Top 7 risks to your identity security posture

Detecting and remediating identity misconfigurations and blind spots is critical to an organization’s identity security posture especially as identity has become the new perimeter and a key pillar of an identity fabric. Let’s explore what identity blind spots and misconfigurations are, detail why finding them is essential, and lay out the top seven to avoid.

What are the most critical risks to identity security? Identity misconfigurations and identity blind spots stand out as critical concerns that undermine an organization’s identity security posture.

An identity misconfiguration occurs when identity infrastructure and systems are not configured correctly. This can result from administrative error, or from configuration drift, which is the gradual divergence of an organization’s identity and access controls from their intended state, often due to unsanctioned changes or updates.

Identity blind spots are risks that are overlooked or not monitored by an organization’s existing identity controls, leaving undetected risks that threat actors might exploit.

Why is finding these risks important?

Traditionally, security measures focus on fortifying an organization’s network perimeter by building higher “walls” around its IT resources. However, the network perimeter has become less relevant with the adoption of cloud computing, SaaS services and hybrid work. In this new landscape, full visibility and control of the activities of both human and machine identities is crucial for mitigating cyberthreats.

Both research and real-world incidents where a compromised identity served as the attacker’s initial entry point validate the need to secure identities. The Identity Defined Security Alliance’s most recent research found that 90% of organizations surveyed have experienced at least one identity-based attack in the past year.

Meanwhile, the latest Threat Intelligence Index Report validated what many of us in the industry already knew: Identity has become the leading attack vector. The 2024 report showed a 71% increase in valid identities used in cyberattacks year-over-year. Organizations are just as likely to have a valid identity used in a cyberattack as they are to see a phishing attack. This is despite significant investments in infrastructure security and identity access and management solutions. Hackers don’t hack in; they log in.

One notable recent example of an identity-based attack is the Midnight Blizzard attack disclosed in January 2024. Based on what has been published about the attack, the malicious actors carried out a password spray attack to compromise a legacy nonproduction test tenant account. Once they gained a foothold through a valid account, they used its permissions to access a small percentage of the company’s corporate email user accounts. They might then exfiltrate sensitive information, including emails and attached documents.

What are the top seven risks to an organization’s identity security posture to avoid?

To stay one step ahead of identity-related attacks, identity and security teams should proactively improve their identity security posture by finding and remediating these common identity misconfigurations and blind spots. These are the key risks organizations should take steps to avoid:

Missing multi-factor authentication (MFA)

The US Cybersecurity and Infrastructure Security Agency (CISA) consistently urges organizations to implement MFA for all users and all services to prevent unauthorized access. Yet, achieving this goal can prove challenging in the real world. The complexity lies in configuring multiple identity systems, such as an organization’s Identity Provider and MFA system. Along with hundreds of applications’ settings to enforce MFA for thousands of users and groups. When not configured correctly, it can lead to a scenario where MFA is not enforced due to accidental omission or gaps in session management.

Password hygiene

Effective password hygiene is crucial to an organization’s identity security posture, but common identity misconfigurations frequently undermine password quality and increase the risk of data breaches. Allowing weak or commonly used passwords facilitates unauthorized access through simple guessing or brute force attacks.

Strong but default passwords can make password spray attacks easier. Using outdated password hash algorithms like SHA-1, MD4, MD5, RC2 or RC4, which can be quickly decoded, further exposes user credentials. Also, inadequate salting of passwords weakens their defense against dictionary and rainbow table attacks, making them easier to compromise.

Bypass of critical identity and security systems

Organizations deploy Privileged Access Management (PAM) systems to control and monitor access to privileged accounts, such as domain administrator and admin-level application accounts. PAM systems provide an extra layer of security by storing the credentials to privileged accounts in a secure vault and brokering access to protected systems via a proxy server or bastion host.

Unfortunately, PAM controls can be bypassed by resourceful admins or threat actors if not configured correctly, significantly reducing the protection they should provide. A similar problem can occur when users bypass zero trust network access (ZTNA) systems due to initial configuration issues or configuration drift over time.

Shadow access

Shadow access is a common blind spot in an organization’s identity security posture that can be difficult for organizations to discover and correct. Shadow access is when a user retains unmanaged access via a local account to an application or service for convenience or to speed up troubleshooting. Local accounts typically rely on static credentials, lack proper documentation and are at higher risk of unauthorized access. A local account with high privileges such as a super admin account is especially problematic.

Shadow assets

Shadow assets are a subset of shadow IT and represent a significant blind spot in identity security. Shadow assSets are applications or services within the network that are “unknown” to Active Directory or any other Identity Provider. This means that their existence and access are not documented or controlled by an organization’s identity systems, and these assets are only accessed by local accounts. Without integration into Active Directory or any other Identity Provider, these assets do not adhere to an organization’s established authentication and authorization frameworks. This makes enforcing security measures such as access controls, user authentication and compliance checks challenging. Therefore, shadow assets can inadvertently become gateways for unauthorized access.

Shadow identity systems

Shadow identity systems are unauthorized identity systems that might fall under shadow assets but are called out separately given the risk they pose to an organization’s identity security posture. The most common shadow identity system is the use of unapproved password managers.

Given the scope of their role, software development teams can take things further by implementing unsanctioned secret management tools to secure application credentials and even standing up their own Identity Providers. Another risky behavior is when developers duplicate Active Directory for testing or migration purposes but neglect proper disposal, exposing sensitive employee information, group policies and password hashes.

Forgotten service accounts

A service account is a type of machine identity that can perform various actions depending on its permissions. This might include running applications, automating services, managing virtual machine instances, making authorized API calls and accessing resources. When service accounts are no longer in active use but remain unmonitored with permissions intact, they become prime targets for exploitation. Attackers can use these forgotten service accounts to gain unauthorized access, potentially leading to data breaches, service disruptions and compromised systems, all under the radar of traditional identity security measures.

Adopt identity security posture management (ISPM) to reduce risk

Identity and access management (IAM) systems such as Active Directory, Identity Providers and PAM typically offer limited capabilities to find identity misconfigurations and blind spots that lead to a poor identity security posture. These identity security solutions typically don’t collect the necessary telemetry to identify these issues. This requires collecting and correlating data from multiple sources, including identity system log data, network traffic, cloud traffic and remote access logs.

That is why identity and security teams implement ISPM solutions such as IBM® Verify Identity Protection to discover and remediate identity exposures before an attacker can exploit them. IBM can help protect all your identities and identity fabric by using logs already in your security information and event management (SIEM) solutions or deploying IBM Verify Identity Protection sensors. IBM delivers fast time to value with unmatched visibility into identity activities in the first hours after deployment.

Source: ibm.com

Continue reading

Simplifying IAM through orchestration

The recent validated what many of us in the industry already knew: Identity has become the leading attack vector. The 2024 report showed a 71% increase in valid identities used in cyberattacks year-over-year. What really puts it into perspective is the realization that you are just as likely to have your valid identity used in a cyberattack as you are to see a phishing attack in your organization. Hackers don’t hack in; they log in.

The risk of valid identities being used as the entry point by bad actors is expected to continue with the ever-increasing applications and systems being added in today’s hybrid environments. We are finding an overwhelming majority of organizations are choosing to use different identity vendors that offer the best capability for each use case, instead of consolidating with one vendor. The use of various identity tools is further compounded with managing access to your legacy application infrastructure, integrating new users during mergers and acquisitions. The hybrid reality has also led to an inconsistent user experience for your workers, partners and customers, an increased risk of identity-based attacks, and added an additional burden on your admins. 

To solve the identity challenges created by today’s hybrid environments, businesses need a versatile solution that complements existing identity solutions while effectively integrating various identity and access management (IAM) silos into a cohesive whole. Solutions that help create a consistent user experience for your workers, partners and customers across all applications and systems. Organizations and industry analysts refer to this connected IAM infrastructure as an Identity fabric. Organizations have begun to move toward connecting multiple IAM solutions through a common identity fabric.

Securing the digital journey

To protect the integrity of digital user journeys, organizations use a range of tools spanning bot mitigation, identity verification and affirmation, user authentication, authorization, fraud detection and adjacent capabilities such as risk analytics and access management. Building and maintaining these integrations is complex and carries an operational overhead regarding time and resources. These various tools don’t easily interconnect and don’t generate standardized types of signals. As a result, the interpretation of the varied risk signals is siloed across different events along the digital user journey. This lack of an integrated approach to managing risk along the digital user journey hinders the adoption of continuous adaptive trust principles and adds undue risk into the system. Various, disconnected identity tools prohibit you from creating that consistent user experience and security controls. Orchestration solutions improve the efficacy and efficiency of risk management along digital user journeys.

Identity orchestration

Identity and access management projects are complex enough with many taking 12-18 months. They require skilled staff to solve today’s identity challenges such as integrating IAM silos together and modernizing access to legacy applications. Many of the solutions out there are not helpful and actually create more vendor lock-in. What is really needed is an open integration ecosystem that allows for flexibility and integrations that are simple and require fewer skills to accomplish. This is where an identity fabric and identity orchestration come into play. Orchestration is the critical component and the integration glue for an identity fabric. Without it, building an identity fabric would be resource-intensive and costly. Orchestration allows more intelligent decision-making and simplifies everything from onboarding to offboarding and enables you to build consistent security policies. Identity orchestration takes the burden off your administrators by quickly and easily automating processes at scale. This enables consistent, frictionless user experiences, while improving identity risk posture, and helping you avoid vendor lock-in. 

Benefits of identity orchestration

Design consistent, frictionless user experiences

Identity orchestration enables you to streamline consistent and frictionless experiences for your workers, partners and customers across the entire identity lifecycle. From account creation to login to passwordless authentication using passkeys to account management, makes it easy to orchestrate identity journeys across your identity stack, facilitating a frictionless experience. IBM’s identity orchestration flow designer enables you to build consistent, secure authentication journeys for users regardless of the application. These journeys can be built effortlessly with low-code, no-code orchestration engines to simplify administrative burden.

Fraud and risk protection

Orchestration allows you to combine fraud signals, decisions and mitigation controls, such as various types of authenticators and identity verification technologies. You can clearly define how trusted individuals are granted access and how untrusted users are mitigated with security authentication. This approach overlays a consistent and continuous overlaying risk and fraud context across identity journey. IBM Security® Verify orchestration allows you to bring together fraud and risk signals to detect threats. It also provides native, modern and strong phishing-resistant risk-based authentication to all applications, including legacy apps, with drag-and-drop work-flows.

Avoid vendor lock-in with identity-agnostic modernization

Organizations have invested in many existing tools and assets across their IAM stack. This can range from existing directories to legacy applications to existing fraud signals, to name a few. IBM Security Verify identity orchestration enables organizations to bring their existing tools to apply consistent, continuous and contextual orchestration across all identity journeys.It enables you to easily consolidate and unify directories, modernize legacy applications and streamline third-party integration for multifactor authentication (MFA), and risk and notification systems

Leverage IBM Security Verify

IBM Security Verify simplifies IAM with orchestration to reduce complexity, improves your identity risk posture, and simplifies the user journey by enabling you to easily integrate multiple identity system providers (IdPs) across hybrid environments through low-code or no-code experiences.

IBM provides identity-agnostic modernization tools enabling you to manage, migrate and enforce consistent identity security from one IAM solution to another while complementing your existing identity tools. By consolidating user journeys and policies, you can maintain security consistency across all systems and applications, creating frictionless user experiences and security controls across your entire identity landscape.

Source: ibm.com

Continue reading

IBM researchers to publish FHE challenges on the FHERMA platform

To foster innovation in fully homomorphic encryption (FHE), IBM researchers have begun publishing challenges on the FHERMA platform for FHE challenges launched in late 2023 by Fair Math and the OpenFHE community.

FHE: A new frontier in technology

Fully homomorphic encryption is a groundbreaking technology with immense potential. One of its notable applications lies in enhancing medical AI models. By enabling various research institutes to collaborate seamlessly in the training process, FHE opens doors to a new era of possibilities. The ability to process encrypted data without decryption marks a pivotal advancement, promising to revolutionize diverse fields.

IBM has been working to advance the domain of FHE for 15 years, since IBM Research scientist Craig Gentry introduced the first plausible fully homomorphic scheme in 2009. The “bootstrapping” mechanism he developed cleans and reduces the amount of “noise” in encoded information, which made possible the widespread use of FHE commercially.

Progress in FHE

FHE has experienced significant progress since the introduction of its first scheme. The transition from theoretical frameworks to practical implementations has been marked by countless issues that need to be addressed. While there are already applications that are using FHE, the community is constantly improving and innovating the algorithms to make FHE more popular and applicable to new domains.

Fostering innovation through challenges

The FHERMA platform was built to incentivize innovation in the FHE domain. Various challenges can be seen on the FHERMA site. The challenges are motivated by problems encountered by real-world machine learning and blockchain applications.

Solutions to challenges must be written by using known cryptographic libraries such as openFHE. The developers can also use higher-level libraries such as IBM’s HElayers to speed up their development and easily write robust and generic code.

The best solutions to the various challenges will win cash prizes from Fair Math, alongside contributing to the FHE community. Winners will also be offered the opportunity to present their solutions in a special workshop currently being planned.

The goal of the challenges is to foster research, popularize FHE, and develop cryptographic primitives that are efficient, generic, and support different hyperparameters (for example, writing matrix multiplication that is efficient for matrices of dimensions 1000×1000 and 10×10). This aligns with IBM’s vision for privacy-preserving computation by using FHE.

Driving progress and adoption

Introducing and participating in challenges that are listed on the FHERMA site is an exciting and rewarding way to advance the extended adoption of FHE, while helping to move development and research in the domain forward. We hope you join us in this exciting endeavor on the FHERMA challenges platform.

Teams and individuals who successfully solve the challenges will receive cash prizes from Fair Math. More importantly, the innovative solutions to the published challenges will help move the FHE community forward—a longstanding goal for IBM.

Source: ibm.com

Continue reading

Leveraging CISA Known Exploited Vulnerabilities: Why attack surface vulnerability validation is your strongest defense

With over 20,000 Common Vulnerabilities and Exposures (CVEs) being published each year, the challenge of finding and fixing software with known vulnerabilities continues to stretch vulnerability management teams thin. These teams are given the impossible task of driving down risk by patching software across their organization, with the hope that their efforts will help to prevent a cybersecurity breach. Because it is impossible to patch all systems, most teams focus on remediating vulnerabilities that score highly in the Common Vulnerability Scoring System (CVSS)—a standardized and repeatable scoring system that ranks reported vulnerabilities from most to least critical.

However, how do these organizations know that focusing on software with the highest scoring CVEs is the right approach? While it’s nice to be able to report to executives about the number or percentage of critical severity CVEs that have been patched, does that metric actually tell us anything about the improved resiliency of their organization? Does reducing the number of critical CVEs significantly reduce the risk of a breach? The answer is that, in theory, the organization is reducing the risk of a breach—but, in practice, it’s impossible to know for sure.

CISA Known Exploited Vulnerabilities to strengthen cybersecurity resilience 

The Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities (KEV) program was formed as a result of the desire to shift efforts away from focusing on theoretical risk and toward reducing breaches. CISA strongly advises that organizations should regularly review and monitor the Known Exploited Vulnerabilities catalog and prioritize remediation. By maintaining an updated list, CISA aims to provide an “authoritative source of vulnerabilities that have been exploited in the wild” and empower organizations to mitigate potential risks effectively in order to stay one step ahead in the battle against cyberattacks.

CISA has managed to find needles in a haystack by narrowing the list of CVEs that security teams should focus on remediating, down from tens-of-thousands to just over 1,000 by focusing on vulnerabilities that:

• Have been assigned a CVE ID
• Have been actively exploited in the wild
• Have a clear remediation action, such as a vendor-provided update

This reduction in scope allows overwhelmed vulnerability management teams to deeply evaluate software running in their environment that has been reported to contain actively exploitable vulnerabilities because they are proven attack vectors—and therefore, the most likely sources of a breach.

Shifting from traditional vulnerability management to risk prioritization 

With a smaller list of vulnerabilities from CISA KEV driving their workflows, it has been observed that security teams are spending less time on patching software (a laborious and low-value activity) and more time understanding their organization’s resiliency against these proven attack vectors. In fact, many vulnerability management teams have swapped patching for testing to determine if:

• These vulnerabilities from CISA KEV can be exploited in software in their environment.
• The compensating controls they have put in place are effective at detecting and blocking breaches. This allows teams to understand the real risk facing their organization while simultaneously assessing if the investments they have made in security defense solutions are worthwhile. 

This shift toward testing the exploitability of vulnerabilities from the CISA KEV catalog is a sign that organizations are maturing from traditional vulnerability management programs into Continuous Threat Exposure Management (CTEM)—a term coined by Gartner—programs which “surface and actively prioritize whatever most threatens your business.” This focus on validated risk instead of theoretical risk means that teams are acquiring new skills and new solutions to help support the execution of exploits across their organization.

The importance of ASM in gathering continuous vulnerability intelligence

An attack surface management (ASM) solution provides a comprehensive view of an organization’s attack surface and helps you clarify your cyber risk with continuous asset discovery and risk prioritization. 

Continuous testing, a key pillar of CTEM, states that programs must “validate how attacks might work and how systems might react” with a goal of ensuring that security resources are focusing their time and energy on the threats that matter most. In fact, Gartner asserts that “organizations that prioritize based on a continuous threat exposure management program will be three times less likely to suffer a breach.”

Maturing our cybersecurity defense mindset to CTEM programs represents a significant improvement over traditional vulnerability management programs because it gets defenders tackling the issues that are most likely to lead to a breach. And stopping breaches should be the goal because the average cost of a breach keeps rising. The costs increased by 15% over the last three years to USD 4.45 million according to the Cost of a Data Breach report by IBM. So, as qualified resources continue to be hard to find and security budgets become tighter, consider giving your teams a narrower focus, such as vulnerabilities in the CISA KEV, and then arm them with tools to validate exploitability and assess the resiliency of your cybersecurity defenses. 

Verifying exploitable vulnerabilities with the IBM Security Randori 

IBM Security Randori is an attack surface management solution that is designed to uncover your external exposures through the lens of an adversary. It performs continuous vulnerability validation across an organization’s external attack surface and reports on any vulnerabilities that can be exploited.

Figure 1. Randori’s risk-based priority algorithm helps prioritize top targets and shares adversarial insights you need to determine impact and risk 

In December 2019, Armellini Logistics was the target of a sophisticated ransomware attack. While the company quickly and successfully recovered from the attack, it was determined to adopt a more proactive approach to prevention moving forward. With Randori Recon, Armellini has been able to gain deeper visibility into external risk and ensure that the company’s asset and vulnerability management systems are updated as new cloud and SaaS applications come online. Increasingly, Armellini has been using Randori Recon’s target temptation analysis to triage and prioritize which vulnerabilities to patch. With this insight, the Armellini team has helped to reduce the company’s risk without impacting business operations. 

Figure 2: Randori helps confirm whether CVEs exist on your external attack surface and are exploitable 

The vulnerability validation feature goes beyond typical vulnerability management tools and programs by verifying the exploitability of a CVE, such as CVE-2023-7992, a zero-day vulnerability in Zyxel NAS devices that was discovered and reported by the IBM X-Force Applied Research team. This verification helps reduce noise and allows customers to act on real—not theoretical—risks and determine if mitigation or remediation efforts were successful by re-testing.

Source: ibm.com

Continue reading

How Krista Software helped Zimperium speed development and reduce costs with IBM Watson

Successful businesses are embracing the power of AI to help streamline operations, generate insights, boost productivity and drive more value for clients. However, for many enterprises, the barrier to entry for integrating trustworthy, scalable and transparent AI remains high. In fact, 80% of enterprise AI projects never make it out of the lab.

So how do businesses that want to incorporate AI move forward when there is such a high level of difficulty? Many have turned to IBM’s portfolio of AI offerings, which provides pre-trained AI models that can be integrated into existing applications to improve process efficiency, enabling organizations to direct their resources to more valuable tasks.

Krista Software is an example of how IBM enables business partners to integrate IBM’s embeddable AI software portfolio in their offerings as a cost-effective and risk-averse way to help clients benefit from AI technology without needing to build the infrastructure from the ground up.

The challenge of staying one step ahead in mobile security 

Dallas-based Zimperium provides a mobile-first security platform purpose-built for enterprise environments. With machine learning-based protection through a single platform, Zimperium offers customers mobile threat defense and in-app protection. To provide continuous and persistent security for customers, Zimperium relies upon timely software releases to remain one step ahead of emerging threats on corporate and user-owned mobile devices. However, until recently, their software deployment process was time-consuming, requiring a lot of human interaction.

For example, Zimperium maintains hundreds of software environments on any given day, and their engineers must run multiple releases — which include patches, updates and hard fixes — through an entire deployment cycle for each of those environments. Every release undergoes a rigorous approval cycle that involves high-touch coordination between customer success and pre-sales teams. Once the software is approved, engineers deploy and apply each release to all environments. With thousands of deployments each year, many taking up to 3 weeks, Zimperium turned to Krista Software to help streamline its process.

Krista Software helps Zimperium automate operations with IBM Watson 

Vamsi Kurukuri, VP of Site Reliability at Zimperium, developed a strategy to remove roadblocks and pain points in Zimperium’s deployment process. He then selected Krista’s AI-powered intelligent automation platform to optimize Zimperium’s project management suite, messaging solutions, development and operations (DevOps). Krista’s platform uses machine learning and IBM Watson NLP, allowing Zimperium engineers to “Ask Krista” for a business outcome, streamlining tasks such as creating IT tickets, sending notifications to eligible team members and sending reminders when approvals are needed, enabling Krista to own the outcome for each deployment cycle.

The Krista platform follows each ticket throughout the development cycle, ensures every step is adhered to, and that the right software is ready to be deployed to the right servers at the right time. Once all parties approve the release, Krista then deploys it. With Krista, Zimperium automated its software deployment process, reducing a 4+ hour manual process to mere minutes, across hundreds of environments. This improvement led to over USD 200,000 in savings and empowered Zimperium’s engineers and developers to focus on what they do best: developing secure software for their clients.

Powering change: IBM’s embeddable AI software portfolio 

With the support of Krista Software, Zimperium automated its entire scheduling and deployment process in less than two months, helping them release updates faster, address human error and regulatory requirements, improve efficiency and reduce risk with no data science and coding requirements. Zimperium saw significant cost savings and increased efficiency as it helped protect its clients against both known and unknown cybersecurity threats.

Building on the success delivered in less than 60 days, Krista and Zimperium are entering the next phase of the relationship, in which Krista will use IBM Watson to help optimize Zimperium’s order-to-cash process and automate its international customer support. Krista also plans to continue to deepen its work with IBM, including exploring the upcoming IBM watsonx AI and data platform, to help clients like Zimperium unlock AI’s true potential.

Source: ibm.com

Continue reading

Securing the open source software supply chain

Cybersecurity incidents are among the greatest threats facing organizations today. In the wake of recent high-profile software supply chain attacks, the US Federal government has taken bold action to strengthen the country’s cyber resilience. On 12 May 2021, President Biden issued a widely anticipated Executive Order on Improving the Nation’s Cybersecurity, which calls for stringent new security guidelines for software sold to the federal government, and has wide-ranging implications that will ripple across the entire software market.

Despite the troubling frequency of malicious attacks, most organizations still have only a partial view of the make-up of their software applications. This partial knowledge leaves them exposed to unknown software component vulnerabilities and hampers any response efforts.

Anaconda asked about open source security in our 2021 State of Data Science survey, and the results were surprising:

◉ 87% of respondents said they use open source software in their organization.

◉ 25% are not securing their open source pipeline.

◉ 20% did not report any knowledge about open source package security.

We also found that in organizations that aren’t using open source software today, the most common barrier to entry is security concerns, including fear of common vulnerabilities and exposures (CVE), potential exposures, or risks. It’s no secret that open source software is key to accelerating the development of new business ideas—not only by saving time, but by allowing greater collaboration and assembling more minds to solve for some of the world’s toughest challenges.  With the increased visibility and involvement from third parties, however, these benefits come with exposure to potential risk. IT departments need solutions that support innovation but also provide governance to mitigate the damage from any attack or exposure.

Providing security and trust in open source

CVE matching and remediation information enables an organization to build a secure supply chain tailored to their unique needs and policies. For example, one foundational cybersecurity practice is to consult CVE databases and scores regularly to guard against the risk of using vulnerable packages and binaries in applications. Anaconda Repository for IBM Cloud Pak® for Data automates this process by allowing IT security administrators to filter access to packages and files against a curated database of known vulnerabilities. This effort-saving feature frees developers and data science teams to focus on building models.

Collaborating to confront risks head-on

The Executive Order includes many additional steps to improve cybersecurity, such as providing a software bill of materials (SBOM) that enables potential software consumers to know exactly how something is developed. These additional steps are essential for mitigating the many malicious cyber campaigns aimed at gathering critical information and disrupting operations across the nation. As society continues to become more and more technologically driven, vulnerabilities are inevitable. However, a spirit of transparency and collaboration—when combined with the right tools—will help enterprises guard against potential breaches and hacks to their systems, so they can continue to innovate and safely collaborate in the open source ecosystem.

Anaconda Repository for IBM Cloud Pak for Data helps organizations identify vulnerabilities and enables greater control over open source packages in use by allowing admins to block or safelist packages based on IT policies and CVE scores.

Source: ibm.com

Continue reading

Data resilience and storage — a primer for your business

Data resilience has become increasingly vital to modern businesses. Your ability to protect against and recover from malicious attacks and other outages greatly contributes to your business success. Resilient primary storage is a core component of data resilience, but what is it exactly?

Read on to get answers to important questions about data resilience and to see how resilient primary storage for your data can help your business thrive.

What is data resilience?

Data resilience is the ability to protect against and recover quickly from a data-destructive event, such as a cyberattack, data theft, disaster, failure or human error. It’s an important component of your organization’s overall cyber resilience strategy and business continuity plan.

Keeping your data — and your entire IT infrastructure — safe in the event of cyberattack is crucial. A 2020 report by Enterprise Strategy Group found that 60% of enterprise organizations experienced ransomware attacks in the past year and 13% of those organizations experienced daily attacks. Each data breach, according to the Ponemon Institute, can cost an average of  USD 3.86 million. By 2025, cybercrime costs are estimated to reach USD 10.5 trillion annually, according to Cybersecurity Ventures.

In addition to combating malicious attacks, data resilience is vital to preventing data loss and helping you recover from natural disasters and unplanned failures. Extreme weather events such as floods, storms and wildfires are increasing in number and severity, and affect millions of people and businesses all over the world each year. In 2018, the global economic stress and damage from natural disasters totaled USD 165 billion, according to the World Economic Forum in their 2020 Global Risks Report.

While the first order of business is to prevent data-destructive events from occurring, it’s equally important to be able to recover when the inevitable happens and an event, malicious or otherwise, takes place.

Your preparedness and ability to quickly respond hinges on where you are storing your primary data. Is the solution resilient? Ensuring your data stays available to your applications is the primary function of storage. So, what are the characteristics of resilient primary storage that can help?

5 characteristics of a resilient storage solution

A resilient storage solution provides flexibility and helps you leverage your infrastructure vendors and locations to create operational resiliency – achieving data resilience in the data center and across virtualized, containerized and hybrid cloud environments.

Characteristics of resilient primary storage include:

1. 2-site and 3-site replication: capable of traditional 2-site and 3-site replication configurations – on premises, on cloud, or hybrid – using your choice of synchronous or asynchronous data communication. This gives you confidence that your data can survive a localized disaster with very little or no data loss, also known as recovery point objective (RPO).

2. High availability: the ability to gain access to your data quickly, in some cases immediately, which is also known as recovery time objective (RTO). Resilient storage has options for immediate failover access to data at remote locations. Not only does your data survive a localized disaster, but your applications have immediate access to alternate copies as if nothing ever happened.

3. Enhanced high availability: multi-platform support. This means RPO/RTO options available regardless of your choice in primary storage hardware vendors or public cloud providers.

4. Immutable copy: making copies that are logically air-gapped from the primary data, and further making that copy unchangeable, or immutable, in the event your primary data copy becomes infected.

5. Encryption: protecting your data from bad actors and guarding against prying eyes or outright data theft.

How can I ensure my organization has data resilience?

Many organizations have a mix of different on-premises storage vendors or have acquired storage capacity over time, meaning they have different generations of storage systems. Throw in some cloud storage for a hybrid environment and you may find it quite difficult to deliver a consistent approach to data resilience.

A first step is modernizing the storage infrastructure you already have. Fortunately, this is not something that requires you wait for a lease to expire or for data growth to drive a new hardware purchase. You can get started right away with software-defined storage from IBM on your existing storage from most any vendor.

IBM FlashSystem® and IBM SAN Volume Controller, both built with IBM Spectrum Virtualize software, will include a Safeguarded Copy function that creates immutable (read-only) copies of your data to protect against ransomware and other threats. This functionality is also available on IBM Storage for mainframe systems.

Additionally, you can combine the data resilience capabilities of IBM FlashSystem and IBM Spectrum® Protect Plus to create a highly resilient IT infrastructure for on-premises, cloud and containerized environments. IBM Spectrum Protect Plus is available at a special rate when purchasing a FlashSystem 5000 or 5200.

Source: ibm.com

Continue reading

Extend privacy assurance in hybrid cloud with IBM Hyper Protect Data Controller

As IBM CEO Arvind Krishna has stated, data breaches and ransomware attacks such as the recent attack on Colonial Pipeline are increasing in frequency and scope, making data protection and privacy more critical than ever. According to a recent study conducted by Ponemon and commissioned by IBM, customers’ personally identifiable information (PII) was the most frequently compromised type of record, impacted in 80% of the data breaches studied. At the same time, many enterprises are adopting hybrid cloud architectures to help them increase agility and drive innovation. In today’s threat landscape, sharing data across a hybrid cloud environment introduces new challenges around maintaining compliance and governance—and new security vulnerabilities that bad actors can take advantage of.

Enterprises need to be able to share data to extract value from it, but how can they maintain privacy assurance in the era of hybrid cloud?

Maintain privacy by policy

Today we announce the latest addition to the IBM Hyper Protect Services family designed to help you gain a higher level of privacy assurance and maintain data integrity: IBM Hyper Protect Data Controller. This data-centric audit and protection capability allows you to define and control who has access to eligible data as it leaves the system of record and moves throughout your enterprise. With the addition of IBM Hyper Protect Data Controller, the security capabilities and technical assurance associated with Hyper Protect Services help provide protection for your consistent data access policies. Additionally, robust audit logging can help you address your regulatory compliance directives.

The data-centric protection provided by Hyper Protect Data Controller opens a wide range of new possibilities for data sharing, so you can leave non-sensitive data in the clear while keeping sensitive data private. Consider the data used by the call center agent at your bank. The bank stores data in their system of record, and the agent needs access to certain information to assist you—such as the last four digits of your social security number to verify your identity. IBM Hyper Protect Data Controller protects your eligible sensitive data using encryption and masking before it leaves the system of record, and only reveals the data that the agent is authorized to see. This is made possible through a set of centralized policy controls that the data owner can dynamically update when the agent’s access needs change—including revocation of future access if the agent no longer has the call center responsibilities and moves into a different role within the organization.

Prevent unauthorized policy changes

Once a data owner sets policy controls that govern data access, how can they be sure a bad actor won’t modify them? IBM Hyper Protect Data Controller is deployed within IBM Hyper Protect Virtual Servers, which establishes a protective boundary designed to prevent access by unauthorized users—providing the data owner with a tamper-resistant confidential computing environment to set and maintain policy controls for data access.

Whether you are running your workloads with sensitive data in the cloud, on premises or in a hybrid solution, Hyper Protect Services can offer you protection for your sensitive data, keys and now data access policies. We look forward to continuing our journey to protect your data access and use, wherever it resides.

Source: ibm.com

Continue reading

IBM expands investment in data protection

IBM’s customers continue to validate that data protection and cyber resiliency are key challenges on their hybrid cloud journey toward digital transformation. Modernization of applications and the shift to container-native solutions are prerequisites for speed and agility, and this goes hand-in-hand with best-in-class data management practices for high availability, disaster recovery and data resiliency.

As another clear example of IBM’s commitment to our customers’ ongoing transformation success, as well as our venerable storage business unit, IBM has acquired technology assets and the associated engineering teams from Catalogic Software, a proven provider of data protection, copy data management and data resiliency solutions.

Read More: C2090-543: IBM DB2 9.7 Application Development

Catalogic Software has been an important development resource for IBM Storage® technologies over the past few years, and these acquired assets and engineering talent have helped innovate our award-winning IBM Spectrum® Protect Plus and IBM Spectrum® Copy Data Management solutions.

This move will enable IBM to swiftly integrate advanced data protection and cyber resiliency capabilities into our highly anticipated IBM Spectrum® Fusion family of container-native software defined storage solutions. Designed for AI, analytic and big data applications and workloads, Spectrum Fusion will seamlessly span edge, core data center and hybrid cloud environments (announced April 27th). In addition, we will leverage the technologies to continue to accelerate our data protection roadmap and advance these products, as well as enable new hybrid cloud and container-native cyber resiliency capabilities across the entire portfolio.

“Modern data protection and data resilience are top-of-mind with our customers, from the largest to the smallest,” said John Callisto, Vice President, US Sales at GlassHouse Systems. “To solve the multitude of challenges they face to keep their data protected and resilient, they rely on IBM’s Spectrum Protect family, which not only protects their data, but enables them to recover quickly in the event of a breach. With today’s agreement, IBM will be able to continue to accelerate their leading-edge data resilience and data protection solutions.”

This investment also further bolsters our leadership in hybrid cloud and container-centric data protection and cyber resilience. IBM Spectrum Protect Plus, which is already used by several cloud providers for their backup-as-a-service offerings, is also available from several of the largest hyperscalers, including IBM Cloud, through their cloud marketplaces.

Simply put, Catalogic Software’s technology combined with IBM’s storage portfolio will help customers discover, secure, protect and manage data from the edge, to the data center, to the public cloud.

*Statements by IBM regarding its plans, directions, and intent are subject to change or withdrawal without notice at the sole discretion of IBM. Information regarding potential future products is intended to outline general product direction and should not be relied on in making a purchasing decision. The information mentioned regarding potential future products is not a commitment, promise, or legal obligation to deliver any material, code, or functionality. Information about potential future products may not be incorporated into any contract. The development, release, and timing of any future features or functionality described for IBM products remain at the sole discretion of IBM.

Source: ibm.com

Continue reading

Storage made simple for all

Information technology (IT) is growing more complex every year. In fact, two out of three IT decision-makers surveyed say that their IT environment is more complex now than it was two years ago. Adding to traditional challenges such as greatly increasing data volumes and the ever-evolving cybersecurity landscape, new drivers of IT complexity include ongoing digital transformation, a modern and always-on mobile workforce and expanding hybrid cloud architecture.

IT complexity is costly. Operational expenses rise, general data risks increase and maintenance occurs more often. Even vulnerability to cyber threats increases with added complexity. So the question becomes, how can we reduce IT complexity and bring down costs?

Last year IBM introduced the new IBM FlashSystem® family. This is a single platform for all non-mainframe environments designed to simplify your storage infrastructure while delivering extensive enterprise-class storage innovation, including seamless hybrid cloud and container integration. The ongoing challenges, costs and risks imposed by IT complexity underscore the importance of today’s IBM Storage announcements. New IBM offerings, technologies and programs buck the complexity trend. With these new offerings, your storage solutions can potentially become more compact, less costly than the IBM FlashSystem 5100, and yes — much simpler.

The new IBM FlashSystem 5200 offers a perfect example of storage made simple for all.

IBM FlashSystem 5200 is designed to accelerate a wide range of enterprise deployments for bare metal, virtualized, hybrid cloud or containerized configurations. It’s the most compact storage system we’ve ever made. FlashSystem 5200 is designed with enterprise-class capabilities, including end-to-end NVMe support, IBM FlashCore® technology, storage-class memory and an extensive set of data services in our award-winning IBM Spectrum® Virtualize software-defined storage.

“With its new FlashSystem 5200, IBM has made a tremendous leap forward, packing impressive levels of performance and capacity into a 1U package. While capable enough for the data center, the form factor of the 5200 can offer transformational value for smaller organizations and edge locations.”

 – Scott Sinclair, Senior Analyst, ESG

This new system is designed to provide the performance, cost efficiency and functionality for almost any workload in a compact unit that is ideal for any deployment. It combines latency of less than 70 microseconds for optimal application performance and as much as 1.7 PB of data in only 1 rack unit with data reduction options for reduced OPEX and CAPEX. It includes IBM HyperSwap® high-availability technology and 3-site replication for enhanced business continuity. Say goodbye to your traditional hybrid storage systems and modernize your infrastructure.

“Our clients want simplicity,” states David Ficacci, Director of Technology at Micro Strategies. “Too many so-called solutions these days are really just collections of new headaches for our clients. IBM FlashSystem 5200 is different. It can consolidate the entire storage environment whether it’s edge or core data center to simplify management. Then it can start small and grow with the business. Nothing extra to order. One solution the size of a pizza box can handle our business needs, including seamless connectivity to hybrid cloud. This is the simplicity and versatility our clients want.”

IBM Storage has focused on more than inventing a new storage platform. Other IBM FlashSystem family members have also seen important enhancements. For example:

◉ New IBM FlashSystem 5015 and IBM FlashSystem 5035 use efficient IBM Distributed RAID 1, designed for improved performance with small configurations. FlashSystem 5035 is 22% faster than its predecessor.

◉ IBM Spectrum Virtualize software in IBM FlashSystem adds GUI support for 3-site and HyperSwap configurations, designed to be easier to deploy in high-availability configurations.

