need to take in response to cyberattacks as they unfold.
If you are a victim of ransomware, the FBI and other law enforcement agencies advise victims to avoid paying a ransom to cybercriminals. They do recommend you report a cybercrime, including becoming the victim of ransomware to the appropriate authorities:

Written by turbotodd

December 14, 2016 at 9:37 am

Batten Down The Hatches! IBM’s X-Force 2012 Trend And Risk Report

leave a comment »

It’s been a busy year for IT security incidents. Yesterday, John Markoff and Nicole Perlroth with The New York Times told us about yet another incident, this time a cyberattack involving antispam group Spamhaus and an anonymous group unhappy with their efforts.

Based on disclosed incident details such as the vulnerability used and attack type, IBM X-Force was able to determine that the majority of the security incidents disclosedin 2012 were carried out by the top left quadrant above, with attackers going after a broad target base while using off-the-shelf tools and techniques. This can be attributed to the wide public availability of toolkits, and to the large number of vulnerable web applications that exist on the Internet.

Click to enlarge. Based on disclosed incident details such as the vulnerability used and attack type, IBM X-Force was able to determine that the majority of the security incidents disclosed in 2012 were carried out by the top left quadrant above, with attackers going after a broad target base while using off-the-shelf tools and techniques. This can be attributed to the wide public availability of toolkits, and to the large number of vulnerable web applications that exist on the Internet.

But the list goes on and on. From the discovery of sophisticated toolkits with ominous names like Flame to cross-platform zero-day vulnerabilities, both consumers and corporations have been inundated with advisories and alerts regarding emerging threats. The frequency of data breaches and incidents—which had already hit a new high in 2011—continued their upward trajectory.

At the mid-year of 2012, IBM’s X-Force team predicted that the explosive nature of attacks and security breaches seen in the first half would continue. Indeed this was the case. While talk of sophisticated attacks and widespread distributed denial-of-service (DDoS) attempts made the year’s headlines, a large percentage of breaches relied on tried and true techniques such as SQL injection.

What continues to be clear is that attackers, regardless of operational sophistication, will pursue a path-of-least-resistance approach to reach their objectives. Integration of mobile devices into the enterprise continues to be a challenge. In the previous report, X-Force looked at some of the pitfalls and perils of implementing BYOD programs without strict formulations of policy and governance to support the use of these devices.

That said, recent developments have indicated that while these dangers still exist, and X-Force believes mobile devices should be more secure than traditional user computing devices by 2014. While this prediction may seem far fetched on the surface, it is based on security control trends and requirements that are being driven into the market by knowledgeable security executives.

In its latest report, X-Force explores how security executives are advocating the separation of personas or roles on employee-owned devices. It also addresses some secure software mobile application development initiatives that are taking place today. The distribution and installation of malware on end-user systems has been greatly enabled by the use of Web browser exploit kits built specifically for this purpose.

The intense proliferation of social networking across the Internet poses new challenges to companies that need to control the sharing of confidential information. Any employee that has access to the Internet is going to be exposed to social networking sites and because they are so frequently accessed,they have become a favorite target of scam and phishing.

Click to enlarge. The intense proliferation of social networking across the Internet poses new challenges to companies that need to control the sharing of confidential information. Any employee that has access to the Internet is going to be exposed to social networking sites and because they are so frequently accessed,
they have become a favorite target of scam and phishing.

Exploit kits first began to appear in 2006 and are provided or sold by their authors to attackers that want to install malware on a large number of systems.  They continue to be popular because they provide attackers a turnkey solution for installing malware on end-user systems.

Java vulnerabilities have become a key target for exploit kits as attackers take advantage of three key elements: reliable exploitation, unsandboxed code execution, and cross-platform availability across multiple operating systems. Java exploits have become key targets in 2012 and IBM X-Force predicts this attack activity to continue into 2013.

As X-Force also reported in the mid-year, spam volume remained nearly flat in 2012, with India claiming the top country of origin for spam distribution, but the nature of spam is changing. Broadly targeted phishing scams, as well as more personalized spear-phishing efforts continue to fool end users with crafty social-engineering email messages that look like legitimate businesses. Also, fake banking alerts and package delivery service emails have been effective as attackers refine their messages to look like the authentic messages that customers might normally receive.

Whether the target is individuals or the enterprise, once again, X-Force reminds organizations that many breaches were a result of poorly applied security fundamentals and policies and could have been mitigated by putting some basic security hygiene into practice.

Web applications are still topping the chart of most disclosed vulnerabilities, rising 14% in 2012 over the 2011 end of year numbers. As reported earlier in the mid-year report, cross-site scripting (XSS) dominated the web vulnerability disclosures at 53% of all publicly released vulnerabilities. Although SQL injection attack methods remain as a top attack technique, the actual disclosures of new SQL injection vulnerabilities remain lower than the 2010 peak X-Force recorded.

Social media has dramatically changed our lives with new ways to connect, personally and professionally. From this constant availability of information about individuals, attackers can readily access data to use in their activities.

Now, more than ever, individual employees who share personal details in their social profiles can be targeted for attacks.

The values for the evaluated threat and residualthreat can be determined by comparing thelikelihood or frequency of a threat occurring (high,medium, low) against the damage impact that couldhappen if the threat occurred (catastrophic, high,medium, low). The goal is to implement mitigationprocesses that either reduce the frequency of thethreat occurring or reduce the impact if the threatdoes occur. A requirement for this to be successful is to have aspecific, designated monitoring mechanism to monitorthe implementation of the treatment processes andfor the appearance of the threats. This monitoringmechanism should be monitored and alerts should beresponded to. It does no good to have network-basedanti-virus consoles gathering information about virusalerts across the network, if nobody is assigned tomonitor the console and respond to those alerts.Monitoring and responding is part of the mitigationprocess. (An example threat assessment and riskmitigation process chart is provided below, thoughthe IR team may identify a greater list.)

Click to enlarge. The values for the evaluated threat and residual threat can be determined by comparing the likelihood or frequency of a threat occurring (high, medium, low) against the damage impact that could happen if the threat occurred (catastrophic, high, medium, low). The goal is to implement mitigation processes that either reduce the frequency of the threat occurring or reduce the impact if the threat does occur. A requirement for this to be successful is to have a specific, designated monitoring mechanism to monitor the implementation of the treatment processes and for the appearance of the threats.

2012 X-Force Trend And Risk Report Highlight

Malware and the malicious web

  • In 2012, near daily leaks of private information about victims were announced like game scoreboards through tweets and other social media. Personal details, such as email addresses, passwords (both encrypted and clear text), and even national ID numbers were put on public display.
  • Based on data for 2012, it is not surprising that the bulk of the security incidents disclosed were carried out with the majority of attackers going after a broad target base while using off-the-shelf tools and techniques. X-Force attributes this to the wide public availability of toolkits and to the large number of vulnerable web applications that exist on the Internet.
  • The year began and ended with a series of politically motivated, high-profile DDoS attacks against the banking industry. An interesting twist to the banking DDoS attacks was the implementation of botnets on compromised web servers residing in high bandwidth data centers. This technique assisted in much higher connected uptime as well as having more bandwidth than home PC’s to carry out the attacks. In the sampling of security incidents from 2012, the United States had the most breaches, at 46%. The United Kingdom was second at 8% of total incidents, with Australia and India tied for third at 3%.
  • IBM Managed Security Services (MSS) security incident trends are markers that represent the state of security across the globe. The relative volume of the various alerts can help to describe how attacks are established and launched. They also frequently provide hints about how methods have evolved. Based on this, the main focus in 2012 may have been the subversion of systems, with larger coordinated attacks being executed across fairly broad swaths of the Internet.
  • IBM MSS has noted a dramatic and sustained rise in SQL injection-based traffic due, in large part, to a consistent effort from the Asia Pacific region. The alerts came from all industry sectors, with a bias toward banking and finance targets.
  • Web browser exploit kits (also known as exploit packs) are built for one particular purpose: to install malware on end-user systems. In 2012 X-Force observed an upsurge in web browser exploit kit development and activity—the primary target of which are Java vulnerabilities—and X-Force supplies some strategies and tips to help protect against future attacks (see end of post to download full report).
  • Java continues to be a key target for attackers. It has the advantage of being both cross-browser and cross-platform—a rare combination that affords attackers a lot of value for their investment. Web content trends, spam, and phishing Web content trends Top used websites are readily deployed as IPv6- ready, although attackers do not yet seem to be targeting IPv6 on a large scale.
  • One third of all web access is done on websites which allow users to submit content such as web applications and social media.
  • Nearly 50% of the relevant websites now link to a social network platform, and this intense proliferation poses new challenges to companies that need to control the sharing of confidential information.

