Archive for the ‘security’ Category
IBM today announced it has entered into a definitive agreement to acquire StoredIQ Inc., a privately held company based in Austin, Texas.
Financial terms of the deal were not disclosed.
StoredIQ will advance IBM’s efforts to help clients derive value from big data and respond more efficiently to litigation and regulations, dispose of information that has outlived its purpose and lower data storage costs.
With this agreement, IBM adds to its prior investments in Information Lifecycle Governance. The addition of StoredIQ capabilities enables clients to find and use unstructured information of value, respond more efficiently to litigation and regulatory events and lower information costs as data ages.
IBM’s Information Lifecycle Governance suite improves information economics by helping companies lower the total cost of managing data while increasing the value derived from it by:
- Eliminating unnecessary cost and risk with defensible disposal of unneeded data
- Enabling businesses to realize the full value of information as it ages
- Aligning cost to the value of information
- Reducing information risk by automating privacy, e-discovery, and regulatory policies
Adding StoredIQ to IBM’s Information Lifecycle Governance suite gives organizations more effective governance of the vast majority of data, including efficient electronic discovery and its timely disposal, to eliminate unnecessary data that consumes infrastructure and elevates risk.
As a result, business leaders can access and analyze big data to gain insights for better decision-making. Legal teams can mitigate risk by meeting e-discovery obligations more effectively. Also, IT departments can dispose of unnecessary data and align information cost to value to take out excess costs.
What Does StoredIQ Software Do?
StoredIQ software provides scalable analysis and governance of disparate and distributed email as well as file shares and collaboration sites. This includes the ability to discover, analyze, monitor, retain, collect, de-duplicate and dispose of data.
In addition, StoredIQ can rapidly analyze high volumes of unstructured data and automatically dispose of files and emails in compliance with regulatory requirements.
“CIOs and general counsels are overwhelmed by volumes of information that exceed their budgets and their capacity to meet legal requirements,” said Deidre Paknad, vice president of Information Lifecycle Governance at IBM. “With this acquisition, IBM adds to its unique strengths as a provider able to help CIOs and attorneys rapidly drive out excess information cost and mitigate legal risks while improving information utility for the business.”
Named a 2012 Cool Vendor by Gartner, StoredIQ has more than 120 customers worldwide, including global leaders in financial services, healthcare, government, manufacturing and other sectors. Other systems require months to index data and years to configure, install and address information governance. StoredIQ can be up and running in just hours, immediately helping clients drive out cost and risk.
IBM intends to incorporate StoredIQ into its Software Group and its Information Lifecycle Governance business.
Building on prior acquisitions of PSS Systems in 2010 and Vivisimo in 2012, IBM adds to its strength in rapid discovery, effective governance and timely disposal of data. The acquisition of StoredIQ is subject to customary closing conditions and is expected to close in the first quarter of 2013.
I blogged about IBM’s 2012 Global Reputational Risk and IT Study recently, the headline of which was this: Managing reputational risk is crucial to many organization’s business, and managing IT is a major part of their efforts.
I also interviewed Brendan Hannigan, the general manager of IBM’s Security Systems Division, at IBM InterConnect last week about some of these critical security matters.
Today, IBM made a move designed to reduce the biggest security inhibitors that organizations face in implementing cloud, mobile and big data initiatives with the announcement of a broad set of security software to help holistically secure data and identities.
New IBM Security Solutions
IBM’s new software capabilities help clients better maintain security control over mobile devices, mitigate internal and external threats, reduce security risks in cloud environments, extend database security to gain real-time insights into big data environments such as Hadoop, and automate compliance and data security management.
Along with IBM Security Services and IBM’s world-class research capabilities, this set of scalable capabilities supports a holistic, proactive approach to security threats spanning people, data, applications and infrastructure.
“A major shift is taking place in how organizations protect data,” said Brendan Hannigan, General Manager, IBM Security Systems. “Today, data resides everywhere—mobile devices, in the cloud, on social media platforms. This is creating massive amounts of data, forcing organizations to move beyond a traditional siloed perimeter to a multi-perimeter approach in which security intelligence is applied closer to the target.”
IBM is unveiling ten new products and enhancements to help organizations deliver real time security for big data, mobile and cloud computing.
Real Time Security for Big Data Environments
State of the art technologies including Hadoop based environments have opened the door to a world of possibilities. At the same time, as organizations ingest more data, they face significant risks across a complex threat landscape and they are subject to a growing number of compliance regulations.
With today’s announcement, IBM is among the first to offer data security solutions for Hadoop and other big data environments.
Specifically, Guardium now provides real time monitoring and automated compliance reporting for Hadoop based systems such as InfoSphere BigInsights and Cloudera.
