Security

Is there a security solution for me or is it only a privilege for the big one’s?

Share this post:

These past weeks, I have had many people asking me all sorts of questions on WannaCry and now on Petya. One question has come up repeatedly: ‘…if the big companies cannot protect themselves how can the small and medium sized enterprises (SME) protect themselves…’. These companies might have only one security person or maybe they  do not have one at all! They might have two employees attached  to the job, but still they cannot cover all work tasks related to security, hence the growing frustration around security is increasing.

Maybe the marked, ourselves included, are not effective enough to communicate the potentials for SME’s regarding security solutions. So, the following blog is to explain the opportunities in a non-technical way, on how IBM secures small and medium sized customers.

First things first, we need to understand the process of fighting cybercrime, in this process we are looking at steps like detect, prevent and respond. All three disciplines demand special skills and at the same time, the spectre of risk comes in to the picture. The employees responsible for the security area continually need to inform the board or management of the risk level of the company. So the ‘…why is this process so important?…’ it is important for the management in order to decide what kind of investment should be implemented in the company to protect the business, including IP rights and revenue stream.

YOU CAN OUTSCOURCE YOUR SECURITY, BUT YOU CAN NOT OUTSOURCE YOUR RESPOSIBLITY.

So, let us look at the solution that could fit your business. If you have none or close to no security personnel hired at all – there is really only one solution. That is the hosted service where one of the IBM partners are hosting your solution, no SME is too small or too big for this solution! This is a very important take away. Typically, they will start with an assessment to figure out your infrastructure, they will evaluate which level of security you want to go forward with, what is acceptable for your business and what specific audit demands you will be facing. The deployment is often a 3 to 4-month process and afterwards it is only the responsibility you will be working on, this is done by monitoring that the service is equal to your standards and specifications.

Many companies are offering log management as a Security Operation Centre (SOC) solution. In many cases this will ease the overview of the audit process and demands, but it  does not give you the necessary and vital view on the security situation of your SME! Here you need to apply a Security Information and Event Management (SIEM) approach. This way you will get information on the correlation of your logs, vulnerability assessment, alerting, dashboards and forensic analysis.

Normally patching is usually part of the operation, but with the latest cyberattacks we have seen it has certainly transformed into a security issue. So as part of your responsibility you need to ensure that your SOC can see the level of patching to and include this in the risk picture.

Now hosting is the optimal way where you will not only get the infrastructure outsourced, but a lot of skilled people will also support you and your security team, and these people understand the attacks better than anybody else due to their constant engagement with monitoring and solving these issues.

Now the second level is to engage in the IBM Qradar cloud solution. This is covering network security intelligence, analytic s detection, cyber security attacks and network breaches. As a cloud-based service, you and your team will be focused on reviewing anomalous conditions and patching the most important asset vulnerabilities rather than acquiring and deploying technology components. You can begin using IBM QRadar on Cloud by paying a monthly fee and adjust the performance up or down to meet your needs. Within this area, we have very competent partners ready to help setting up this service. There are also partners that can handle the offenses given by the SIEM system. So, IBM can offer a full-service pack with our partners around our cloud solution for both big companies as well as SME’s.

If you have the people, if you have the skills, if you want to be 100 % in control then we have both appliances, software and virtual solutions. You can obtain an all-in-one-solution which is easy to install or we can deliver this solution on an appliance ready to configure. We recommend that you have a talk with one of our architects before entering in to this solution.

So, there is no excuse for not being secure. There are solutions for everyone and even more, there are IBM partners that can support you through the entire process.

If you need more information please do not hesitate to call me at +45 51638464

TO REQUEST A TRAIL FOR OUR CLOUD SOLUTION PLEASE VISIT – click here.

Sales Lead Nordic Security Intelligence IBM Software Sales

More Security stories

Data Democratization – making data available

One of the trending buzzwords of the last years in my world is “Data Democratization”. Which this year seems to have been complemented by “Data Fabric” and “Data Mesh”. What it is really about the long-standing challenge of making data available. It is another one of these topics that often gets the reaction “How hard […]

Continue reading

How to act in the new regulation of financial sector

Our world is changing. Because of that regulators around the world are taking ambitious steps to improve the sustainability of the financial sector and guide capital towards sustainable economic activity. Especially in EU we are seeing a high level of regulations. These regulatory interventions present complex and sensitive legal challenges for financial sector firms, which […]

Continue reading

Private cloud or public cloud? New server technology offers more choice

In September, we launched the new IBM Power E1080 high-end server, for corporate use based on the  new Power10 architecture, the Power E1080. The server can – among many other things – handle a large number of applications and workloads securely, at scale and with highest availability. Going into the spring of 2022, we will […]

Continue reading