By Andy Daudelin
Among the 10 most stressful C-Suite roles of 2014 in business today is the role of chief information security officer (CISO). These IT security leaders set the strategy for the way a company protects itself from constantly evolving cyber threats – and they must implement these strategies without disrupting the speed of the business or its ability to innovate.
The threat landscape today is fraught with risk. IBM’s most recent Cyber Security Intelligence Index confirms that the average company faces 1.57 million security events per week, with 1,400 of those identified as actual attacks. And earlier this year, I discussed how new security threats and regulations will make 2014 a critical year for compliance and audit demands, and organizations need to be better prepared.
Cloud and mobile technologies are an excellent example of the balance CISOs must strike as they strive to protect the IT infrastructure while incorporating emerging technologies. Many companies are finding cloud an ideal platform for emerging business applications and are integrating those cloud-based services with their traditional technology platforms. It’s the CISO’s mission to secure all of this – and its underlying data – as a single seamless service. Continue Reading »
By Keith Byrne, Intelligence Manager, U.K. Federation Against Copyright Theft (FACT)
Last month, the fifth and final season of the hit television show Breaking Bad premiered in the U.S. Despite all the legal ways to view the show in the U.S. and in several other countries, many people still viewed the episode through pirate websites. In fact, within a few hours after the unauthorised copy of the episode was uploaded, 80,000 people had shared the file illegally and after 12 hours more than half a million people around the world were estimated to have downloaded the copy.
Such behaviour can have dramatic and negative economic impacts – impacts that often go unnoticed by consumers. When a producer or director is unable to score a box office hit, for example, their ability to secure backing to produce the next film is greatly diminished, setting off a chain reaction that affects the entire production ecosystem from lighting and carpentry, to catering and cinema staff – all of whom depend on the continued survival of the creative economy. Continue Reading »
By Dan Lohrmann
A radical change is sweeping across the global workplace: mobile technology is redefining the boundaries between work, home life and play.
According to IT analyst firm Gartner, the rise of bring your own device (BYOD) programs is the single most radical shift in the economics of client computing since the introduction of the personal computer in the workplace.
Bringing your own mobile device offers many benefits. Employees are comfortable with the various features and functionality of their preferred—and often beloved—smartphone. Also, using personally-owned mobile technology can eliminate the need for carrying two devices—one for personal use and the other for work. Continue Reading »
By Laurie Williams
According to a recent IBM Tech Trends report, both educators and students view security as extremely important. In fact, 56 percent of students and 44 percent of educators ranked it as one of the top three issues the IT industry will face over the next two years. In addition, a UK government report said that it may take 20 years to address the current cybersecurity skills gaps.
To help try and change that, North CarolinaStateUniversity is partnering with IBM to help better prepare the next generation of engineers with a secure-by-design focus and curriculum.
Why dedicate so many resources to building cybersecurity skills? The world operates with interconnected systems and as technology progresses these systems will only proliferate. The linchpin to success in securing these systems is in the design stage – not at the end of the process. Continue Reading »
By Christopher Padilla
This week, nearly 200 of IBM’s senior leaders representing all 50 states are on Capitol Hill to urge action on policies that will drive innovation and economic competitiveness. With more than 300 congressional delegation meetings, our executives are addressing a range of issues critical to U.S. business.
As public-private collaboration becomes increasingly critical to overcoming challenges that no single sector can handle alone, we look forward to working with U.S. congressional leaders on the following issues:
Share Information on Cyber Threats to Protect the Nation’s Critical Assets
Individuals, companies and governments are facing higher risks of cyber attacks as the world becomes more inter-connected. Now, more than ever, it is imperative to develop innovative measures to protect critical assets such as our energy and financial industries. To achieve this goal, private sector advances in innovation should be complemented with legislative policies that promote the collaboration needed to ensure cybersecurity. Continue Reading »
By Sandy Bird
Over the years, the game of cat and mouse between cyber attackers and the people charged with defending networks against their advances has become increasingly more complex. Every new advance in defensive technologies has forced attackers to adopt new tactics, and every new attack technique has produced a new response.
We’re at the point where some of the most diligent and advanced security organizations in the world have deployed over 60 different security products; products that, unfortunately, infrequently communicate with one another. Realistically, we can’t rely on these disconnected technologies to be successful 100 percent of the time, especially when they operate in isolation. We need a different, foundational approach.
Fortunately for security professionals, even the most advanced attackers share the same human limitations as the people defending the networks: they are not perfect and they will leave clues about their presence in a network. The enduring challenge is to figure out how to identify and combine those subtle indicators of an attack. Today, more advanced organizations are turning to Big Data in search of evidence of security breaches. Continue Reading »
By Kris Lovejoy
As companies and individuals continue to connect in new and exciting ways – through the cloud, mobile technology and social media – each are becoming more informed and empowered. However, this always-on, real-time, hyper-connected world is not without its pitfalls. And while privacy, security, and performance tend to garner the headlines, the growing risk to reputation is gaining increasing attention.
A new study by the Economist Intelligence Unit commissioned by IBM reveals that reputational risks extend far beyond faulty products or shoddy services. Companies face serious risks to their brand if their IT is compromised. From stolen customer data to hacked passwords – an IT security breach can lead to dramatic and negative sentiment about a company and its image. Continue Reading »
By John Potter
When I speak to enterprise CIOs about the cloud, one issue comes up in conversation more than any other: security.
As the momentum grows around cloud services, enterprises are starting to move toward this model of computing, recognizing the benefits they can gain in terms of flexibility and scalability. However, the anticipated revolution is more of a slow evolution with a significant number of large businesses still sitting on the sidelines. The main reason for their reluctance: concerns over reliability, performance, and most of all, security.
The cloud may be a relatively new concept, but these concerns aren’t. For businesses, customer data and intellectual property are often the currency with the highest value. They demand a cloud that lets them protect this data using the same enterprise-grade security they’ve experienced in their existing corporate networks. They want to know that their most important currency is protected as it travels to and from the cloud. Continue Reading »
For security officials, the first half of 2012 was marked by intelligence and sophistication – which, when it comes to securing a computer network, are not always positive traits. Yesterday IBM released the results of the X-Force 2012 Mid-Year Trend and Risk Report. The report highlights a sharp increase in browser-related exploits, weaknesses around password security, and growing operational challenges in the adoption mobile “bring your own device (BYOD) programs and policies since last year. In fact, half of all the Chief Information Security Officers interviewed indicated that mobile BYOD security is their greatest near-term technology concern.
There’s no question that protecting a business from IT security threats is getting increasingly complex for companies of all sizes – particularly with the rapid adoption of innovative technologies like mobility, cloud computing, big data analysis and social collaboration. Increased concern about privacy protection, regulatory compliance and rapid globalization add additional dimensions of complexity.
It is clear the ability to succeed in their efforts is hindered by the lack of security skills and requirements to work with tighter budgets. According to Frost and Sullivan’s 2011 (ISC)2 Global Information Security Workforce Study, a lack of skills has made many cybersecurity professionals under-qualified to adequately secure organizations from threats associated with adoption of social media, cloud computing, mobile devices and software applications. The 2010 Center for Strategic & International Studies (CSIS) report called “A Human Capital Crisis in Cybersecurity” documented a need for 30,000 cybersecurity professionals in the United States, with only 1,000 positions filled.