September 25, 2017 By Mark Samuels 3 min read

IT decision-makers must develop a strong cybersecurity strategy that uses analytics and innovation to create an integrated approach to data protection.

That was the key message from a keynote speech by Marc Van Zadelhoff, general manager at IBM Security, who spoke at the recent Privacy & Security 2017 event organized by Forrester Research in Washington, D.C. Van Zadelhoff said that too many firms still fail to get the basics right when it comes to data protection.

Security leaders must move beyond the traditional perimeter-based approach to cybersecurity. As a first stage, they should place analytics at the heart of their cybersecurity strategy. As a further stage of evolution, IT managers should use cloud, collaboration and cognitive capabilities to boost data protection.

https://www.youtube.com/watch?v=NMQpd1nK2nE&feature=youtu.be

Why Is It Still Hard for Companies to Get the Basics Right?

Van Zadelhoff, who runs IBM’s 8,000-strong security business, suggested three key reasons why firms struggle with information security. He pointed, first, to data overload in the security community, stating that it still takes 201 days on average to find and isolate a security breach.

Second, Van Zadelhoff referred to the skills gap, referencing an (ISC)2 study that suggested there will be 1.5 million IT security vacancies globally by 2020. Finally, he mentioned the complexity of tooling — while the industry tends to focus on advanced technology, basic security elements are still ignored. He said the average customer uses 85 security tools from 45 vendors.

Van Zadelhoff added that, as a security specialist with 20 years of experience, he still sees common mistakes across patch management and application security. He pointed to regular news stories about vulnerabilities in applications. “Finding key data, and protecting that data, should be basic stuff,” he said.

Taking an Informed Approach to Data Protection

Van Zadelhoff proposed an alternative security model based around an immune system of capabilities. Rather than attempting to create a defendable perimeter, IT decision-makers should place analytics at the core of an integrated approach to data protection.

This analytical insight can then be used to inform key areas of data protection, such as mobile devices, applications and identifiers. “When this immune system is done well, it can provide a boost in terms of both security and privacy,” said Van Zadelhoff.

Deep analytics can also help identify user concerns, both in terms of the behavior of internal employees and external customers. “When you know how your users are behaving, you can start to act and put data access privileges in place,” he said.

Evolve Security Programs for the Future

According to Van Zadelhoff, the good news is that increasing numbers of businesses are moving to an immune-system approach to security. He hoped that more firms will begin to advance security to a third strategic stage, where security leaders use a combination of cloud, collaboration and cognitive capabilities to create even higher levels of data protection.

Van Zadelhoff said that companies can use cloud to deploy new security elements quickly as-a-service, potentially creating 30 percent cost savings when compared to traditional on-premises approaches. Stronger collaboration, meanwhile, can allow organizations and vendors to share best practice knowledge on incident management.

When it comes to cognitive capabilities, Van Zadelhoff referred to the artificial intelligence-based system known as Watson for Cyber Security, which draws on the detailed analysis of 2 million security documents. Clients can use this system to find potential explanations for incidents 60 times faster than through complex manual analysis.

Some organizations have already benefited from Watson for Cyber Security. IBM analysts working on-site at Wimbledon used the technology to analyze potential threats quickly, and security firm Sogeti has used the system to boost a security operations center at an insurance company.

More from

Are successful deepfake scams more common than we realize?

4 min read - Many times a day worldwide, a boss asks one of their team members to perform a task during a video call. But is the person assigning tasks actually who they say they are? Or is it a deepfake? Instead of blindly following orders, employees must now ask themselves if they are becoming a victims of fraud.Earlier this year, a finance worker found themselves talking on a video meeting with someone who looked and sounded just like their CFO. After the…

How cyberattacks on grocery stores could threaten food security

4 min read - Grocery store shoppers at many chains recently ran into an unwelcome surprise: empty shelves and delayed prescriptions. In early November, Ahold Delhaize USA was the victim of a cyberattack that significantly disrupted operations at more than 2,000 stores, including Hannaford, Food Lion and Stop and Shop. Specific details of the nature of the attack have not yet been publicly released.Because the attack affected many digital systems, some stores were not able to accept credit/debit cards, while others had to shut…

Taking the fight to the enemy: Cyber persistence strategy gains momentum

4 min read - The nature of cyber warfare has evolved rapidly over the last decade, forcing the world’s governments and industries to reimagine their cybersecurity strategies. While deterrence and reactive defenses once dominated the conversation, the emergence of cyber persistence — actively hunting down threats before they materialize — has become the new frontier. This shift, spearheaded by the United States and rapidly adopted by its allies, highlights the realization that defense alone is no longer enough to secure cyberspace.The momentum behind this…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today