Turbotodd

Ruminations on IT, the digital media, and some golf thrown in for good measure.

Posts Tagged ‘ibm security

IBM QRadar Named as a Leader in Security Analytics Platforms

leave a comment »

IBM Security has announced IBM QRadar, the company’s security intelligence platform, has been named a “Leader” and received the highest scores in the three categories – current offering, strategy, and market presence – of all evaluated solutions in the March 2017 report, “The Forrester Wave™: Security Analytics Platforms, Q1 2017,” by Forrester Research, Inc.

For this report, Forrester evaluates companies based on a number of criteria, including deployment options, detection capabilities, risk prioritization, log management, threat intelligence, dashboards and reporting, security automation, end user experience, and customer satisfaction.

Forrester surveys indicate that 74% of global enterprise security technology decision makers rate improving security monitoring as a high or critical priority.

According to the report, IBM Security “has an ambitious strategy for security analytics that includes cognitive security capabilities from its Watson initiative and security automation from its Resilient Systems acquisition.”

Forrester also notes IBM’s investments in security with its QRadar Security Intelligence Platform emerging as “one of the key pieces of its portfolio.” The analyst firm also notes that “those looking for advanced capabilities and a flexible deployment model should consider IBM.”

Written by turbotodd

March 10, 2017 at 8:49 am

The Yahoo Repo

leave a comment »

And you thought bad security didn’t cost your business anything to the downside?

A few months ago Verizon was posing the question “Should we Yahoo!?” and the answer was a resounding “Yes We Should!”

But after yesterday’s report of another Yahoo! hacking incident, this time dating back to 2013 and involving as many as 1 billion user accounts, the answer is quite different.

Bloomberg is reporting that Verizon is looking for either a price cut (“Hacker’s Discount!”) or even a “possible exit” from the $4.83 billion pending acquisition.

Yahoo shares have fallen as much as 6.5 percent since the news broke of the latest hack.

Me, I stopped Yahooing the first time around, going so far as to completely delete my Yahoo! account (one, by the way, I’d probably had for going on 17 years!)

(See IBM’s cognitive security to learn how you can prime your company’s digital immune system.)

In other breaking tech news and also from Bloomberg, VC-backed unicorn and developer-can’t-live-without coding platform, GitHub, lost $66M in nine months over 2016.

GitHub received a $250M funding round by Sequoia Capital in 2015, but has apparently been burning through cash as fast as developers can create new repos.

And seemingly straight outta the HBO show, “Silicon Valley,” GitHub’s San Fran HQ apparently has a lobby modeled after the White House’s Oval Office, which in turn leads to a replica of the Situation Room.

Let’s hope they won’t be needing to go to DefCon 4 anytime soon — the software development world would likely come to a screeching halt if GitHub were to head south.

If only they could just commit!

{{IF you think that was a bad joke, THEN I’ve got plenty more where that one came from.}}

Written by turbotodd

December 15, 2016 at 4:16 pm

Live @ IBM InterConnect 2012: A Q&A With Brendan Hannigan On Security Intelligence

with one comment

Brendan Hannigan is General Manager of the IBM Security Systems Division in the IBM Software Group; he brings more than 25 years of industry experience to his role. Previously, Mr. Hannigan was the president and chief executive officer of Q1 Labs, the acquisition of which catalyzed the creation of the Security Systems Division. This division brings together many capabilities across IBM to respond to the market need for sophisticated, comprehensive and integrated approaches to enterprise security.

As IBM’s general manager for its Security Systems Division will tell you, we’re entering into a perfect IT security storm.

These days, hackers are more sophisticated, your data is increasingly accessed anytime and anywhere and often resides in the cloud.

Fewer access points are corporately-controlled, and there is a growing digital data explosion while the compliance demands on staff and systems escalate.

These trends mean corporate IT security can no longer be an afterthought where a secure perimeter is good enough. Instead, security intelligence preventing, detecting and addressing system breaches anywhere must start in the boardroom and become part of your organization’s IT fabric. It is now imperative to be woven into your everyday business operations.

Brendan Hannigan brings more than 25 years of industry experience to his role as general manager of the new IBM Security Systems Division.

Previously, he was the president and chief executive officer of Q1 Labs, the acquisition of which catalyzed the creation of the Security Systems Division.

This new division brings together many capabilities across IBM to respond to the market need for sophisticated, comprehensive and integrated approaches to enterprise security.

Prior to Q1 Labs, Brendan was vice president of marketing and technology at Sockeye Networks; director of network research at Forrester Research; and served in a variety of senior-level product development roles at Digital Equipment Corporation, Wellfleet Communications, and Motorola.

We discussed a number of security-related topics during our Q&A at IBM InterConnect, including browser exploits, the need for increased security intelligence, and IBM’s bi-annual X-Force Trends and Risk Report, which I’ve covered extensively in this blog.

You can see our interview here.

IBM To Acquire Security Intelligence Provider Q1 Labs

leave a comment »

IBM has announced a definitive agreement to acquire privately held Q1 Labs, a Waltham, Massachusetts-based provider of security intelligence software.

The move aims to accelerate IBM’s efforts to help clients more intelligently secure their enterprises by applying analytics to correlate information from key security domains and creating security dashboards for their organizations.

Financial terms were not disclosed.

Following the close of the acquisition, Q1 Labs will join the newly-formed IBM Security Systems division, representing the world’s most comprehensive security portfolio.  After the close, IBM intends the new division to be led by Brendan Hannigan, CEO of Q1 Labs.

The new division will target a $94 billion opportunity in security software and services, which has a nearly 12 percent compound annual growth rate, according to IBM estimates.

Q1 Labs will join the more than 10 strategic security acquisitions IBM has made in the last decade and the more than 25 analytics-related purchases, including the recently announced acquisition of security analytics software firm, i2.

Organizations face a landscape with high-impact corporate breaches, growing mobile security concerns and advanced security threats, as highlighted in last week’s IBM X-Force Mid-Year Trend and Risk Report.

Firms must be equipped to identify threats, detect insider fraud, predict business risk and address regulatory mandates. Three quarters of firms feel cyberattacks are hard to detect and their effectiveness would increase with end-to-end solutions, according to a recent industry report.

Q1 Labs’ advanced analytics and correlation capabilities can automatically detect and flag actions across an enterprise that deviate from prescribed policies and typical behavior to help prevent breaches, such as an employee accessing unauthorized information.

“Since perimeter defense alone is no longer capable of thwarting all threats, IBM is in a unique position to shift security thinking to an integrated, predictive approach,” said Brendan Hannigan, CEO of Q1 Labs. “Q1 Labs’ security analytics will add greater intelligence to IBM’s security portfolio and continue to distinguish IBM from competitors.”

IBM operates the world’s broadest security research and development organization, comprising nine security operations centers, nine IBM Research centers, 11 software security development labs and three Institutes for Advanced Security.

It employs thousands of security experts globally such as security operations analysts, consultants, sales and tech specialists, and strategic outsourcing delivery professionals.  IBM monitors 12 billion security events per day in more than 130 countries and holds 3,000 security patents. IBM has been in the security business for nearly 50 years dating back to the security innovation in its mainframe systems.

You can learn more about IBM’s security offerings here.

Written by turbotodd

October 4, 2011 at 12:47 pm

IBM’s 2010 X-Force Trend And Risk Report: Increasing Security Threats in Mobile, Cloud Computing

leave a comment »

Congrats to India on their Cricket World Cup victory over Sri Lanka.  You’ve had a whole long weekend to celebrate, so let’s get back to work, shall we?  : )

Because as it turns out, the most recent IBM X-Force Trend and Risk Report (2010 edition) suggests there’s still plenty of work to do, at least on the IT security front.

The IBM X-Force Trend and Risk Report is an annual assessment of the security landscape, designed to help clients better understand the latest security risks, and stay ahead of these threats.  The report gathers facts from numerous intelligence sources, including its database of over 50,000 computer security vulnerabilities, its global Web crawler and its international spam collectors, and the real-time monitoring of 13-billion security events every day for nearly 4,000 clients in more than 130 countries.

These 13-billion events monitored each day – more than 150,000 per second – are a result of the work done in IBM’s nine, global Security Operations Centers (SOC), which is provided as a Managed Security Service to clients.

IBM X-Force’s Tom Cross explains the most recent results of IBM’s global security study. High on this past year’s list of security concerns: Cloud computing and mobile devices (including the exposure presented by smartphones).

150,000 Security Threats Per Second

Based on the intelligence gathered through research of public vulnerability disclosures, and the monitoring and analysis of more than 150K security events per second during every day of 2010, here are the headlines from the latest X-Force report:

  • More than 8,000 new vulnerabilities were documented, a 27 percent rise from 2009. Public exploit releases were also up 21 percent from 2009 to 2010. This data points to an expanding threat landscape in which sophisticated attacks are being launched against increasingly complex computing environments.
  • Spam volume leveled off by the end of 2010 (as compared to its historically high growth rate). This indicates that spammers may be seeing less value from increasing the volume of spam, and instead are focusing on making sure it is bypassing filters.
  • “Spear phishing,” a more targeted attack technique, was on the rise in 2010, even though there were significantly fewer phishing attacks relative to previous years. This suggests that cyber crooks are focusing more on quality of attacks, rather than just quantity.
  • End user adoption of smartphones and other mobile devices demonstrated a rise in vulnerability disclosures and exploits that target these devices.  IT security departments, of course, have been struggling to determine the right way to bring these devices safely into corporate networks.

Vulnerability Disclosures Growth by Year

IBM documented more than 8,000 new vulnerabilities, a 27 percent rise from 2009. Public exploit releases were also up 21 percent from 2009 to 2010. This data points to an expanding threat landscape in which sophisticated attacks are being launched against increasingly complex computing environments.

In conjunction with this year’s report, IBM is launching the IBM Institute for Advanced Security in Europe to combat growing security threats in the region.  The IBM X-Force report stated that in 2010, nearly a quarter of all financial phishing emails targeted banks located in Europe.  It also identified the UK, Germany, Ukraine and Romania among the top 10 countries sending spam in 2010.

This Institute joins its predecessor in Washington, D.C., focused on U.S. clients.

Emerging Security Threats In Cloud Computing, Mobile

A new section in the IBM X-Force Trend and Risk Report is dedicated to the security trends and best practices for the emerging technologies of mobile devices and cloud computing. The report highlighted a shift in perception about cloud security as adoption continued to evolve and knowledge around this emerging technology increased.  Since security is still considered an inhibitor to cloud adoption, cloud providers must earn their customers’ trust.

Organizations are also increasingly concerned about the security implications of personal mobile devices used by employees. Organizations must ensure control of their data regardless of where it is, including employee-owned or business-issued smartphones.

In 2010, IBM X-Force documented increases in the volume of vulnerabilities disclosed in mobile devices as well as the disclosure of exploits that target them.  The desire to “jailbreak” or “root” mobile devices has motivated the distribution of mature exploit code that has been reused in malicious attacks.

Nevertheless, malware is not yet common on the latest generation of mobile devices and most IT professionals view the data stored on them and how that can be misused or lost as the main security threats associated with these devices. According to the IBM X-Force Report, best practices for mobile security are evolving with enhanced password management and data encryption capabilities.

Additional trends highlighted in the report included:

  • The new, sophisticated face of cyber crime — From a security standpoint, 2010 is most remembered as a year marked by some of the most high profile, targeted attacks that the industry has ever witnessed. For example, the Stuxnet worm demonstrated that the risk of attacks against highly specialized industrial control systems is not just theoretical. These types of attacks are indicative of the high level of organization and funding behind computer espionage and sabotage that continues to threaten a widening variety of public and private networks.
  • Web applications accounted for nearly half of vulnerabilities disclosed in 2010 — Web applications continued to be the category of software affected by the largest number of vulnerability disclosures, representing 49 percent in 2010.  The majority represented cross site scripting and SQL injection issues, and the IBM X-Force data showed that these vulnerabilities are being targeted by attackers.  According to the report results, every summer for the past three years there has been a globally scaled SQL injection attack some time during the months of May through August. The anatomy of these attacks has been similar across the board, targeting .asp pages that are vulnerable to SQL injection.
  • A secure by design approach can improve security — IBM X-Force has determined that taking proactive steps to evaluate web application security and improve development and quality assurance processes can result in a significant improvement in the security of web application software. The report included data showing that web applications scanned for vulnerabilities often showed significant improvements upon being retested – exhibiting less than half of the number of particular classes of vulnerabilities, on average, the second time they are assessed. This encouraging information points the way toward sustained improvements in Internet security.
  • Nearly half of vulnerabilities remain unpatched — To help prevent attackers from exploiting vulnerabilities, organizations must focus on shortening the window of time between vulnerability disclosure and patch installation. Forty-four percent of all security vulnerabilities had no vendor-supplied patch at the end of 2010. However, even in cases where patches are made available on the same day that a vulnerability is publicly disclosed, there may be a significant gap in time before those patches are installed on vulnerable systems. Computer criminals often privately develop exploits that target publicly disclosed security vulnerabilities, and use those exploits to launch attacks. Later, when these private exploits have ceased to be valuable as attack tools, they are publicly disclosed. The IBM X-Force report data showed that exploits are often publicly disclosed tens or hundreds of days after the vulnerabilities they target. If it is taking a long time for these exploits to surface, it may be taking a long time for networks to patch.
  • Continued growth of Internet botnets — IBM X-Force saw an upward trend in Trojan botnet activity during 2010. This growth is significant because despite increasing coordinated efforts to shut down botnet activity, this threat appeared to be gaining momentum. However, IBM X-Force’s data did illustrate the dramatic impact of a successful effort in early 2010 to shutdown the Waledac botnet, which resulted in an instantaneous drop off in observed command and control traffic. On the other hand, the Zeus botnet continued to evolve and constituted a significant portion of the botnet activity detected by IBM X-Force in 2010. Due to its extreme popularity with attackers, there are hundreds, or even thousands, of separate Zeus botnets active at any given time. The Zeus botnet malware is commonly used by attackers to steal banking information from infected computers.

To help address these challenge IBM now has nine worldwide research labs innovating security technology and nine security operations centers around the world. These are designed to help global clients maintain the appropriate security posture.

Click here to access the 2010 IBM X-Force Trend and Risk report.

You can find more information on IBM Security Solutions at www.ibm.com/security.

Written by turbotodd

April 4, 2011 at 3:47 pm

%d bloggers like this: