IBM Security recently launched and announced quite a few initiatives designed to help organizations defend against cyberattacks, including:

  • The opening of the fully operational X-Force Command Cyber Range. This space immerses participants in simulated cyberattacks to train them to properly prepare for, respond to and manage a broad variety of threats.
  • The upgrade of the IBM X-Force Command Center Atlanta, a security operations center that IBM has operated for 15 years. The facility now handles over 35 billion security events per day — a 75 percent increase in capacity.
  • The formation of the new IBM X-Force IRIS Team, an incident response and intelligence consulting service. Over 100 elite cybersecurity consultants around the world use IBM’s X-Force Threat Intelligence network to help clients understand where and how cyberattacks are being launched so they can defend against and remediate them with greater speed and accuracy.

A Tour de X-Force

You might have noticed that X-Force has a hand in all these initiatives. So we sat down with Nick Bradley, an X-Force Research Practice Lead, to learn more about the evolution of the IBM X-Force team and its objectives.

Question: How has IBM X-Force changed over time?

Bradley: Our mission has always been based on protecting our clients. However, over time, that mission has expanded into a great many different areas. Whereas the main focus was to monitor threats and vulnerabilities to create coverage in IBM products, we now do much more in the way of pure research.

We are now the center for information sharing within IBM and, in many cases, outside of IBM through the amazing capabilities of the X-Force Exchange. My X-Force Threat Research team and X-Force Threat Analysis team have moved on from just reporting the news to discovering it and publishing it as original works.

It is only right that all of this progress benefit what we used to call the security operations center (SOC). Now being bolstered by all the arms of the X-Force, it seemed logical to rebrand the SOC as the X-Force Command Center.

What gives IBM X-Force an edge over other commercial research groups?

Bradley: Simply stated, experience. X-Force has been doing this since before cybersecurity was a household word. We have access to copious amounts of data from around the world and from many different sectors. This gives us a unique perspective into the threat landscape.

How does the research from IBM X-Force support enhancements to our protection solutions for clients?

Bradley: I almost want to say that this is a no-brainer, but I know that is only due to my involvement. The research being done is communicated up, down and across, through multiple channels, to keep all the different facets of IBM Security informed. Our discoveries usually make their way directly into the IBM products, either at a signature level or on a correlation level. The information sharing channels we have developed make this easier and easier.

Anything else you might want to add related to the X-Force Command Center?

Bradley: It’s cool! The X-Force Command Center is a state-of-the-art working and collaboration environment developed by analysts for analysts. Gone is the dark, dank dungeon look where even working with someone 10 feet away was difficult due to the floor layout. This is a very comfortable work environment that enables collaboration.

More from

More School Closings Coast-to-Coast Due to Ransomware

Instead of snow days, students now get cyber days off. Cyberattacks are affecting school districts of all sizes from coast-to-coast. Some schools even completely shut down due to the attacks. The federal government recently warned that K-12 schools face a growing threat from cyber groups. According to the FBI, school districts often have limited cybersecurity protections, which makes them even more vulnerable. The FBI also says it anticipates the number of threats to increase. In a recent warning, the nation’s…

The Role of Human Resources in Cybersecurity

The human resources (HR) department is an integral part of an organization. They work with all departments with a wider reach than even IT. As a highly visible department, HR can support and improve an organization’s security posture through employee training. Their access to employees at the start of employment is an opportunity to lay a foundation for a culture of risk awareness. HR departments do not typically include cybersecurity risk awareness training with new hire onboarding, but it’s something…

New Attack Targets Online Customer Service Channels

An unknown attacker group is targeting customer service agents at gambling and gaming companies with a new malware effort. Known as IceBreaker, the code is capable of stealing passwords and cookies, exfiltrating files, taking screenshots and running custom VBS scripts. While these are fairly standard functions, what sets IceBreaker apart is its infection vector. Malicious actors are leveraging the helpful nature of customer service agents to deliver their payload and drive the infection process. Here’s a look at how IceBreaker…

Operational Technology: The evolving threats that might shift regulatory policy

Listen to this podcast on Apple Podcasts, Spotify or wherever you find your favorite audio content. Attacks on Operational Technology (OT) and Industrial Control Systems (ICS) grabbed the headlines more often in 2022 — a direct result of Russia’s invasion of Ukraine sparking a growing willingness on behalf of criminals to target the ICS of critical infrastructure. Conversations about what could happen if these kinds of systems were compromised were once relegated to “what ifs” and disaster movie scripts. But those days are…