By Charlie Osborne – October 15, 2018
On Monday, the New York-based technology company unveiled the open platform, which IBM says “is the first security cloud platform built on open technologies, with AI at its core, to analyze federated security data across previously unconnected tools and environments.”
An analysis conducted by IBM suggests that cybersecurity teams in the enterprise use, on average, over 80 cybersecurity solutions provided by roughly 40 vendors.
This is a potential recipe for chaos and may reduce the overall effectiveness of security and defense.
IBM Security Connect makes use of both cloud technology and AI. Users of the platform will be able to apply machine learning and AI, including Watson for Cyber Security, to cybersecurity products to increase their effectiveness.
At launch, over a dozen security vendors and business partners have signed up.
“IBM Security Connect will help tackle some of the biggest security challenges today via open standards, which can help pave the way toward collaborative innovation,” the tech giant says. “As it is built on open standards, it can help companies build unique microservices, develop new security applications, integrate existing security solutions, and leverage data from open shared services.”
Artificial intelligence, which includes neural networking, machine learning, analytics, and the use of algorithms to complete tasks, allows machines to learn from experience.
In cybersecurity, the machine learning subset of AI has the most use — at least at this stage in AI development. While there is little use of ‘true’ cognitive AI, machine learning can provide a springboard from traditional, signature-based antivirus and cybersecurity solutions to a more extensive means of protection through data collection and analysis.
When machine learning systems are given a large enough data pool to digest and analyze, this can be used to help shrink attack surfaces through predictive analytics, the detection of what is likely to be suspicious behavior, and this, in turn, eases the burden on cybersecurity staff who often have to triage cybersecurity-related events on a daily basis.
AI and machine learning are not perfect and cannot be considered a silver bullet for cybersecurity defense. However, solutions and platforms which leverage these technologies can give the enterprise an additional way to defend themselves against cyberattacks which are constantly evolving and increasing in sophistication.
IBM appears to have recognized this opportunity in the cybersecurity market. Alongside the firm’s IBM Security Connect, the firm’s Security Operations Centers (SOCs) and Watson for Cyber Security are key elements of IBM’s move into the AI for cybersecurity market.
The firm’s SOCs are found in countries including the US, India, Japan, and Poland. The SOCs act as X-Force training hubs which offer training and cyberattack simulations, of which virtual environments are used to interact with real-life scenarios.
The centers process over one trillion security events every month to generate threat intelligence.
Big Blue’s Watson was integrated into a security offering last year. The supercomputer, which combines AI and data analytics, acts as a knowledge repository for cybersecurity professionals using IBM’s Cognitive Security Operations Center platform.
These services are not reserved purely for the enterprise; IBM also caters for government and federal agencies.
The ongoing effort to develop AI solutions for modern businesses is further achieved with the launch of IBM AI OpenScale, an enterprise platform for the creation and management of artificial intelligence applications.
In addition to IBM Security Connect, the company also announced a new addition to its Security Operations Center, a mobile unit called the IBM X-Force Command Cyber Tactical Operations Center (C-TOC).
The mobile unit will travel to companies in the US and Europe and offer training on incident response, defense strategies, and crisis leadership.
IBM has been pushing for the integration and further development of AI solutions in the enterprise and by taking up a vendor-agnostic stance in the AI realm especially when the need for cybersecurity solutions is great, the company is setting itself up as one of the major AI-security players not only in the present but potentially the future.