Spam and phishing

  • Spam volume remained nearly flat in 2012.
  • India remains the top country for distributing spam, sending out more than 20% of all spam in the autumn of 2012. Following India was the United States where more than 8% of all spam was generated in the second half of the year. Rounding out the top five spam sending countries of origin were Vietnam, Peru, and Spain.
  • At the end of 2012, IBM reports that traditional spam is on the retreat, while scam and spam containing malicious attachments is on the rise. In addition, attackers are demonstrating more resiliency to botnet take downs which results in an uninterrupted flow of spam volume.

Operational Security Practices

Vulnerabilities and exploitation

  • In 2012, there were over 8,168 publicly disclosed vulnerabilities. While not the record amount X-Force expected to see after reviewing its mid-year data, it still represents an increase of over 14% over 2011.
  • Web application vulnerabilities surged 14% from 2,921 vulnerabilities in 2011 to 3,551 vulnerabilities in 2012.
  • Cross-site scripting vulnerabilities accounted for over half of the total web application vulnerabilities disclosed in 2012. Cross-site scripting dominated the web vulnerability disclosures. Fifty-three percent of all publicly released web application vulnerabilities were cross-site scripting related. This is the highest rate X-Force has ever seen. This dramatic increase occurred while SQL injection vulnerabilities enjoyed a higher rate than 2011 but were still down significantly since 2010.
  • There were 3,436 public exploits in 2012. This is 42% of the total number of vulnerabilities, up 4% from 2011 levels.
  • Web browser vulnerabilities declined slightly for 2012, but not at as high a rate as document format issues. While the overall number of web browser vulnerabilities dropped by a nominal 6% from 2011, the number of high- and critical severity web browser vulnerabilities saw an increase of 59% for the year.
  • Few innovations have impacted the way the world communicates quite as much as social media. However, with the mass interconnection and constant availability of individuals, new vulnerabilities and a fundamental shift in intelligence-gathering capabilities has provided attackers and security professionals alike with information useful for enhancing their activities.
  • Rather than seeing a particular enterprise as an individual entity, attackers can view enterprises as a collection of personalities. This gives attackers the opportunity to target specific people rather than enterprise infrastructures or applications. Furthermore, targeted people may also be targeted as individuals and not just as employees. In other words, the personal activities and lives of employees can be leveraged to target an enterprise.

Emerging Trends In Security

Mobile

  • Prediction: Mobile computing devices should be more secure than traditional user computing devices by 2014. This is a bold prediction that IBM recently made as part of its look ahead in technology trends. While this prediction may seem far-fetched on the surface, it is based on security control trends and requirements that are being driven into the market by knowledgeable security executives.
  • Separation of personas or roles: While a small percentage of enterprises have dealt with BYOD by using virtualized desktop solutions to separate and control enterprise applications and data from the rest of the personally owned device, a greater number of enterprises have wanted or required some form of separation or dual persona on mobile devices. This difference in use or adoption could be the result of greater numbers of devices driving greater risk in the percentage of personally owned mobile devices versus personally owned PCs in a BYOD program.
  • In many cases, enterprises have made significant investments into implementing Secure Software Development Life Cycle (SSDLC) processes. Today’s mobile application development benefits from this. Tools exist to support secure development as part of the process instead of being conducted in qualification or production. As a result, it should be more common for enterprises to have more securely developed mobile applications than their existing legacy applications. Closure of vulnerabilities in some traditional computing applications may only conclude as existing versions are sunset and replaced with newer, more securely developed replacements.
  • Over 2012, it is safe to conclude that more enterprises are supporting BYOD or the use of personally owned devices than previously. In the last two years, IBM Security has spoken to hundreds of global 2000 customers and out of those interviewed, only three said they had no plans to implement any kind of BYOD program.

To learn more on how your organization can work to address these types of vulnerabilities, download the full IBM X-Force 2012 Trend And Risk Report here.

Live @ IBM InterConnect 2012: A Q&A With Brendan Hannigan On Security Intelligence

with one comment

Brendan Hannigan is General Manager of the IBM Security Systems Division in the IBM Software Group; he brings more than 25 years of industry experience to his role. Previously, Mr. Hannigan was the president and chief executive officer of Q1 Labs, the acquisition of which catalyzed the creation of the Security Systems Division. This division brings together many capabilities across IBM to respond to the market need for sophisticated, comprehensive and integrated approaches to enterprise security.

As IBM’s general manager for its Security Systems Division will tell you, we’re entering into a perfect IT security storm.

These days, hackers are more sophisticated, your data is increasingly accessed anytime and anywhere and often resides in the cloud.

Fewer access points are corporately-controlled, and there is a growing digital data explosion while the compliance demands on staff and systems escalate.

These trends mean corporate IT security can no longer be an afterthought where a secure perimeter is good enough. Instead, security intelligence preventing, detecting and addressing system breaches anywhere must start in the boardroom and become part of your organization’s IT fabric. It is now imperative to be woven into your everyday business operations.

Brendan Hannigan brings more than 25 years of industry experience to his role as general manager of the new IBM Security Systems Division.

Previously, he was the president and chief executive officer of Q1 Labs, the acquisition of which catalyzed the creation of the Security Systems Division.

This new division brings together many capabilities across IBM to respond to the market need for sophisticated, comprehensive and integrated approaches to enterprise security.

Prior to Q1 Labs, Brendan was vice president of marketing and technology at Sockeye Networks; director of network research at Forrester Research; and served in a variety of senior-level product development roles at Digital Equipment Corporation, Wellfleet Communications, and Motorola.

We discussed a number of security-related topics during our Q&A at IBM InterConnect, including browser exploits, the need for increased security intelligence, and IBM’s bi-annual X-Force Trends and Risk Report, which I’ve covered extensively in this blog.

You can see our interview here.

IBM X-Force Mid-Year Report: Security Attacks Focused On Browsers, Mobile, Social

leave a comment »

SPAM aside, IBM’s mid-year X-Force Trend and Risk Report shows a sharp increase in browser-related exploits, renewed concerns around social media password security, and continued challenges in mobile devices and corporate “bring your own device” (BYOD) programs.

Yesterday, IBM released the results of its X-Force 2012 Mid-Year Trend and Risk Report.

The mid-year report is troubling, revealing ongoing challenges and opportunities and the need for continued vigilance in the digital security realm.

The headlines: The latest report shows a sharp increase in browser-related exploits, renewed concerns around social media password security, and continued challenges in mobile devices and corporate “bring your own device” (BYOD) programs.

“Companies are faced with a constantly evolving threat landscape, with emerging technologies making it increasingly difficult to manage and secure confidential data,” said Kris Lovejoy, General Manager, IBM Security Services. “A security breach–whether from an outside attacker or an insider–can impact brand reputation, shareholder value, and expose confidential information. Our team of security threat analysts track and monitor security events and attack activity to better help our clients stay ahead of emerging threats.”

Mobile, Social: New Security Targets Of Opportunity

Since the last X-Force Trend and Risk Report, IBM’s X-Force has seen an increase in malware and malicious web activities:

  • A continuing trend for attackers is to target individuals by directing them to a trusted URL or site which has been injected with malicious code. Through browser vulnerabilities, the attackers are able to install malware on the target system. The websites of many well-established and trustworthy organizations are still susceptible to these types of threats.
  • The growth of SQL injection, a technique used by attackers to access a database through a website, is keeping pace with the increased usage of cross-site scripting and directory traversal commands.
  • As the user base of the Mac operating system continues to grow worldwide, it is increasingly becoming a target of Advanced Persistent Threats (APTs) and exploits, rivaling those usually seen targeting the Windows platform.

Emerging Trends in Mobile Security 

While there are reports of exotic mobile malware, most smartphone users are still most at risk of premium SMS (short message service, or texting) scams.

These scams work by sending SMS messages to premium phone numbers in a variety of different countries automatically from installed applications. There are multiple scam infection approaches for this:

  • An application that looks legitimate in an app store but only has malicious intent
  • An application that is a clone of a real application with a different name and some malicious code
  • A real application that has been wrapped by malicious code and typically presented in an alternative app store

One game-changing transformation is the pervasiveness of Bring Your Own Device (BYOD) programs. Many companies are still in their infancy in adapting policies for allowing employees to connect their personal laptops or smartphones to the company network.

To make BYOD work within a company, a thorough and clear policy should be in place before the first employee-owned device is added to the company’s infrastructure.

Improvements in Internet Security Continue 

As discussed in the 2011 IBM X-Force Trend and Risk Report, there continues to be progress in certain areas of Internet security. IBM X-Force data reports a continuing decline in exploit releases, improvements from the top ten vendors on patching vulnerabilities and a significant decrease in the area of portable document format (PDF) vulnerabilities.

IBM believes that this area of improvement is directly related to the new technology of sandboxing provided by the Adobe Reader X release.

Sandboxing technology works by isolating an application from the rest of the system, so that if compromised, the attacker code running within the application is limited to what it can do or what it can access.

Sandboxes are proving to be a successful investment from a security perspective. In the X-Force report, there was a significant drop in Adobe PDF vulnerability disclosures during the first half of 2012.

This development coincides nicely with the adoption of Adobe Reader X, the first version of Acrobat Reader released with sandboxing technology.

New IBM Security Operations Center Opens In Poland

To further protect its clients from emerging threats like those reported in the IBM X-Force Mid-Year Trend and Risk Report, IBM yesterday announced the opening of a security operations center in Wroclaw, Poland.

This newest IBM Security Operations Center is the 10th worldwide facility to help clients proactively manage these threats, including real-time analysis and early warning notification of security events.

Data for the bi-annual X-Force report comes from IBM’s security operations centers which monitor more than 15 billion security events a day on behalf of approximately 4,000 clients in more than 130 countries.

About the IBM X-Force Trend and Risk Report 

The IBM X-Force Trend and Risk Report is an annual assessment of the security landscape, designed to help clients better understand the latest security risks, and stay ahead of these threats.

The report gathers facts from numerous intelligence sources, including its database of more than 68,000 computer security vulnerabilities, its global Web crawler and its international spam collectors, and the real-time monitoring of 15 billion events every day for approximately 4,000 clients in more than 130 countries.

These 15 billion events monitored each day, are a result of the work done in IBM’s 10 global security operations centers, which is provided as a managed security service to clients.

To view the full X-Force 2012 Mid-Year Trend and Risk Report go here.

%d bloggers like this: