Security intelligence

Share this post:

Special Issue of the IBM Journal of Research and Development

Journal of R&D: Security Intelligence

Cybersecurity is among the most important and pressing challenges of our times. The inadequacy of perimeter-based security controls in protecting enterprises is demonstrated in the increase in the scale, scope, and frequency of cyber-attacks confronting enterprises today. As noted by guest editor and IBM Fellow J. R. Rao, this problem is further exacerbated by the proliferation and adoption of technologies involving cloud, mobile, and social platforms (often offered as third-party services), which further erode the visibility and control that enterprises have on their security posture.

Many organizations deploy a variety of security controls, including security sensors such as intrusion detection and prevention systems, as well as security tooling for identity, access, and audit management. These systems enable organizations to manage their security postures, generating a multitude of event alert streams, logs, and audit records that contain actionable intelligence that is often underutilized and often not available in real-time. The inability to automatically mine, aggregate, and correlate these events and data at line speeds, and to present them to the security analyst in a semantically meaningful manner, deprives security analysts and administrators of valuable insights for defending their IT infrastructure and, more broadly, their organization’s assets and reputation.

This special issue of the IBM Journal of Research and Development reports on work in the emerging area of security intelligence. Here, the various authors explore how to exploit a variety of instrumentation in today’s IT landscape and data centers to enable the responsible collection and aggregation of sensitive monitoring data. Furthermore, authors investigate the harnessing of emerging big data analytics engines and platforms, including cognitive computing techniques, to develop models and predictive analytics to create semantically rich interpretations of security-relevant events that scale to very large environments — enabling cross-data-flow correlation of security, application, user, system, and network events.

Rao notes that, with near-real-time capabilities, one goal of the work described in this issue concerns placing comprehensive and accurate control back into the hands of decision makers, such as security analysts, by relieving them of repetitive and manual tasks and also enabling the analyst to focus on remediating critical security events. The authors also explore some of the ramifications and different choices that enterprises are making to balance the requirements of enterprise security and privacy.

Visit the IBM Journal website for more of our recent issues.

Clifford A. Pickover
IBM Journal of Research and Development

More Security stories

Archaeologists Seek to Unearth Mysterious Geoglyphs in Peru Using IBM AI and Geospatial Data

After uncovering a new Nasca Line formation with IBM Watson Machine Learning Accelerator on IBM Power Systems, Yamagata University will deploy IBM PAIRS in the hopes of further discoveries with AI.

Continue reading

IBM’s African Scientists Look to Tackle the Continent’s Pressing Healthcare Challenges with AI

A majority of African countries still have fewer than one doctor for every one thousand people, and with the African population expected reach 1.6 billion by 2030, up from 1 billion in 2010, this is not just problematic, but catastrophic. Just as alarming is that the World Health Organization projects that by 2020 the burden […]

Continue reading

Progress in IBM & Hartree Collaboration Reduces Physical Prototype Testing, Protects Crops from Pests and Improves Mobile Phone Coverage

More than 24 months ago, IBM and the Science and Technology Facilities Council (STFC) Hartree Centre set an ambitious goal for themselves — enable UK businesses to use modelling, simulation and Big Data Analytics on real problems to develop better products and services that will boost productivity, drive growth, increase UK competitiveness and create jobs. […]

Continue reading