Highlighted data security solutions:
NEW: IBM InfoSphere Guardium for Hadoop
ENHANCED: IBM InfoSphere Optim Data Privacy
ENHANCED: IBM Security Key Lifecycle Manager
To learn more about the data security portfolio go here.
Mobile Security: Improving Access and Threat Protection
Today IBM is also announcing risk-based authentication control for mobile users, integration of access management into mobile application development and deployment as well as enhanced mobile device control.
IBM is also announcing a comprehensive Mobile Security Framework to help organizations develop an adaptable security posture to protect data on the device, at the access gateway and on the applications.
Highlighted mobile security solutions:
NEW: IBM Security Access Manager for Cloud and Mobile
ENHANCED: IBM Endpoint Manager for Mobile Devices
Go here to learn more about specific mobile security product attributes.
Cloud Security: From Inhibitor To Enabler
While the cloud can increase productivity with anywhere, anytime information access, it can also introduce additional challenges for enterprise security.
IBM today is announcing security portfolio enhancements designed to address these new challenges, providing improved visibility and increased levels of automation and patch management to help demonstrate compliance, prevent unauthorized access and defend against the latest threats using advanced security intelligence.
With IBM’s new SmartCloud for Patch Management solution, patches are managed automatically regardless of location and remediation cycles are reduced from weeks to hours thereby reducing security risks.
Additionally, IBM is announcing enhancements to its QRadar Security Intelligence Platform that provides a unified architecture for collecting, storing, analyzing and querying log, threat, vulnerability and security related data from distributed locations, using the cloud to obtain greater insight into enterprise-wide activity and enable better-informed business decisions.
The new IBM Security Privileged Identity Manager is designed to proactively address the growing insider threat concerns and help demonstrate compliance across the organization.
IBM Security Access Manager for Cloud and Mobile which provides enhanced federated single sign-on to cloud applications is now available with improved out-of-the-box integration with commonly adopted SaaS applications and services.
Highlighted cloud security solutions:
NEW: IBM SmartCloud for Patch Management
NEW: IBM Security Access Manager for Cloud and Mobile
NEW: IBM Security Privileged Identity Manager
ENHANCED: QRadar SIEM and QRadar Log Manager
Visit here to learn more about specific cloud security product attributes, please visit
Enhanced Mainframe Security Capabilities
In addition, IBM is announcing mainframe security capabilities that enhance enterprise-wide security intelligence based on QRadar security solution integration that provides real time alerts and audit reporting.
The mainframe offers Common Criteria Evaluation Assurance Level 5+ (EAL 5+) certification for logical partitions, providing a platform for consolidating systems, helping protect private clouds, and helping secure virtualized environment.
New IBM Security zSecure improvements help to reduce administration overhead, automate compliance reporting, enforce security policy, and pro-actively detect threats.
Highlighted zSecure security solutions:
ENHANCED: IBM Security zSecure
Through IBM Global Financing, credit-qualified clients can take advantage of 0% interest for 12 months on qualifying IBM Security products and solutions.
About IBM Security
With more than 40 years of security development and innovation, IBM has breadth and depth in security research, products, services and consulting.
IBM X-Force is a world-renowned team that researches and evaluates the latest security threats and trends. This team analyzes and maintains one of the world’s most comprehensive vulnerability databases and develops countermeasure technologies for IBM’s security offerings to help protect organizations ahead of the threat.
IBM has 10 worldwide research centers innovating security technology and nine security operations centers around the world to help global clients maintain an appropriate security posture.
IBM Managed Security Services delivers the expertise, tools and infrastructure to help clients secure their information assets against attacks, often at a fraction of the cost of in-house security resources.
The Institute for Advanced Security is IBM’s global initiative to help organizations better understand and respond to the security threats to their organization. Visit the Institute community at www.instituteforadvancedsecurity.com.
An important announcement earlier today from IBM: The appointment of the company’s new Chief Privacy Officer, Christina Peters.
Peters has worked as a practicing attorney with IBM since 1996 (first in Germany, later in the US), and has handled a wide range of complex transactional, policy, compliance, litigation, and cybersecurity matters in the United States and internationally.
Peters was educated at Dartmouth College (summa cum laude) and Harvard Law School (magna cum laude), where she was an Executive Editor of the Harvard Law Review.
Following a District of Columbia Circuit clerkship, Peters worked at D.C.-based law firm, Covington & Burling. Prior to joining IBM, she was a Robert Bosch Fellow in Germany, where she worked at the Federal Cartel Authority and Deutsche Telekom.
In her new role, Peters will guide and oversee IBM’s global information policy and practices affecting more than 400,000 employees and thousands of clients. She will lead the company’s global engagement in public policy and industry initiatives on data security and privacy, and continue to serve on the advisory board of the Future of Privacy Forum.
Peters also is responsible for a worldwide team of legal, data protection and technical professionals at IBM who address privacy and data security in the leadership manner expected of the company’s global brand.
IBM was the first major corporation to appoint a Chief Privacy Officer in 2000 and has consistently applied advanced techniques and technologies across its global business operations and practices. IBM’s numerous privacy advancements include:
- First company to adopt a global privacy code of conduct.
- First to adopt a genetic non-discrimination policy.
- First to establish a policy to only advertise on websites with visible privacy statements.
As IBM’s general manager for its Security Systems Division will tell you, we’re entering into a perfect IT security storm.
These days, hackers are more sophisticated, your data is increasingly accessed anytime and anywhere and often resides in the cloud.
Fewer access points are corporately-controlled, and there is a growing digital data explosion while the compliance demands on staff and systems escalate.
These trends mean corporate IT security can no longer be an afterthought where a secure perimeter is good enough. Instead, security intelligence preventing, detecting and addressing system breaches anywhere must start in the boardroom and become part of your organization’s IT fabric. It is now imperative to be woven into your everyday business operations.
Brendan Hannigan brings more than 25 years of industry experience to his role as general manager of the new IBM Security Systems Division.
Previously, he was the president and chief executive officer of Q1 Labs, the acquisition of which catalyzed the creation of the Security Systems Division.
This new division brings together many capabilities across IBM to respond to the market need for sophisticated, comprehensive and integrated approaches to enterprise security.
Prior to Q1 Labs, Brendan was vice president of marketing and technology at Sockeye Networks; director of network research at Forrester Research; and served in a variety of senior-level product development roles at Digital Equipment Corporation, Wellfleet Communications, and Motorola.
We discussed a number of security-related topics during our Q&A at IBM InterConnect, including browser exploits, the need for increased security intelligence, and IBM’s bi-annual X-Force Trends and Risk Report, which I’ve covered extensively in this blog.
You can see our interview here.
As hackers increasingly find new and nefarious ways to threaten the global digital infrastructure, recent policy advancements such as the proposed “Cybersecurity Act of 2012” in the U.S. have been introduced as solutions to the world’s growing cybersecurity problem.
While IBM accepts it is an imperative to properly secure critical systems, private sector advancements should be balanced with pragmatic legislative policies that avoid overly-prescriptive mandates that can inhibit the very innovation needed to ensure cybersecurity.
Consequently, IBM moved quickly and sent a letter urging the U.S. Senate to address flaws in the proposed cybersecurity bill.
According to IBM’s X-Force 2011 Trend and Risk Report, cyber attackers are adapting and moving quickly to target newer information technologies such as social networks and mobile devices. This rapidly evolving nature of cyber attacks necessitates a new approach to enabling cybersecurity.
Responding to the ever-changing nature and volume of attacks requires agility, risk-based management, and a commitment to innovative defensive measures. IBM supports bipartisan, cybersecurity legislation, but the “Cybersecurity Act of 2012” would add bureaucracy to a process that needs speed to succeed.
Government and industry would be best served by a common-sense approach to cybersecurity that allows for investment in R&D, improved information sharing between public and private sectors, better security for federal IT networks, and criminal penalties for cyber-crimes.
Industry Solutions To A Network Problem
Advanced threats, rapid adoption of social media, and Web applications have also been driving the need for new, intelligent approaches to security.
As employee access to the Web has become ubiquitous, enterprises are struggling with massive increases in malware as well as Advanced Persistent Threats (APTs), which can compromise proprietary data.
Many of today’s security solutions often offer limited visibility and control over network activity, which can put the company at risk.
To help clients proactively protect against evolving security threats, including those posed by social media sites and malicious websites, IBM today announced a new class of network security appliance that delivers a more granular view of a company’s security posture and a simplified security management interface.
This new next-generation intrusion prevention appliance helps clients address advanced attacks targeting their organization, providing visibility into exactly what applications are being used on the network, where users are going on the Web, with the ability to monitor and control this activity, which can result in improved security and reduced operational costs.
IBM Security Network Protection XGS 5000 is a next-generation intrusion protection system specifically designed to address the constantly evolving, increasingly sophisticated threats that organizations face today.
It builds on the proven, core security features found in IBM Security Network Intrusion Prevention System, including helping protect against “zero-day” exploits, by adding new levels of visibility and control over the network, applications, data and users to help improve security by helping prevent misuse and identify previously undetectable threats.
IBM Security Network Protection incorporates global threat intelligence from X-Force, including a Web filter database of over 15 billion URLs — capable of monitoring and categorizing millions of Web servers and applications each day to provide superior protection against the changing threat landscape.
Gaining Control, And Visibility, Into Security Events
Once organizations are aware of the nature of activity on their network, the new application control features enable clients to have granular control over what is happening on their network; this means granular user and group-level control over which applications and Websites are permitted, and how they are used down to individual actions or activities within these applications and sites.
IBM Security’s Advanced Threat Protection Platform helps clients by providing the following features and capabilities:
- Proven security to help protect against zero-day threats: enables preemptive protection against a full spectrum of advanced threats, including Web application attacks and exploits hidden in files. IBM’s protection engine is built upon years of security intelligence gathered by X-Force Research, and can stop entire classes of attacks — including new and unknown threats – without updates; most solutions available today match individual protection signatures — a process that can be too slow to stop evolving threats and can result in higher rates of false positives and false negatives.
- Visibility and insight: provides application awareness, monitoring and control, with high level dashboards for drilling down into events and reporting. Also provides deep insight into the nature of activities on the network through broad application awareness and flow data analysis. Integrates with QRadar Security Intelligence Platform to provide even greater levels of insight including anomaly detection and event correlation.
- Control: utilizes intelligence related to Web applications, Websites, and non-Web applications, including Web application and Web site coverage with over 15 Billion URLs across 68 categories and support for 1000+ applications and actions.
IBM Security Network Protection XGS 5000 will be available starting in 3Q12.
About IBM Security
IBM’s security portfolio provides the security intelligence to help organizations holistically protect their people, data, applications and infrastructure. IBM offers solutions for identity and access management, security information and event management, database security, application development, risk management, endpoint management, next-generation intrusion protection and more.
IBM operates one of the world’s broadest security research and development, and delivery organizations. This comprises nine security operations centers, nine IBM Research centers, 11 software security development labs and an Institute for Advanced Security with chapters in the United States, Europe and Asia Pacific. IBM monitors 15 billion security events per day in more than 130 countries and holds more than 3,000 security patents.
You ever get one of those emails where there are two headlines that couldn’t have been more synchronous?
That’s what I got today in a Washington Post email newsletter:
“New malware is 20 times size of Stuxnet”
“Cybersecurity experts needed to meet growing demand”
Surely the Post newsletter editor at least chuckled when he put those two together.
I didn’t chuckle, however, when I started reading up on this new Internet security phenom.
Wired’s Threat Level blog led with this: “A massive, highly sophisticated piece of malware has been newly found infecting systems in Iran and elsewhere and is believed to be part of a well-coordinated, ongoing, state-run cyberespionage operation.”
Here was The New York Times lead on the story: The computers of high-ranking Iranian officials appear to have been penetrated by a data-mining virus called Flame, in what may be the most destructive cyberattack on Iran since the notorious Stuxnet virus, an Iranian cyberdefense organization confirmed on Thursday.
And, the Post led with: Researchers have identified a sophisticated new computer virus 20 times the size of Stuxnet, the malicious software the disabled centrifuges in an Iranian nuclear plant. But unlike Stuxnet, the new malware appears to be used solely for espionage.
The Post goes on to cite analysts who “suspect Israel and the United States, given the virus’s sophistication, among other things.”
Which is it, we need more cybersecurity experts in the U.S., or we’re the “nation-state” behind this latest cyber war virus?
Whatever the case, the BBC’s coverage included the following facts: Russian security firm Kaspersky Labs believed the malware had been operating since August 2010 and described Flame as “one of the most complex threats ever discovered.”
If you don’t remember Stuxnet, it was the alleged state-sponsored virus which wreaked havoc on Iran’s uranium centrifuges. This new malware, according to the BBC story, “appears not to cause physical damage,” but instead collects “huge amounts of sensitive information.”
Wired also adds to the story, reporting Flame was “written by different programmers, its complexity, the geographic scope of its infections and its behavior indicate strongly that a nation-state is behind Flame, rather than common cyber-criminals.”
Wired went on to report that “Early analysis of Flame by the Lab indicates that it’s designed primarily to spy on the users of infected computers and steal data from them, including documents, recorded conversations and keystrokes. It also opens a backdoor to infected systems to allow the attackers to tweak the toolkit and add new functionality.”
Yes, indeedy. According to Wired, one of the modules in Flame is “one that turns on the internal microphone of an infected machine to secretly record conversations that occur either over Skype or in the computer’s near vicinity.”
It also allegedly contains a module that turns “Bluetooth-enabled computers into a Bluetooth beacon,” scanning for other Bluetooth-enabled devices in order to “siphon names and phone numbers from their contacts folder.”
It can also store “frequent screenshots of activity on the machine,” screenshots that include everything from emeetings to instant messages, email….you get the picture. Literally.
I don’t know about you, but I sense a whole new genre of cyber espionage novels looming on the horizon.