◉ IBM plans to deliver a version of IBM Spectrum Virtualize for Public Cloud — our hybrid cloud data fabric software — optimized for Microsoft® Azure®. It is being designed to offer functionality for Microsoft Azure that is comparable to what we already offer on Amazon Web Services (AWS) and IBM Cloud® starting with a beta program with an anticipated release date of 3Q 2021.

◉ IBM Storage support for Ansible®, the Red Hat® open-source IT configuration management and automation platform, continues to be enhanced — including automation for HyperSwap for high-availability configurations for mission-critical workloads.

◉ IBM is simplifying support for IBM FlashSystem with a new IBM Storage Expert Care program, initially available with IBM FlashSystem 5200. It includes Base and Advanced support levels with transparent, predictable pricing and a choice of support duration.

“The University of Miami has deployed IBM storage through many product generations, including FlashSystem,” says Joel Zysman, Director of Advanced Computing Systems, UM Institute for Data Science and Computing. “One of the best things about this IBM storage platform is how well it evolves to meet our ever-changing business and technology demands. I can see that the new 5200 model can continue this trend. It is designed to be more cost-efficient, flexible, functional with simplified support options. We look forward to getting the newest generation into our hybrid cloud environment.”

Today, IBM also announces support of FlashSystem, SAN Volume Controller (SVC), Spectrum Virtualize, IBM Elastic Storage® System (ESS) and IBM Spectrum Scale for IBM Cloud Satellite®,7 currently in beta. This enables you to “bring your own infrastructure” to hybrid cloud environments. IBM Cloud Satellite is being designed to help enable you to launch consistent cloud services anywhere — across any cloud, on premises, and at the edge with speed and simplicity, delivered as a service from a single pane of glass, managed through the public cloud. The result can potentially include increased efficiency and simplicity. When deploying IBM Cloud Satellite on premises, IBM FlashSystem can be the ideal storage solution.

Today’s announcements span a broad range of solutions for your container, hybrid cloud and virtualized environments. But the message is simpler — literally. Through ongoing innovation and engineering commitment, IBM continues to reduce IT complexity and make storage simple for organizations of all sizes.

In addition, IBM Storage will donate up to $1M to COVID-19 relief. Proceeds will come from FlashSystem 5000 and 5200 sales. You are encouraged to use #IBMFlash4Good on social media to help promote our cause.

Source: ibm.com

Continue reading

Cyber resiliency 101: Required learning for all

Cyber threats like ransomware, which made its very first appearance in 1989 and has been on security teams’ and law enforcement’s radar for the past 7 or 8 years, are not fads. It’s not going away. In fact, the cash-rich ransomware industry is flourishing. As a result, organizations are moving from the era of possibility to the era of probability of a successful cyber breach. It’s not hyperbole to say that it’s no longer a question of if an organization will face a cyberattack but rather when.

Protecting against ransomware is a top priority for most organizations as they look to protect themselves against lost productivity, lost brand equity or trust, and lost revenue. Protection against ransomware should be a 2-pronged approach with a focus on security and resiliency:

◉ With cybersecurity, the objective is preventative in nature. “Lock the doors to keep any bad actors out in the first place.”

◉ With cyber resiliency, the objective is to prevail in the event of a cyber breach. “The odds are we will be breached. We need to plan and prepare in order to continue operations despite a breach.”

It’s important to note: Organizations should work towards being both cyber secure and cyber resilient.

Business continuity: 4 protection practices

In the past, business continuity was comprised of 3 protection practices. We now have a 4th protection practice. I will start by reviewing the 3 well-established protection practices and then talk about where cyber resiliency fits in.

◉ Backup: Protects files, folders, drives against corruption or accidental (and in some cases intentional) deletion.

◉ High availability: Protects against a larger, localized outage or event — for example, an outage within a site: a server or a storage array goes down, or you lose power to a portion of the data center.

◉ Disaster recovery (DR): Protects against an even larger outage — for example, an outage that affects an entire site, such as a catastrophic disaster like a fire, flood or earthquake that takes out an entire data center.

◉ Cyber resiliency: The newest protection practice under the business continuity umbrella. While these cyber resiliency practices are new, they shouldn’t be too tough to understand in that cyber resiliency practices are a blend of existing backup and DR practices, which is the reason why cyber resiliency is seated between backup and DR. Cyber resiliency is similar to backup in the protection method; it involves point-in-time copies. Cyber resiliency is similar to DR in the size and scale of the data loss. While the data center may not be lost due to a natural disaster — the building is still standing, the power is still on — a virus can cause widespread damage similar to a losing a site, requiring DR-like restore operations.

Thankfully, the US National Institute of Standards and Technology (NIST) has published a “Cybersecurity Framework” for safeguarding critical infrastructure. The framework integrates industry standards and best practices to help organizations develop or improve their cyber protection measures.

The NIST Framework is made up of 5 functions. You can think of these functions as steps, but notice that they are in a loop, signaling that there’s an expectation of continuous updates and improvements over time. Keep in mind that cyber resiliency is all about planning and preparing before a breach occurs. Not surprisingly, the first 4 functions — identify, protect, detectand respond — focus on planning and preparation to ensure a successful recovery.

The NIST Cybersecurity Framework

Anyone can download and use the NIST Framework and corresponding white papers to aid them in their self-directed cyber-protection efforts. For those who would rather not go it alone, and would prefer some outside assistance and expertise, IBM System Lab Services has built the Cyber-Incident Response Storage Assessment (CIRSA) using the NIST Framework to expedite clients’ cyber resiliency protection efforts. For organizations that would like assistance and expertise, the CIRSA offering is a great vehicle for starting down the path to cyber resiliency.

Continue reading

3 strategies for a holistic approach to cybersecurity

Staying ahead of cybersecurity threats is the top business challenge for executives according to IBM research. As organizations move more data to the cloud, this creates more access points through which the data can be hacked. Continued remote work mandates have also created new, vulnerable attack surfaces. Keeping data secure and compliant in this environment is a tall task for even the most sophisticated organization.

The solution is to build in security throughout your hybrid multicloud environment, creating an IT infrastructure that provides holistic end-to-end protection. This means leveraging the security capabilities architected into all levels of your hybrid cloud environment (hardware, firmware, operating system, software), and securing the data itself at-rest, in-flight and in-use. 

Below, we’ll outline three strategies for shifting your approach to cybersecurity. You’ll learn how the technology and expertise backing IBM Z® and IBM Power Systems™ make IBM the best partner for you on that journey.

Strategy 1: Encrypt data at scale with IBM Z 

Encryption is one of the best ways to protect data, as it renders stolen data useless without the encryption key. Selective encryption can be used to secure specific types of data within specific layers—at the database, application, data set or disk level. However, this approach is costly and resource-intensive, forcing organizations to make risky decisions about which data they choose to encrypt. 

Pervasive encryption on IBM Z lets you encrypt all enterprise data in-flight and at-rest, without costly application changes, to keep it secured within your environment. This method better equips you to meet compliance mandates.  

Strategy 2: Protect workloads against threats with confidential computing 

There are many benefits to using a hybrid cloud environment, but from a security standpoint this also means the introduction of new risks, including insider threats from cloud and system administrators.  

The traditional model for managing IT environments relies on “operational assurance”—trusting that administrators are doing the right thing. At IBM, we believe that a zero-trust approach necessitates the move from operational assurance to “technical assurance”—in which protection controls are built into the technology to eliminate the need for administrators to access sensitive data within those environments.  

As we look to the future of data protection in hybrid cloud environments, confidential computing—the use of trusted execution environments (TEE) to protect data in use—can provide organizations with the technical assurance they need. IBM has been investing in confidential computing for over a decade, and we are on the fourth generation of our Secure Service Container technology, which is the underpinning for IBM Cloud Hyper Protect Services, available through the IBM Cloud and hosted on LinuxONE servers. With the latest generation of the Z platform, IBM z15 and LinuxONE III, we introduced a new hardware-enforced trusted execution environment called IBM Secure Execution for Linux.

Strategy 3: Build security into your IT stack with IBM Z and IBM Power Systems 

You can build security into your IT stack by working with various third-party vendors. However, this approach compounds the complexity that already exists with hybrid cloud and introduces more potential points of exposure to your network.  

Or, you could leverage the security, technology, and expertise of IBM through IBM Z and Power Systems. Both platforms offer comprehensive, end-to-end security that integrates across the entire stack—from chip to hypervisor, apps to network resources, up to security system management.  

IBM owns the security throughout, giving you more control and insight into what data is being stored and where. By identifying data flow and where it’s vulnerable, you can make informed decisions around the measures to take to protect it.

Source: ibm.com

Continue reading

Three ways to collaborate to improve cybersecurity

The stakes are high in enterprise security. Data breaches can damage your organization’s reputation and result in significant costs (USD 3.86 million for every breach on average according to this Ponemon Cost of a Data Breach study). They can also destroy customer trust. Recent research has found that more than 78 percent of customers would not automatically return to a business following a data breach. In short, data breaches are just bad for business.

You’re likely aware that data breaches impact the whole organization. All enterprise systems are potential cyberattack targets, and the negative impact of a breach can reverberate throughout the business. Whether you’re in security, IT, or operations, data security is your concern.

Collaboration enhances data security

When it comes to enterprise data security, you may find it challenging at times to connect the dots. If you’re in security, you need information about the IT solutions required to secure the data perimeter. If you’re in IT or operations, you need insights from your security counterparts to inform technology development and deployment.

Collaboration can bridge this gap. IT and security groups can work together to ensure that security needs are baked into IT initiatives, and that security issues are optimally addressed by technology. By collaborating closely, your two groups can maximize transparency and make the best security and IT decisions.

Here are three ways security and IT can collaborate to enhance cybersecurity.

1. Consider security needs in technology development

If you’re a security practitioner, you’re plugged into the most urgent and relevant security concerns. You also understand how these concerns impact the enterprise. If you’re an IT practitioner, you’re aware of these issues and that they may impact applications you build. You can incorporate security peers’ insights into your IT projects to ensure your initiatives address all potential data-security risks and mandates.

For example, the recently enacted GDPR standards apply to virtually any personal data gathered by an enterprise that does business with or in the European Union. Before developing a new program that will use or request customer data, you must ensure that the program complies with GDPR mandates. Involve your security peers as early as possible here. Their early insights will help ensure that GDPR compliance is built into the application, not tacked on as an afterthought. A little collaboration at the start can save you a lot of headaches later.

2. Use IT to solve security challenges

The solution for an enterprise data-security challenge is often technology. This creates a natural synergy between security and IT practitioners. If you’re looking to address a data-security concern, one of your first conversations should be with your counterparts in IT. Often they will have the hammer for your nail, or they will be able to build the hammer.

Say you’re a security practitioner and your CISO has informed you that only a small portion of your enterprise data is encrypted. You probably both know, as the Breach Level Index has detailed, that unencrypted data is significantly more likely to be stolen by cybercriminals. Since expanding data encryption will likely require technology, you should then meet with your IT counterparts to discuss a solution. Perhaps they can find a way to devote more computing power to encryption so that a larger percentage of data – or at least the most sensitive data – can be encrypted. Ideally, they will be able to efficiently encrypt all database, application and cloud enterprise data through the mainframe.

When pondering your most vexing security challenges, make a discussion with your IT and operations counterparts a priority. They’ll often have just the tool you need to get the job done.

3. Reframe security conversations

It can be tempting to view security as the naysayer of the business, always warning about what could happen or what should not be done. Such a view may steer some IT practitioners away from engaging with the security team as they should.

Security conversations don’t have to be negative. You and your security counterparts are responsible for making them productive and positive. Discussions should focus less on how security concerns are holding business back, and more on understanding risks and alternatives. For instance, as mentioned earlier, in the age of GDPR security practitioners will likely raise a red flag about any application that collects and uses customer data. This doesn’t mean that the application can’t be developed or even has to be drastically changed. The developer simply needs to make sure that processes for collecting, using and storing this data comply with the mandate. IT and security practitioners should work together before development begins to outline a process that is compliant without compromising user experience.

A final thought: Stay informed

Enterprise security is everyone’s job. Accounting for security in technology development, and the other way around, will create an ongoing positive feedback loop in which security is woven into the enterprise needs and solutions.

If you’re a security practitioner, you’re already living and breathing security, but some time with your IT counterparts can help inform your security strategies. If you’re in IT, consider investing some time in cybersecurity education. You don’t have to become an expert. But you should be plugged in on the latest security issues, from the most recent high-profile data breach to any new data regulations. SecurityIntelligence.com provides news and insights that keep you in the loop on today’s critical data security issues.

Collaboration, supported by a base of security and IT knowledge, will help ensure an engaged team, improving cyber security for your enterprise.

Discover how to stay secure while remaining efficient and agile

Download the Solitaire Report

Source: ibm.com

Continue reading