IBM's integrated security framework

August 2012 Information Security

To address the increasing need for an integrated security offering to deal with the growing security threats businesses face, IBM launched IBM Security Systems (ISS) late last year following its purchase of Q1 Labs. Joe Ruthven, business unit executive, IBM Security Systems, IBM Middle East and Africa, spoke to Hi-Tech Security Solutions about the new division.

Joe Ruthven
Joe Ruthven

Ruthven says the company had security products in its software portfolio before the Q1 acquisition, but not an integrated Security Information and Event Management (SIEM) system that could consolidate security threats in real-time. Now there is a single brand with a single team behind the security drive.

There are for key trends in the market driving the need for an integrated security offering in business, according to Ruthven. These are:

* The explosion of data in all areas of business, much of it not being secured appropriately.

* Nobody can deny the growth of mobile computing and this is creating a serious security vulnerability. Users are far too trusting when it comes to downloading apps and business must take the appropriate measures to protect itself.

* Cloud computing is also creating a headache for businesses and consumers as they adopt strategies that could see their data held by third parties in a variety of locations.

* Attacks on business IT are also increasing, not only in frequency, but also in sophistication. It’s no longer malware or kids having fun, but organised crime is profiting from hacking attacks, making hacking in its various forms the third most lucrative crime in the world.

These trends, among others have made security a pressing concern for business, a concern ISS is addressing through its unified offering. Ruthven says there are four dimensions to ISS’s service.

* People: Companies need to ensure the right people have access to the right privileges and access to do their jobs efficiently, but they also need to ensure that the wrong people don’t have access to information they don’t need, or may want to access for nefarious purposes.

* Data: Securing data is somewhat lower on organisations’ priorities, but with mobile and cloud services becoming more popular, as well as the rise of ‘big data’ along with governance requirements, managing your data is becoming more important than ever.

* Infrastructure: Business is good at securing its infrastructure, but securing the perimeter is no longer enough to protect from attacks.

* Applications: Applications are also under pressure, not from an access perspective, but also regarding how they behave. Again, this is especially relevant in the mobile space.

To support its security service, IBM also has its X-Force research team that monitors the security market. Its IBM X-Force Trend and Risk Report is produced twice per year and provides statistical information about all aspects of threats that affect Internet security, including software vulnerabilities and public exploitation, malware, spam, phishing, Web-based threats, and general cyber criminal activity.



Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Highest increase in global cyberattacks in two years
Information Security News & Events
Check Point Global Research released new data on Q2 2024 cyber-attack trends, noting a 30% global increase in Q2 2024, with Africa experiencing the highest average weekly per organisation.

Read more...
Empower individuals to control their biometric data
Information Security Access Control & Identity Management Security Services & Risk Management
What if your biometrics, now embedded in devices, workplaces, and airports, promising seamless access and enhanced security, was your greatest vulnerability in a cyberattack? Cybercriminals are focusing on knowing where biometric data is stored.

Read more...
Strategies for combating insider threats
Information Security Security Services & Risk Management
In Africa, insider threats pose an increasingly significant risk to businesses, driven by economic uncertainty, labour disputes, and rapid digital transformation. These threats can arise from various sources, including disgruntled employees and compromised third-party service providers

Read more...
From the editor's desk: Interesting times
Technews Publishing News & Events
We certainly live in interesting times. From delaying the budget speech because the ANC doesn’t see any reason why VAT shouldn’t be increased by 2%, to crime fighters being set up and prosecuted in ...

Read more...
World-first safe K9 training for drug detection
Technews Publishing SMART Security Solutions Editor's Choice News & Events Security Services & Risk Management Government and Parastatal (Industry)
The Braveheart Bio-Dog Academy recently announced the results of its scientific research into training dogs to accurately detect drugs and explosives without harming either the dogs or their handlers.

Read more...
Nice launches DC Blue Astute garage door motor
Nice Group South Africa Technews Publishing News & Events Access Control & Identity Management Perimeter Security, Alarms & Intruder Detection
Nice Systems SA has launched the Nice DC Blue Astute, a garage door motor for the South African market featuring a pre-installed lithium-ion battery instead of traditional lead-acid batteries.

Read more...
Five tech trends shaping business in 2025
Information Security Infrastructure
From runaway IT costs to the urgent need for comprehensive AI strategies that drive sustainable business impact, executives must be prepared to navigate a complex and evolving technology environment to extract maximum value from their investments.

Read more...
Kaspersky’s predictions for 2025 APT landscape
Information Security
The 2025 advanced persistent threat (APT) includes the rise of hacktivist alliances, increased use of AI-powered tools by state-affiliated actors – often with embedded backdoor – more supply chain attacks on open-source projects.

Read more...
SecurityHQ certified B-BBEE Level 1: Delivering global services from a local entity
SecurityHQ Information Security
SecurityHQ, a global managed security services provider (MSSP) with an office in South Africa, has announced it can now offer local companies a complete managed cybersecurity service from a Level-1 B-BBEE accredited and 51% black-owned service provider.

Read more...
2024, the year of Fraud-as-a-Service
Information Security
A report from AU10TIX outlines how ‘the industry’s dark engine’ offers user-friendly fraud kits that enable amateurs to execute complex attacks against thousands of accounts in minutes.

Read more...