Turbotodd

Ruminations on IT, the digital media, and some golf thrown in for good measure.

Archive for the ‘ibm security’ Category

IBM Watson for Cyber Security Powers Smarttech Security Ops

leave a comment »

IBM Security today announced Smarttech, a security services provider based in Ireland, is leveraging IBM Watson for Cyber Security in their Security Operations Center (SOC).

The new tool is enabling the company’s analysts to investigate and respond to three times as many security incidents with greater speed and accuracy. Smarttech was one of 40 companies around the world to participate in the IBM Watson for Cyber Security Beta Program, and is now a customer.

Powered by IBM QRadar Advisor with Watson, Smarttech’s SOC now takes advantage of the cognitive capabilities of Watson along with industry leading IBM Security QRadar Security Analytics Platform to uncover hidden threats and automate insights.

IBM has trained Watson on the language of cyber security, with the system ingesting over one million security documents, and can now help security analysts with insights from hundreds of thousands of natural language research sources that have never before been accessible to modern security tools.

Smarttech was looking for an intuitive solution to better manage an industry-wide workforce shortage of security analysts, and sought to augment the skills of its security team to stay ahead of ever evolving cyber threats targeting customers.

As part of its roll out of IBM QRadar Advisor with Watson, Smarttech found that the tool provided valuable additional perspective beyond what their analysts had initially discovered, highlighting new observations that the analysts had overlooked in about 20 percent of incidents.

“It’s not man versus machine—they very much work hand and hand,” said Ronan Murphy, CEO, Smarttech. “Our analysts continue to play a critical role in evaluating a cyber security incident, while Watson for Cyber Security enforces their decisions and validates what they are sharing with the customer at risk. It enables security analysts to deliver faster and more accurate details on a breach, so we may better protect our customers.”

IBM QRadar Advisor with Watson can help security teams respond to threats through the following:

  • Visibility into elements of a security incident – while investigating an incident, QRadar Advisor first gathers greater context about that incident by mining local data available in QRadar.​
  • Formulate a threat research strategy – QRadar Advisor formulates a threat query to send to Watson for Cyber Security, to perform external knowledge and threat discovery on discrete observations from the incident.
  • Threat research – Watson for Cyber Security taps its knowledge base of unstructured data and uses cognitive reasoning to discover additional insights and other threat entities related to the original incident.
  • Apply intelligence to understand the threat – QRadar Advisor refines information it receives from Watson, to zero in on the key insights relevant to the current incident. It validates the source of the offense and provides additional context to identify and understand the threat.

For more information on Watson for Cyber Security and the IBM Cognitive SOC, visit: http://www-03.ibm.com/security/cognitive/

Written by turbotodd

May 11, 2017 at 8:31 am

IBM Named a Leader For Security Solution in Gartner Magic Quadrant

leave a comment »

IBM announced that Gartner, Inc. named the company as a leader in Application Security Testing (AST) in the recently published Gartner Magic Quadrant for Application Security Testing which analyzes vendors’ Static, Dynamic and Interactive Application Security Testing styles.

IBM has been named a leader by Gartner in Application Security Testing in four consecutive reports.

According to Gartner, IBM Security was recognized for its completeness of vision and ability to execute. As part of its AST portfolio, IBM has also added innovative Static Application Security Testing functionality to improve accuracy with Intelligent Code Analytics (ICA) and Intelligent Finding Analytics (IFA), both of which are delivered via the cloud to on-premises and cloud clients.

IBM’s Application Security Management platform gives businesses a risk-centric unified reporting dashboard with a complementary framework to manage security risks in applications across business operations.

IBM Security’s Application Security Testing solutions including IBM Security AppScan and IBM Application Security on Cloud, provide preemptive protection for mobile and web-based applications.

According to Gartner, “Security testing is growing faster than any other security market, as AST solutions adapt to new development methodologies and increased application complexity. Security and risk management leaders must integrate AST into their application security programs.”

To download the full report, visit https://ibm.co/2o0mHsI.  

To learn more about IBM security offerings go here.

Written by turbotodd

May 1, 2017 at 3:03 pm

IBM X-Force: Financial Services Most Targeted By Cybercriminals Last Year

leave a comment »

IBM Security announced research from its IBM X-Force Research team which revealed the financial services industry was attacked more than any other industry in 2016 – 65 percent more than the average organization across all industries.

Or, as Willie Sutton famously asked why he robbed banks: “Because that’s where the money is!”

As a result of the increase, the number of financial services records breached skyrocketed 937 percent in 2016 to more than 200 million. While the financial services industry was targeted the most by cyberattacks in 2016, IBM X-Force Threat Intelligence Index data shows it ranked third by industry for the number of breached records – likely due to investments in enhanced security practices.

“Cybercriminals have always gone where there is money to be made. While financial services has been a highly targeted industry by cybercriminals, in previous years, their main focus shifted to other more lucrative industries like healthcare or retail,” said Nick Bradley, Practice Lead, IBM X-Force Threat Research. “However, in 2016 we saw a significant resurgence to financial services as criminals decided to go directly to the source money.” 

Insiders Pose Largest Threat to Financial Services

In looking at ways the financial services sector was attacked in 2016, the report found that the industry was more affected by insider attacks (58 percent) than outsider attacks (42 percent). This shows the genesis of many of the breaches were a result of malicious activity.

Malicious activity inside an organization can be a result of an inadvertent act (53 percent) such as an employee accidentally being tricked to download a malware-laden document through a phishing email which then gives attackers access to information. Many of these attacks occur without the user being aware of it.

Financial Malware Continues to Thrive

IBM X-Force found that some countries experienced a marked increase in financial cybercrime in 2016. Cybercriminals sharpened their focus on business bank accounts by using malware such as Dridex, Neverquest, GozNym and TrickBot to target business banking services.

Given the better defenses at large financial institutions, IBM X-Force researchers recently identified TrickBot malware campaigns targeting the less common brands in the industry, like private banks, wealth management,  and high value account types, indicating this ambitious malware gang plans on attacking in new territory.

Mitigating Risk

As cybercriminals continue to pivot and identify lucrative tactics to steal valuable information, IBM X-Force experts recommend the following tips to protect financial services organizations from attacks: 

  • Conduct Employee Awareness Training: Continuously train and test employees to teach them how to identify suspicious emails to avoid falling victim to phishing scams.
  • Reduce Exposure to Insider Threats: Combine data security and identity and access management solutions to protect sensitive data and govern the access of all legitimate users.
  • Apply a Cognitive Approach: Augment a security analyst’s ability to identify and understand sophisticated threats by tapping into unlimited amounts of unstructured data from blogs, websites, research papers and the like, and correlating it with relevant security incidents.
  • Develop and Implement an Incident Response Plan: Identify the data necessary to respond to an attack, understand how to mitigate an attacker’s access.

You can download a copy of the IBM X-Force Financial Services report here.

Written by turbotodd

April 27, 2017 at 11:44 am

IBM QRadar Named as a Leader in Security Analytics Platforms

leave a comment »

IBM Security has announced IBM QRadar, the company’s security intelligence platform, has been named a “Leader” and received the highest scores in the three categories – current offering, strategy, and market presence – of all evaluated solutions in the March 2017 report, “The Forrester Wave™: Security Analytics Platforms, Q1 2017,” by Forrester Research, Inc.

For this report, Forrester evaluates companies based on a number of criteria, including deployment options, detection capabilities, risk prioritization, log management, threat intelligence, dashboards and reporting, security automation, end user experience, and customer satisfaction.

Forrester surveys indicate that 74% of global enterprise security technology decision makers rate improving security monitoring as a high or critical priority.

According to the report, IBM Security “has an ambitious strategy for security analytics that includes cognitive security capabilities from its Watson initiative and security automation from its Resilient Systems acquisition.”

Forrester also notes IBM’s investments in security with its QRadar Security Intelligence Platform emerging as “one of the key pieces of its portfolio.” The analyst firm also notes that “those looking for advanced capabilities and a flexible deployment model should consider IBM.”

Written by turbotodd

March 10, 2017 at 8:49 am

IBM Plans to Acquire Security Visualization And Management Firm Agile 3 Solutions

with one comment

IBM Security today announced plans to acquire Agile 3 Solutions, a developer of software used by the C-Suite and senior executives to better visualize, understand and manage risks associated with the protection of sensitive data.

The addition of Agile 3 Solutions’ capabilities to IBM Security’s portfolio adds an intuitive tool to improve C-Suite decision making as businesses prepare to defend themselves against cybercrime.

As cybersecurity has become a board-level issue, there is a growing need for the C-suite and the Board to understand their security posture through the lens of business risk, not just the technical security data and metrics.

Business leaders must be equipped to make risk-based decisions and prioritize investments toward the cybersecurity readiness and resilience. In fact, Gartner predicted that “by 2017, 80% of IT risk and security organizations will report metrics to non-IT executive decision makers; however, only 20% will be considered useful by the target audience.”

Agile 3 Solutions is a San Francisco-based, privately held company that provides business leaders with a comprehensive, business-friendly dashboard and intuitive data risk control center to help uncover, analyze, and visualize data-related business risks.

Financial terms of the deal were not disclosed and the transaction is expected to close within several weeks.

For more information about Agile 3 Solutions, go to http://www.ibm.com/security/announce/agile3/

Written by turbotodd

January 23, 2017 at 8:43 am

%d bloggers like this: