Share this post:
If you’ve picked up a newspaper or visited a news site in the past few weeks, it will come as no surprise: the number, variety and complexity of enterprise security threats all continue to increase in the modern digital age. In addition to a constant stream of malicious outside threats, enterprises also need to contend with internal threats—including both intentional and accidental actions that can put an organization at risk.
Many enterprises seem unable to keep up. Too many incidents to evaluate are in play, and too many emerging threats to track exist. At the same time, the manual nature of this work is time-consuming and error-prone: enterprises cannot respond fast enough or accurately enough to new threats.
So what’s a CTO to do? How can your enterprise address growing security threats without substantially expanding your existing resources? You need a strategy that incorporates cloud visibility, a collaborative approach and cognitive technologies—the three C’s of enterprise security.
During the last few years, enterprise adoption of cloud services has grown significantly. Enterprises are using infrastructure-as-a-service (IaaS) offerings to cost-effectively expand their resources and software-as-a-service (SaaS) offerings to run a full range of enterprise applications without having to install and manage those applications in-house. Meanwhile, business groups and individual workers are subscribing to cloud services—sometimes without the knowledge of IT—to supplement their existing tools and resources.
The growing use of cloud services presents new challenges to your enterprise security team. You need ways to enhance visibility so you can know who is using which services, and identify the types of data they are using in conjunction with cloud services. To protect against threats, you need ways to identify all of the cloud-based applications that are being used, connect users with approved cloud-based applications and limit interactions with unsafe and unsanctioned ones.
To enable this level of visibility and communication, you need a system that integrates flawlessly with cloud services. For example, developers on the new IBM z14 mainframe are able to build and access enterprise cloud services and microservices using common language and open technologies. This hybrid approach to cloud allows Z clients the security of an encrypted environment while also accelerating innovation through cognitive DevOps.
Reducing the risks associated with cloud usage is vital, but a variety of other connections exist through which your enterprise might be vulnerable to threats. Email, for example, remains a key conduit for malware such as phishing scams and ransomware that can enter your environment. You need to anticipate and proactively address the full array of threat types.
Success requires collaboration. The people perpetrating security breaches are collaborating—they are sharing tools, techniques and information about potential vulnerabilities. To combat the threats that they are generating, your security team has to collaborate as well.
Security analysts need to be able to work with one another and with their peers beyond the enterprise to discover burgeoning trends and share information about the most effective tools. As the workload for security analysts continues to expand, collaboration is more important than ever.
When searching for new solutions, look for vendors who endorse this collaborative approach. Tools that facilitate collaboration among users are vital. And you need tools from vendors who collaborate among their peers as well. No vendor can do it all. Drawing from an ecosystem of solutions helps you find the right combination of solutions that interoperate seamlessly.
Manually collecting information and evaluating possible indicators of compromise (IOCs) are not sustainable processes as the number and variety of threats grow. Tapping into cutting-edge cognitive technologies helps. These technologies should offer the scalability, speed and increased accuracy you need to more effectively combat threats.
Cognitive technologies help enhance security first by evaluating the diverse array of possible “symptoms”—odd or suspicious activities that might indicate a security breach is imminent. Once the first few symptoms are identified, cognitive systems can mine for additional ones, looking across enterprise systems and back through several days of data.
At the same time, cognitive systems help build knowledge by scouring the Internet and absorbing information from the latest security blogs, articles and publications. This information is vital for helping your security team understand newly emerging threats and finding the most effective tools to thwart them.
Cognitive systems can then connect the dots among observed incidents, historical patterns and new information. Moreover, they can improve their capabilities as they go, by understanding, reasoning and learning. With these capabilities, cognitive systems help your security team investigate a growing volume of incidents, then deliver results faster, with greater accuracy and with a higher degree of certainty than before.
A new era of security
IBM is helping enterprises incorporate these three C’s into their security strategy by offering solutions to enhance cloud visibility; supporting robust, collaborative ecosystems; and developing leading-edge cognitive technologies. Are you ready to learn more about the IBM approach to enterprise security? Take your security to the next level with IBM Z.