IBM launches open security platform to protect multicloud hybrid environment

This is an issue that large and small businesses face around the world: blindness and cyber security waste of time. Now, IBM has developed Cloud Pak for Security, an open source-based platform for troubleshooting.

Imagine this: Your network security team receives a warning report reporting an intelligence threat about a malware attack against companies in your industry. It even lists suspicious IP addresses and network behaviors to track. But after investing hundreds of thousands or even millions of dollars in security tools to help overcome cybersecurity incidents, your analysts still have to spend hours manually searching in-store. dozens of locations or more to find out how your business is affected.

The process of responding to that problem if you are affected will require response efforts on many toolkits and teams. All of this requires a lot of time and manual effort from security teams to connect the dots between all their data and products, costing your organization and putting you at greater risk. .

The problem stems from the fragmentation in the security industry itself, according to Justin Youngblood, vice president of product development at IBM Security.

"Typical businesses may be using 50 or more security tools from dozens of different vendors," Youngblood said, adding that this makes their data aggregation and query a challenge. .

"That creates a lot of complexity, a lack of interoperability and a really slow approach to resolving security incidents," he added.

A new solution

To address this problem, IBM has spent more than a year developing Cloud Pak for Security, an innovative approach to solving the fragmented and complex challenge of cybersecurity.

Cloud Pak for Security is designed to act as a centralized security control center for multicloud hybrid businesses. This is a cybersecurity center that aggregates data and speeds up feedback with automated playbooks.

Organizations can easily and securely connect their data across cloud environments and on-premises infrastructure, regardless of the platform they choose to operate.

Cloud Pak for Security queries network security products across the organization, for the first time integrating that data into a centralized view so that cyber security staff can see 360-degree incidents and threats. first.

It does this without moving the original data or recreating use cases and analysis, which is a key requirement for customers, Youngblood said.

“Every business we talk to tells us that they cannot transfer all their confidential data to the public cloud or between clouds, for a variety of reasons, such as cost or compliance. prime - it cannot be done. Creating insights without moving data is fundamentally a game changer for the security industry, ”he added.

Cloud Pak for Security integrates this data using open technologies and standards that are contributed to the OASIS Open Cybersecurity Alliance. This initiative led by IBM and McAfee unites dozens of leading network security solution providers to work together on open technologies and data formats that are commonly agreed to convey incidents and data. Data threatens between security tools.

Cloud Pak for Security also addresses another challenge facing cybersecurity groups: the widespread adoption of cloud. The complexity involved in spreading products and data across multiple cloud environments worried 70% of cybersecurity professionals in a recent ISACA and CCMI survey.

IBM's new solution is cloud awareness, deployed as a Docker container, and collaborative support within Kubernetes. It runs on and integrates with Red Hat's open-source OpenShift container application platform. This makes it easy to deploy in many private or public cloud environments, providing organizations with a flexible consumption model.

Narrow the skills gap through coordination of response and automation
Cloud Pak for Security also reduces the workload of security groups in the context of ongoing security problems. 8 out of 10 security experts report that finding security skills in 2018 and 2019 is more difficult than in the previous year. That's part of the reason why, according to the ISACA survey, only 31% of companies can minimize the risk of being detected within a month.

Cloud Pak for Security helps network security professionals with limited resources by automating a range of tasks, from patching servers to blocking IP addresses or quarantining assets. The security platform allows businesses to coordinate their responses to hundreds of common security scenarios, guide users and provide quick access to appropriate data and security tools to investigate and act faster. By automating the security response and prioritizing group resources, it will reduce human error and make incident responses more consistent and predictable.

The next time there is a security threat, your analyst will not need to search manually in multiple security tools across your combined infrastructure. They can simply run a single query in Cloud Pak for Security to get a view of that threat on all connected tools and platforms and using out-of-the-box security. Playbook to respond effectively on cloud environments.

As cybersecurity risks increase with the complexity of the cloud, it is more important than ever for security professionals to get an accurate view of their crash data. Cloud Pak for Security provides a non-invasive option, provides intelligence on tools, and helps security teams respond to it more effectively.