For today’s generation, there is arguably no greater challenge than cybercrime. From stealing private information and damaging reputations to crashing critical infrastructure and putting enterprises at risk, today’s cybercriminals are testing the limits of security and resiliency.
We all benefit from a more connected world, but we are all more vulnerable as well. It’s time for an urgent conversation about new and better ways to protect our families, institutions and societies.
Change the Game With Artificial Intelligence and Orchestration
There is more data, more devices and more computing power than ever before. This creates tremendous business opportunity, but it also makes the jobs of security professionals even harder. And you can’t simply hire more people to fill the gaps: Organizations of all sizes face a security skills shortage that is expected to reach 1.8 million jobs by 2022. There is far too much threat data for any individual or department to process, and the new information pouring in from thousands of security blogs and alerts each month only adds to the problem. We need a new approach.
Artificial intelligence (AI) strengthens defenses by ingesting enormous amounts of data — much of which would otherwise be invisible to humans — and using pattern analysis to identify the most pressing incidents. Speeding up your team’s ability to find threats and correlate data allows your security experts to focus on remediating real threats with speed, accuracy and at scale to protect your business. With AI’s help, we’ve seen analysts triage incidents 60 times faster, find insight in unstructured data and eliminate 98 percent of false positives.
A successful security program combines speed of detection with speed of response, allowing damage to be controlled with practice and preparation. A well-orchestrated team can act quickly because everyone knows their role and follows a documented, practiced approach. This coordination can mean the difference between becoming a headline and protecting your customers, your employees and your business.
Take an Integrated Approach to Security
Many organizations have deployed scores of discrete security and resiliency tools over the years, creating a disjointed patchwork of point solutions. These tools are not designed to work together, which means security teams have blindspots and spend time manually importing and exporting data as they seek insights.
We believe it’s time to look at this problem in a new, holistic way. Your security should work in a coordinated fashion like your immune system. An organized and integrated system of threat intelligence and endpoint, network, mobile, data and other security capabilities can quickly identify threats and take appropriate actions before attacks spread.
Collaboration among the private and public sectors, enterprises and security vendors is also required to effectively stop the spread of cyberattacks. In the same way health organizations share information about global pandemics, so should security professionals. By sharing threat information and new tools, organizations can adopt a pro-active approach to security operations.
Secure Digital Transformation
The cloud computing revolution is moving data and resources outside the enterprise. Almost half of data stored in the cloud is not controlled by IT, and 90 percent of enterprises are expected to use multiple cloud platforms by 2020. This enhances business flexibility but also creates new ways for cybercriminals to attack.
This digital transformation is an opportunity to transform security practices that are manual, static and reactive into a more standardized, automated and elastic approach. Look for advanced capabilities that allow you to:
- Gain real-time visibility across multicloud or hybrid environments.
- Control access to your data.
- Protect data as it resides in your cloud infrastructure.
With the pace of change accelerating, make sure your cloud solution builds security in from the outset and is able to keep up with the fluid nature of your business.
Be Ready. Be Resilient.
While many companies have put business continuity and disaster recovery plans in place, most of those tactics haven’t kept up with the rapidly evolving cyberthreats. Few companies regularly test recovery systems, let alone dedicate time for teams to practice how to respond to a coordinated attack that could bring down corporate websites, email, directory services, voice communications and endpoint security controls at the same time.
Organizations that experience a cyberattack can incur costs of millions of dollars to recover, in addition to losses related to downtime, lost business and reputational damage. By having a security immune system that includes a resiliency and business continuity strategy encompassing protection, recovery and rapid response, you can reduce your risk.
Readiness and resiliency come from having a plan, practicing response strategies with your teams, testing your recovery strategy and orchestrating the whole process with automation.
Read the Ponemon Institute’s Third Annual Study on the Cyber Resilient Organization
VP of Strategy and Product Design, IBM Security
Kevin Skapinetz is Vice President of Strategy and Product Design for IBM Security. He’s responsible for the overall strategic direction for IBM’s portfol...