IT decision-makers must develop a strong cybersecurity strategy that uses analytics and innovation to create an integrated approach to data protection.

That was the key message from a keynote speech by Marc Van Zadelhoff, general manager at IBM Security, who spoke at the recent Privacy & Security 2017 event organized by Forrester Research in Washington, D.C. Van Zadelhoff said that too many firms still fail to get the basics right when it comes to data protection.

Security leaders must move beyond the traditional perimeter-based approach to cybersecurity. As a first stage, they should place analytics at the heart of their cybersecurity strategy. As a further stage of evolution, IT managers should use cloud, collaboration and cognitive capabilities to boost data protection.

Why Is It Still Hard for Companies to Get the Basics Right?

Van Zadelhoff, who runs IBM’s 8,000-strong security business, suggested three key reasons why firms struggle with information security. He pointed, first, to data overload in the security community, stating that it still takes 201 days on average to find and isolate a security breach.

Second, Van Zadelhoff referred to the skills gap, referencing an (ISC)2 study that suggested there will be 1.5 million IT security vacancies globally by 2020. Finally, he mentioned the complexity of tooling — while the industry tends to focus on advanced technology, basic security elements are still ignored. He said the average customer uses 85 security tools from 45 vendors.

Van Zadelhoff added that, as a security specialist with 20 years of experience, he still sees common mistakes across patch management and application security. He pointed to regular news stories about vulnerabilities in applications. “Finding key data, and protecting that data, should be basic stuff,” he said.

Taking an Informed Approach to Data Protection

Van Zadelhoff proposed an alternative security model based around an immune system of capabilities. Rather than attempting to create a defendable perimeter, IT decision-makers should place analytics at the core of an integrated approach to data protection.

This analytical insight can then be used to inform key areas of data protection, such as mobile devices, applications and identifiers. “When this immune system is done well, it can provide a boost in terms of both security and privacy,” said Van Zadelhoff.

Deep analytics can also help identify user concerns, both in terms of the behavior of internal employees and external customers. “When you know how your users are behaving, you can start to act and put data access privileges in place,” he said.

Evolve Security Programs for the Future

According to Van Zadelhoff, the good news is that increasing numbers of businesses are moving to an immune-system approach to security. He hoped that more firms will begin to advance security to a third strategic stage, where security leaders use a combination of cloud, collaboration and cognitive capabilities to create even higher levels of data protection.

Van Zadelhoff said that companies can use cloud to deploy new security elements quickly as-a-service, potentially creating 30 percent cost savings when compared to traditional on-premises approaches. Stronger collaboration, meanwhile, can allow organizations and vendors to share best practice knowledge on incident management.

When it comes to cognitive capabilities, Van Zadelhoff referred to the artificial intelligence-based system known as Watson for Cyber Security, which draws on the detailed analysis of 2 million security documents. Clients can use this system to find potential explanations for incidents 60 times faster than through complex manual analysis.

Some organizations have already benefited from Watson for Cyber Security. IBM analysts working on-site at Wimbledon used the technology to analyze potential threats quickly, and security firm Sogeti has used the system to boost a security operations center at an insurance company.

More from

Most organizations want security vendor consolidation

4 min read - Cybersecurity is complicated, to say the least. Maintaining a strong security posture goes far beyond knowing about attack groups and their devious TTPs. Merely understanding, coordinating and unifying security tools can be challenging.We quickly passed through the “not if, but when” stage of cyberattacks. Now, it’s commonplace for companies to have experienced multiple breaches. Today, cybersecurity has taken a seat in core business strategy discussions as the risks and costs have risen dramatically.For this reason, 75% of organizations seek to…

How IBM secures the U.S. Open

2 min read - More than 15 million tennis fans around the world visited the US Open app and website this year, checking scores, poring over statistics and watching highlights from hundreds of matches over the two weeks of the tournament. To help develop this world-class digital experience, IBM Consulting worked closely with the USTA, developing powerful generative AI models that transform tennis data into insights and original content. Using IBM watsonx, a next-generation AI and data platform, the team built and managed the entire…

How the FBI Fights Back Against Worldwide Cyberattacks

5 min read - In the worldwide battle against malicious cyberattacks, there is no organization more central to the fight than the Federal Bureau of Investigation (FBI). And recent years have proven that the bureau still has some surprises up its sleeve. In early May, the U.S. Department of Justice announced the conclusion of a U.S. government operation called MEDUSA. The operation disrupted a global peer-to-peer network of computers compromised by malware called Snake. Attributed to a unit of the Russian government Security Service,…

How NIST Cybersecurity Framework 2.0 Tackles Risk Management

4 min read - The NIST Cybersecurity Framework 2.0 (CSF) is moving into its final stages before its 2024 implementation. After the public discussion period to inform decisions for the framework closed in May, it’s time to learn more about what to expect from the changes to the guidelines. The updated CSF is being aligned with the Biden Administration’s National Cybersecurity Strategy, according to Cherilyn Pascoe, senior technology policy advisor with NIST, at the 2023 RSA Conference. This sets up the new CSF to…