In case you missed all the excitement yesterday, we proudly held two major events in Cambridge, Massachusetts, and Atlanta, Georgia, where we unveiled the new IBM X-Force Incident Response Intelligence Services (IRIS) team and told the world about our new global X-Force Command Centers and Cyber Range.

At both locations, we hosted industry and global thought leaders from government agencies, including the FBI and former counterterrorism leaders, as well as academia. We also hosted our own team of experts in incident response (IR) and managed security services (MSS).

Prepare, Prioritize and Respond

It’s straightforward and simple — we are addressing an important fact. It is critical that organizations prepare, prioritize and respond to the inevitability of a cyberbreach, whether at the hands of highly skilled and motivated external actors or insiders. We too often see the damages exponentially amplified by organizations that lack the proper planning and preparation to take precise and immediate actions when reactions are measured in minutes and hours. Failure to prepare often causes more damage than the attack itself.

Clients require innovation combined with expertise in world-class incident response and threat intelligence to detect, contain and prevent attacks quickly enough to minimize impact to customers and operations.

We’ve all heard about the catastrophic losses many organizations have faced. The key to reducing the impact of a breach is proactive planning and preparedness. Yesterday’s launch demonstrates IBM’s commitment to helping organizations address their cyberattack readiness and treat it from a multidimensional perspective.

1. Rehearsal and Crisis Leadership

With the rising need to organize and respond to cyberattacks such as distributed denial-of-service (DDoS) or ransomware, IT and security leaders need to train like any other defense force. Just like pilots use simulators to train for flight emergencies, the new IBM Cyber Range is designed to simulate a breach and help teams develop a more effective cyber resilience strategy and coordinated response plan.

The Cyber Range delivers simulations of common breaches and sophisticated attack scenarios that bring technical experts and executive decision-makers together, bridging a divide that often leaves organizations temporarily impaired when high-profile incidents occur. The simulation enables teams to practice and learn from their mistakes before they have to face a real breach. Through this type of practice, analysts can become adaptive. This alone can save a significant amount of time in response and investigation, which is often the most costly part of a breach.

2. Innovation in Detection and Response

The primary challenge for many organizations in dealing with a breach is often resources. Humans are limited in their ability to analyze and disseminate attack information and to share that information as fast as a network. Given the unprecedented speed and frequency with which cyberattacks are being leveled daily, organizations turn to MSS to combat the magnitude of data flooding their staff and systems.

The new IBM X-Force Command Centers are built to scale global collaboration and integration of intelligence, people and technology to help respond to threats in facilities across Europe, North America, South America and Asia-Pacific. On constant watch, X-Force Command Centers are capable of processing more than 35 billion security events daily for more than 4,500 clients across 133 countries.

Our analysts can now tap into Watson for Cyber Security, equipping them with rapid access to large amounts of data unlike any other security operations center on earth. This cognitive advancement represents an important enhancement in speed and data analysis.

Learn more about the Role of Cyber Ranges in Security Incident Response Planning

3. Expertise and Experience

Preparing a proactive and effective cyber resilience strategy can be an unnerving challenge for even the most experienced security teams, especially when developed in the absence of key executive decision-makers across the C-suite. And for those who have assembled a plan, a breach can still occur and take many by surprise.

Our newly unveiled X-Force Incident Response and Intelligence Services (IRIS) Team, under the leadership of Wendi Whitmore, brings expertise and services in threat intelligence and forensics to help organizations build comprehensive, proactive incident response, along with establishing threat intelligence and remediation strategies. According to a recent report, 94 percent of C-level executives believe there is some probability that their company will experience a significant cybersecurity incident in the next two years. They need to be prepared.

We think there are several strategies and approaches that can greatly affect the outcome of a future breach. With our investment in Resilient Systems earlier this year, combined with our commitment to growing our portfolio with the X-Force Command Centers, Cyber Range and IRIS Team, we are dedicated to helping organizations conquer the complexities of incident response and threat intelligence. Like any solid business continuity and disaster recovery plan, cyber resilience requires an investment in rigorous preparation, planning and testing. That way, in moments of chaos, the cool and collected prevail.

More from X-Force

CVE-2023-20078 technical analysis: Identifying and triggering a command injection vulnerability in Cisco IP phones

7 min read - CVE-2023-20078 catalogs an unauthenticated command injection vulnerability in the web-based management interface of Cisco 6800, 7800, and 8800 Series IP Phones with Multiplatform Firmware installed; however, limited technical analysis is publicly available. This article presents my findings while researching this vulnerability. In the end, the reader should be equipped with the information necessary to understand and trigger this vulnerability.Vulnerability detailsThe following Cisco Security Advisory (Cisco IP Phone 6800, 7800, and 8800 Series Web UI Vulnerabilities - Cisco) details CVE-2023-20078 and…

X-Force data reveals top spam trends, campaigns and senior superlatives in 2023

10 min read - The 2024 IBM X-Force Threat Intelligence Index revealed attackers continued to pivot to evade detection to deliver their malware in 2023. The good news? Security improvements, such as Microsoft blocking macro execution by default starting in 2022 and OneNote embedded files with potentially dangerous extensions by mid-2023, have changed the threat landscape for the better. Improved endpoint detection also likely forced attackers to shift away from other techniques prominent in 2022, such as using disk image files (e.g. ISO) and…

Widespread exploitation of recently disclosed Ivanti vulnerabilities

6 min read - IBM X-Force has assisted several organizations in responding to successful compromises involving the Ivanti appliance vulnerabilities disclosed in January 2024. Analysis of these incidents has identified several Ivanti file modifications that align with current public reporting. Additionally, IBM researchers have observed specific attack techniques involving the theft of authentication token data not readily noted in current public sources. The blog details the results of this research to assist organizations in protecting against these threats. Key Findings: IBM research teams have…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today