Over the weekend, I wrote a blog as to how Corporate America is overspending on security technologies that in the end, they may not really need. My hypothesis was that (and it still is) that many C-Level Execs simply think that throwing everything and including the proverbial kitchen sink will solve all of their security issues. However, this is far from reality. Adding more technologies just increases your attack surface even more.
In fact, according to a recent survey from IBM, the average Fortune 500 company makes use of over 80 Cyber based security solutions from 40 different vendors.
The solution here is to actually use fewer security technologies, but what is really required first is that the CIO or the CISO must first lead their teams to discover where the true vulnerabilities and risks lie in their lines of defense, and from there, then cherry pick what is needed (this will also lead to wiser spending as well).
In reaction to this, IBM has launched a new type of solution that t is called the “IBM Security Connect”. One of the primary goals here is to get away from using traditional closed source approach in terms of dealing with Cyber security, and instead, creating an open platform.
With this in mind, all sorts of vendors, software developers, and other types and kinds of Cyber security professionals can band together and create one unified solution that can be used by all. At the heart of this all is the use of Artificial Intelligence (AI). This platform could be considered as a continual work in progress, as people will still be contributing to it.
Probably one of the best advantages of this new solution offered by IBM is that it can be Cloud based, which will not only make it scalable to the unique security needs of each and every kind of organization, but it will even be made affordable to small mom and pop shops as well (because of the fixed, monthly pricing).
Since its recent launch, the Security Connect has garnered over a dozen customers, and so far, it seems to be well received overall by the security community. Its use of AI actually encompasses the use of additional sophisticated technologies, such as those of Neural Networks and Machine Learning.
Long story short, these kinds of technologies try to emulate the thinking process of the human brain – especially in regards of learning from past experiences, and using that to learn what to do in the future.
How does this all relate to Cyber security you might be asking? Well, at least with the machine learning aspect, the Secure Connect can learn what the signature profiles of the past malware have been like, “learn” about them, and from their try to make future predictions.
This can all be accomplished in a matter of minutes, versus the days and the weeks that it could a normal human being to calculate.
It is important to keep in mind that in order to do this, huge amounts of information and data are required to feed Secure Connect. This is also referred to as “Big Data”, and in some ways, is very similar to that of Data Warehousing, in which the goal is to use sophisticated predictive analytic tools to unearth hidden trends that would not normally be picked upon at first glance.
Also, by using the concepts of Machine Learning, IT Security teams will be able to triage Cyber threats in a much more effective and efficient manner.
IBM has a lot of advantages here when it comes to offering the Secure Connect. For example, they have Security Operations Centers (SOCs) on global basis, as well as its “Watson for Cyber Security” platform. The details on the latter can be seen at this link, below:
Collectively, all of them collect well over 1,000,000,000,000 security events on a monthly basis. It should also be noted that Secure Connect is not just exclusive to the private sector, even the Federal Government can gain access and use it as well.
In addition to its SOCs, IBM has also launched the “X-Force Command Cyber Tactical Operations Center”, also known as “C-TOC”. This is more of an incident response team, which will travel to other countries and provide training to other companies on how best to craft Incident Response Plans, and best practices for rehearsing them on a regular schedule.
My thoughts on this?
Personally, I think that it is great that IBM has come out with this new solution. Best of all, it incorporates the latest technologies into one cohesive platform at an affordable price. If this were to be offered as an On Premises solution, believe me, the price tag of Secure Connect would sky rocket, and only the Fortune 100 could afford it.
But, there are also the critics of this as well. They state that by having the platform in the Cloud, it will be more prone to Cyber attacks, etc. While there is no such thing as 100% security, having this platform reside in the Cloud will a lot more secure versus the IT Security staff of a business or a corporation trying to handle all of this.
Then the critics also state that by just using one tool to protect the circumference of your business, it is an all or none proposition. Meaning, if the Cyber attacker can gain access into it, your lines of defense will soon quickly evaporate. While this is true, the Cloud Providers have multiple layers of security built into their Cloud Infrastructures from actually happening.
But, being the C-Level Exec or the owner of your business, it is ultimately your responsibility to make sure that all safeguards are in place to make sure all is well and sound. Always keep in touch with your Cloud Provider to make sure you are comfortable with the security standards that they are putting in place.
The other thing I like about the Secure Connect is that it appears that whatever a business or corporation needs from the standpoint of security, it is all in one centralized location. So, there should not be any more need to double or even triple up on security technologies, thus saving you money to be used for other critical projects.
Finally, it is also important to keep in mind that the use of Artificial Intelligence and Machine Learning are not the “silver bullets” to fight off Cyber terrorism. They are tools that are to be used along with others so that your IT Security staff can make the best, informed decisions that are possible in order to protect your business.