August 17, 2017 By Anshul Garg 3 min read

Bad guys are getting stronger. Cyberattacks are at an all-time high. The cost of a data breach is increasing. Organizations across all industries are being attacked. Insider threats are on the rise.

These statements are not just meant to send jitters through security leaders — they are facts. Is there a recipe that allows organizations to better protect, detect and respond to threats? IBM and Check Point have teamed up to find solutions.

3 C’s of Security

IBM recommends a three C’s approach to cybersecurity: cognitive, cloud and collaboration.

  1. Cognitive solutions are solutions that can understand, reason and learn. These solutions can make sense of unstructured data, which traditional systems cannot.
  2. Cloud systems that strengthens a company security posture because security is built into the architecture.
  3. Collaboration within the security industry to combat cybercriminals, who also often collaborate. An important aspect of this collaboration would be intelligence sharing.

IBM and Check Point Partnership

In line with the collaboration that the security industry needs to have, IBM and Check Point are deepening their nearly two-decades-long relationship. The two organizations are jointly working in key areas to help mutual customers accelerate their threat protection program.

Recently, Check Point launched an app called SmartView for QRadar on IBM’s App Exchange. The Check Point SmartView Application for QRadar consolidates monitoring, logging, reporting and event analysis into a single console to bring clients comprehensive, easy-to-understand threat visibility. The security teams can focus their efforts on the critical threats by delivering network and security events from Check Point devices to QRadar for forensic analysis within a unified console.

Listen to the podcast: IBM and Check Point are Taking on Security Challenges in Asia-Pacific

Partnership in Action

Consider a scenario where the attacks are coming through the endpoints. Typically, organizations have various tools working in silos — endpoint monitoring, security information and event monitoring (SIEM) tools, ticketing systems and incident response. So if an endpoint detects something malicious, a ticket is generated and manually escalated to SIEM. The SIEM looks at it and may take time to act upon it. Then the incident response platform needs to be manually activated for remediation. The entire process could take a lot of time and has manual intervention. Does the organization have this much time?

Imagine a workflow in which anything detected at endpoints is directly communicated to SIEM and goes through the following process:

  • A malicious attack is identified at the endpoint.
  • The issue is immediately identified as an event in the SIEM platform.
  • A ticket is created that can be addressed by the customer’s administrator.
  • Customers using Resilient for incident response can push out a remediation automatically.

The above scenario is very useful in case an attack is coming from the endpoint and needs to be addressed immediately, without going through the manual flow of creating the ticket and escalating it. Automation is an important difference in how effective that resolution is, and it helps organizations make informed decisions.

Next Steps

Security is proving to be best played as a team sport, with trust and open communication among fellow players as a best practice for winning. We’re taking the next step in collaboration and are thrilled to have Check Point as a security partner to join and support this new ecosystem.

For more insights on how IBM and Check Point are working together, listen to the podcast, “IBM and Check Point: Taking on Security Challenges in Asia-Pacific and Around the World.” We also invite you to join us for CPX 2017 in Singapore on Aug. 23, and for Govware 2017, also in Singapore, from Sept. 19 to 21. There you can learn how IBM and Check Point can together help clients with security.

More from

Cloud Threat Landscape Report: AI-generated attacks low for the cloud

2 min read - For the last couple of years, a lot of attention has been placed on the evolutionary state of artificial intelligence (AI) technology and its impact on cybersecurity. In many industries, the risks associated with AI-generated attacks are still present and concerning, especially with the global average of data breach costs increasing by 10% from last year.However, according to the most recent Cloud Threat Landscape Report released by IBM’s X-Force team, the near-term threat of an AI-generated attack targeting cloud computing…

Testing the limits of generative AI: How red teaming exposes vulnerabilities in AI models

4 min read - With generative artificial intelligence (gen AI) on the frontlines of information security, red teams play an essential role in identifying vulnerabilities that others can overlook.With the average cost of a data breach reaching an all-time high of $4.88 million in 2024, businesses need to know exactly where their vulnerabilities lie. Given the remarkable pace at which they’re adopting gen AI, there’s a good chance that some of those vulnerabilities lie in AI models themselves — or the data used to…

FBI, CISA issue warning for cross Apple-Android texting

3 min read - CISA and the FBI recently released a joint statement that the People's Republic of China (PRC) is targeting commercial telecommunications infrastructure as part of a significant cyber espionage campaign. As a result, the agencies released a joint guide, Enhanced Visibility and Hardening Guidance for Communications Infrastructure, with best practices organizations and agencies should adopt to protect against this espionage threat. According to the statement, PRC-affiliated actors compromised networks at multiple telecommunication companies. They stole customer call records data as well…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today