Light Dark
February 20, 2018 By Kevin Skapinetz 3 min read
CISO
Intelligence & Analytics
Artificial Intelligence
Cloud Security
Incident Response

For today’s generation, there is arguably no greater challenge than cybercrime. From stealing private information and damaging reputations to crashing critical infrastructure and putting enterprises at risk, today’s cybercriminals are testing the limits of security and resiliency.

We all benefit from a more connected world, but we are all more vulnerable as well. It’s time for an urgent conversation about new and better ways to protect our families, institutions and societies.

Change the Game With Artificial Intelligence and Orchestration

There is more data, more devices and more computing power than ever before. This creates tremendous business opportunity, but it also makes the jobs of security professionals even harder. And you can’t simply hire more people to fill the gaps: Organizations of all sizes face a security skills shortage that is expected to reach 1.8 million jobs by 2022. There is far too much threat data for any individual or department to process, and the new information pouring in from thousands of security blogs and alerts each month only adds to the problem. We need a new approach.

Artificial intelligence (AI) strengthens defenses by ingesting enormous amounts of data — much of which would otherwise be invisible to humans — and using pattern analysis to identify the most pressing incidents. Speeding up your team’s ability to find threats and correlate data allows your security experts to focus on remediating real threats with speed, accuracy and at scale to protect your business. With AI’s help, we’ve seen analysts triage incidents 60 times faster, find insight in unstructured data and eliminate 98 percent of false positives.

A successful security program combines speed of detection with speed of response, allowing damage to be controlled with practice and preparation. A well-orchestrated team can act quickly because everyone knows their role and follows a documented, practiced approach. This coordination can mean the difference between becoming a headline and protecting your customers, your employees and your business.

Take an Integrated Approach to Security

Many organizations have deployed scores of discrete security and resiliency tools over the years, creating a disjointed patchwork of point solutions. These tools are not designed to work together, which means security teams have blindspots and spend time manually importing and exporting data as they seek insights.

We believe it’s time to look at this problem in a new, holistic way. Your security should work in a coordinated fashion like your immune system. An organized and integrated system of threat intelligence and endpoint, network, mobile, data and other security capabilities can quickly identify threats and take appropriate actions before attacks spread.

Collaboration among the private and public sectors, enterprises and security vendors is also required to effectively stop the spread of cyberattacks. In the same way health organizations share information about global pandemics, so should security professionals. By sharing threat information and new tools, organizations can adopt a pro-active approach to security operations.

Secure Digital Transformation

The cloud computing revolution is moving data and resources outside the enterprise. Almost half of data stored in the cloud is not controlled by IT, and 90 percent of enterprises are expected to use multiple cloud platforms by 2020. This enhances business flexibility but also creates new ways for cybercriminals to attack.

This digital transformation is an opportunity to transform security practices that are manual, static and reactive into a more standardized, automated and elastic approach. Look for advanced capabilities that allow you to:

  • Gain real-time visibility across multicloud or hybrid environments.
  • Control access to your data.
  • Protect data as it resides in your cloud infrastructure.

With the pace of change accelerating, make sure your cloud solution builds security in from the outset and is able to keep up with the fluid nature of your business.

Be Ready. Be Resilient.

While many companies have put business continuity and disaster recovery plans in place, most of those tactics haven’t kept up with the rapidly evolving cyberthreats. Few companies regularly test recovery systems, let alone dedicate time for teams to practice how to respond to a coordinated attack that could bring down corporate websites, email, directory services, voice communications and endpoint security controls at the same time.

Organizations that experience a cyberattack can incur costs of millions of dollars to recover, in addition to losses related to downtime, lost business and reputational damage. By having a security immune system that includes a resiliency and business continuity strategy encompassing protection, recovery and rapid response, you can reduce your risk.

Readiness and resiliency come from having a plan, practicing response strategies with your teams, testing your recovery strategy and orchestrating the whole process with automation.

Read the Ponemon Institute’s Third Annual Study on the Cyber Resilient Organization

 |  |  |  |  |  |  |  | 
Kevin Skapinetz
VP of Strategy and Product Design, IBM Security

More from CISO
April 9, 2024

Why security orchestration, automation and response (SOAR) is fundamental to a security platform

3 min read - Security teams today are facing increased challenges due to the remote and hybrid workforce expansion in the wake of COVID-19. Teams that were already struggling with too many tools and too much data are finding it even more difficult to collaborate and communicate as employees have moved to a virtual security operations center (SOC) model while addressing an increasing number of threats.  Disconnected teams accelerate the need for an open and connected platform approach to security . Adopting this type of…

April 2, 2024

The evolution of a CISO: How the role has changed

3 min read - In many organizations, the Chief Information Security Officer (CISO) focuses mainly — and sometimes exclusively — on cybersecurity. However, with today’s sophisticated threats and evolving threat landscape, businesses are shifting many roles’ responsibilities, and expanding the CISO’s role is at the forefront of those changes. According to Gartner, regulatory pressure and attack surface expansion will result in 45% of CISOs’ remits expanding beyond cybersecurity by 2027.With the scope of a CISO’s responsibilities changing so quickly, how will the role adapt…

February 21, 2024

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature