10 top cybersecurity predictions for 2019
What’s driving the growing investments in data security?
Increase in crime, espionage and sabotage by rogue nation-states
GDPR: The pain still to come
Cloud insecurity: It’s your head on the block
Single factor passwords: The dark ages
Malware: Protect or fail
Shift in attack vectors will drive cyber hygiene growth
IOT: The challenge will only increase
Increasing risks with shadow IT systems and bad housekeeping
DDoS: Usually unseen, but still a nightmare
Cybersecurity in the boardroom
Content retrieved from: https://www.healthdatamanagement.com/list/10-top-cybersecurity-predictions-for-2019.
The Mad Dash to Find a Cybersecurity Force
By Paulette Perhach – Nov. 7, 2018
A stunning statistic is reverberating in cybersecurity: An estimated 3.5 million cybersecurity jobs will be available but unfilled by 2021, according to predictions from Cybersecurity Ventures and other experts.
“It’s scary. Our power grid, our cars, our everyday devices — basically everything is online and able to be attacked,” said Georgia Weidman, author of “Penetration Testing: A Hands-On Introduction to Hacking.” Ms. Weidman is the founder of two cybersecurity companies, Bulb Security, where she is chief executive, and Shevirah, where she is chief technology officer. Shevirah specializes in security for mobile devices.
“It would certainly cause mass destruction if our power grid went down or our water pumps started going haywire or our dams decided to open all their sluices,” she said. “That’s actually something that could happen.”
According to a report released this year by the Identity Theft Resource Center, the number of data breaches tracked in the United States in 2017 hit a high of more than 1,500, up almost 45 percent over 2016. In one incident this year, the data of 29 million Facebook users was stolen.
In response to the sheer number of new digital gates that might be left open, employers and educators have had to become more creative in finding people to guard them.
They need penetration testers to simulate attacks to find and fix vulnerabilities that could be exploited by a real attacker.
They need malware analysts to find out what malicious programs do so they can protect from the attacks.
They need security researchers to discover new vulnerabilities in applications and other products — before the thieves do — so they can be fixed. They need security architects to make sure all the best practices are being followed.
According to the chief economist for LinkedIn, Guy Berger, there was a shortage as of September of 11,000 people with cybersecurity skills in the San Francisco Bay Area, 5,000 in New York and almost 4,000 in Seattle, the areas with the largest concentration of need. LinkedIn regularly issues work-force reports based on its analysis of jobs data in the United States.
Some major corporations have openly taken to hiring hackers to help protect them. An extreme example is Kevin Mitnick, who hacked into corporations, landed on the F.B.I. Most Wanted Fugitives list, went to jail for five years, but is now a security consultant to Fortune 500 companies and governments. As he says on his website about hackers, “It takes one to know one.”
Many companies are also putting less emphasis on the need for a college degree to qualify for a cybersecurity job, Ms. Weidman said. With an undergraduate degree in mathematics from Mary Baldwin College in Staunton, Va., and a master’s in computer science from James Madison University in Harrisonburg, Va., Ms. Weidman said she had seen how much hands-on experience really mattered in the cyberfield. That insight came early when she participated in the National Collegiate Cyber Defense Competition as a student.
The competition, which began in 2005, is held at colleges across the country and designed to test student teams’ abilities to detect and respond to outside threats and to protect services such as mail servers and web servers. The sponsors include high-tech companies like the defense contractor Raytheon and IBM, but also retailers like Walmart and transportation companies like Uber.
Recalling the difference between theoretical learning in college and hands-on experience, Ms. Weidman said she could do a lot of math about computer networking, “but could I actually manage a network at a company? Absolutely not.”
The people who were in community colleges would “wipe the floor with those of us at universities, because community colleges really were focused on how to do these things,” she said. “I think that people at the university level are starting to realize that we need more hands-on skills in cybersecurity, as well as just the theory.”
With that in mind, colleges and universities are changing their curriculums. Ms. Weidman is working with the Tulane School of Professional Advancement in New Orleans to build an online class for its Applied Computing Systems & Technology degree program.
At New York University, the Center for Cybersecurity has been operating for 20 years and graduates about 50 students annually. But this year, it created an online master’s program to help make the training more affordable in hopes of attracting more people to the field.
Students in cybersecurity get a 75 percent discount, so the master’s degree costs about $15,000, compared with about $60,000 for the traditional on-campus program. The online program enrolled 125 students in September and hopes to have 1,000 students annually within three or four years.
“Nationally, we graduate twice the number of psychology majors as opposed to engineers,” said Nasir Memon, professor and associate dean for online learning at the N.Y.U. Tandon School of Engineering. “We graduate as many park rangers as compared to computer scientists.”
Students frequently graduate in fields that lack opportunity for long-term careers, he said. If they want to switch to computer science in traditional programs, they can face daunting barriers, like multiple semesters of catch-up courses and a requirement to take the Graduate Record Examination.
“So one of the things we did is start a bridge program, where we say, we don’t care what you did in your undergrad; you could have done physics, anthropology, anything, just come on in,” Professor Memon said.
The welcome the school extends is in the form of an intense, four-month online program of computer science courses with a price of $1,500. If students pass, they are eligible for the full program.
This year, 230 students were accepted into the bridge program, 22 percent of them women. That number compares with 11 percent of women in the cybersecurity force over all, according to a 2017 report by the Center for Cyber Safety and Education and the Executive Women’s Forum on Information Security, Risk Management & Privacy.
Shamla Naidoo, global chief information security officer for IBM, has had success reaching out to mothers returning to work, as well as to veterans, to find potential cybersecurity workers.
“We’ve been talking about this for the last few years,” Ms. Naidoo said. “The first year, I spent a lot of time worrying about it. After that I thought, there’s no point in worrying about it, I’m going to have to go act, and I’m going to have to act in a nontraditional way. Posting a job description and hoping people are going to show up and apply to the job wasn’t working because the people just didn’t exist. So rather than trying to hire the skills and knowing they’re not as easily available, let’s create the skills internally.”
She created a system open to hiring people who have little or no experience, and, in many cases, even skills, in cybersecurity, with the understanding that they will come in, join a more experienced team and learn on the job. They are formed into teams of five to seven people solving one problem at a time, with the new employees teaming with more experienced security experts to watch.
Many skills from other industries are transferable to the cybersecurity field. Cybersecurity experts need to be able to communicate policies to, as Ms. Naidoo put it, “increase the cybersecurity I.Q.” of an entire organization. For example, people from a finance background might be able to educate their co-workers in accounting about cyberrisk.
She’s grown her team by about 25 percent over the last year with developers, consultants and research professionals. She said being more flexible in hiring, and hiring outside of the normal pipeline, had evened out some of the inequities in the field — like a relative dearth of minorities and women.
“To solve the skills shortage, we have to hire people who have the right aptitude, who have the right attitude, people who are curious, are willing to learn,” Ms. Naidoo said. “Outside of that, I have very few other criteria. I’m opening the aperture for where we look. I’m trying to hire in nontraditional places, nontraditional groups of people, and so I don’t expect them to have the skills or the experience that we need. I will hire people wherever I can find them.”
Michael Doran, 38, was a police officer in St. Louis for almost 10 years before going into cybersecurity.
“I quickly found out a lot of the older detectives were not doing a lot of the computer crimes,” he said. “I saw my opening there to make a niche for myself.”
After learning about the field of digital forensics, he took free, online courses through the National White Collar Crime Center. He then decided to get another bachelor’s degree and a master’s degree online in computer forensics and intelligence. He studied at Utica College from home while working full time.
He went to the cybercrimes unit as a forensic digital examiner within the St. Louis police department’s cybercrime unit. But it didn’t take long for the private industry to scoop him up.
“It was an offer I couldn’t refuse,” he said, speaking of more than doubling his salary to near six figures. “I took that chance, and I haven’t looked back since.”
He’s now a senior security consultant within the enterprise incident management team for Optiv, a cybersecurity company, where he performs digital forensics and interacts with clients.
More C-suite executives are filling their own skills gaps when it comes to cybersecurity, said Eric Rosenbach, co-director of the Belfer Center for Science and International Affairs at Harvard Kennedy School and former chief of staff at the Defense Department.
He runs an online class for working, senior-level executives “who are only now seeing how seriously they need to take it because they’ve seen so many other C.E.O.s get fired for major breaches,” said Mr. Rosenbach.
Offered at least six times a year, the classes educate 300 to 400 people each term. He says executives need to know how to minimize the legal, financial and public relations risks before an attack occurs.
Beyond the particular needs of firms in the cybersecurity arena, there is also a skills gap in the larger population that needs to be addressed, Mr. Rosenbach said.
“I’m surprised, even at Harvard, how few of the students here know very basic stuff about cyberhygiene, two-factor authentication, things like that, that people should be doing to protect themselves,” he said.
“One thing I don’t think people appreciate as much is that cyber is about human issues, it’s about training people not to do dumb things like click on spear-phishing links, holding people accountable. There’s a lot of human leadership involved in trying to improve cybersecurity.”
Content retrieved from: https://www.nytimes.com/2018/11/07/business/the-mad-dash-to-find-a-cybersecurity-force.html.
Cyber security high on European Commission agenda
Warwick Ashford – 07 Nov 2018
The European Commission (EC) is encouraging cooperation across the region to ensure improved cyber security across the board, says Miguel Gonzalez-Sancho, head of the EC’s unit for cyber technology and capacity building.“From the EC’s perspective, if cyber security and data protection are not addressed sufficiently in a satisfactory way, the whole digital economy is in danger,” he told the EEMA ISSE 2018 cyber security conference in Brussels.
In the light of the fact that cyber attacks know no borders, Gonzalez-Sancho said the EU leadership was keen to close the vulnerabilities created by the fact that the cyber response capacity differs from country to country in the region.
“The threat is global, which means everyone is affected,” he said. “But there are differences in terms of [cyber defence] preparedness, and attackers will always go for the weakest link, putting the whole system at risk, so there is a need to increase resilience to cyber threats and incident response and to do it in a coordinated way.”
For this reason, Gonzalez-Sancho said the EC was looking for ways to enable more robust and effective structures to ensure strong cyber resilience and respond to cyber attacks.
The main areas of focus in the EU’s cyber security policy focus, he said, are building EU resilience to cyber attacks, creating effective EU cyber deterrence capability and strengthening international cooperation on cyber security.
To support cyber security policies, the EU is providing funding research and development projects to develop capacity solutions through the Horizon 2020 programme and for cross-border deployment and cooperation through the Connecting Europe Facility programme, which has a budget of €3bn.
“For the future, the commission has made proposals for the next budget cycle to step up the funding support in cyber security for research and innovation through the Horizon Europe programme and the new Digital Europe programme, with an overall budget of €9.2bn.”
The Digital Europe programme is aimed at supporting procurement of advanced equipment, tools and data infrastructure; supporting the best use of European knowledge, capacity and skills; ensuring wide deployment of the latest solutions across the economy; and reinforcing capabilities for network and information systems.
Other programmes with a cyber security dimension include the European Defence Fund and the European Security Fund, said Gonzalez-Sancho.
Other initiatives involving building cyber security capacity and cooperation, he said, include the NIS directive, the proposed EU cyber security act, and plans to set up an EU-wide certification framework for ICT products, services and processes.
In conclusion, Gonzalez-Sancho said that despite the expertise in Europe, there was the risk of losing ground without effective cooperation regionally and internationally.
Despite the challenges of adapting institutions to work this way and political and economic threats to cooperation, he said it was imperative to improve cyber security response.
Content retrieved from: https://www.computerweekly.com/news/252452087/Cyber-security-high-on-European-Commission-agenda.
AI cybersecurity tools help spot threats before they cause harm
11/5/2018
With billions of devices connected to the internet, the cybersecurity threat landscape is getting more complicated. From phones and desktop machines to servers, cloud applications and IoT devices, never before have more targets been available to those looking to cause harm.
According to research firm Enterprise Strategy Group (ESG), between 390,000 and 1 million new malware variations emerge every day. The average organization deals with over 200,000 security events daily. It’s estimated that, by 2021, there will be an astounding 3.5 million unfilled cybersecurity positions worldwide. This means that the threat landscape is not only getting more complicated, but it’s getting harder to manage these threats.
The emergence of AI and machine learning is bringing new intelligent capabilities to the mix to help provide more proactive visibility, control and mitigation of cybersecurity attacks. According to the ESG report, companies are increasingly looking to AI cybersecurity tools. Over 12% of enterprises have extensively deployed AI-based security analytics as of 2017, and 55% of surveyed firms plan to deploy machine learning and AI approaches to cybersecurity.
Advanced threat detection
AI algorithms are particularly good at pattern detection. Machine learning-based systems train on the vast existing databases of viruses and malware and can model the properties and characteristics of malicious programs. Once trained on these patterns, these AI systems can observe network traffic, data exchanges and system behavior to identify malicious patterns that might be worth closer examination.
In this way, AI-enabled cybersecurity tools don’t have to wait for the attack to occur before providing a response. So-called zero-day attacks, in which victim systems have no prior defense or awareness of the threat, can similarly be thwarted and prevented by smart cybersecurity software that learn from attacks on their own systems, as well as those from others in the network.
Similarly, AI cybersecurity tools can use their learning to determine patterns of attacks. The systems can categorize attacks based on threat level and adapt over time. They can determine whether the attacks originate from a specific location, target specific systems or fit specific categories. In this way, security researchers and security personnel can learn how to harden their environments to prevent future attacks and operate more proactively when faced with traffic from specific regions in the world or that target specific systems.
Proactive defense and threat mitigation
In addition to being better than humans or even traditional antivirus and antimalware systems at identifying and mitigating attacks, AI-enabled cybersecurity software can introduce new ways to defend and mitigate threats. Rather than simply shutting down servers or traffic in response to attacks, these systems can respond more creatively and adaptively to thwart attacks. In fact, the blunt response of shutting down systems in response to an attack might actually be the very thing that the attacker wants. From distributed denial-of-service attacks to attempts to harm critical infrastructure, the attacker wins by either overwhelming the system in question or by getting an overly aggressive response from security personnel.
Instead of these brute-force responses, AI cybersecurity tools learn how to thwart these attacks with adaptive responses that also minimize collateral damage. If an attack is trying to disrupt traffic, an AI-enabled cybersecurity tool might identify legitimate traffic from attacker traffic and split traffic to two different directions, keeping customers happy and keeping attackers at bay. If the system detects compromises to data or other infrastructure, it can apply backup data or systems so that any changes are reversed. The security tool can also respond in ways that the attacker can’t easily predict, emulating human behaviors instead of scripted cybersecurity responses.
Improved auditing of systems and patching
On the more mundane side, AI-based software is able to regularly probe systems, devices and data for vulnerabilities and apply patches and fixes to that infrastructure to prevent attackers from using previously identified means of compromising systems. Security analysts are regularly overwhelmed with the sheer scale of architectures and devices they need to protect. They have to constantly be aware of updates and patches that need to be applied to address yesterday’s security issues to prevent tomorrow’s problems. However, this is a near-impossible task for human operators.
While there are a number of automated systems that can be used to apply patches on a regular schedule or when updates are available, these are very much a one-size-fits-all approach and are subject to their own issues. Some updates can cause problems in functionality and need to be rolled back to prior versions. Others only work for specific devices or system configurations. AI-based cybersecurity tools more evenly and successfully apply patches to address security holes without introducing functionality problems. These AI-enabled systems can then continuously monitor systems, sources of patches and bug fixes, and additional sources to apply the right patches to the right systems at the right time.
Adapt to changing threats
Finally, with AI, systems are able to adapt to the continuously changing threat landscape. New devices, cloud applications, servers and systems introduce new threats that companies might not be aware of until the attacks occur. AI-based systems can creatively probe these systems to see what potential threats might emerge. This is a machine learning-enabled version of the penetration testing (pen testing) that software and hardware vendors regularly employ to make sure that their systems are as secure as possible.
Just as software quality assurance is increasingly being automated with AI capabilities, so too are penetration testing capabilities. AI-enabled solutions are increasingly emerging that provide continuous pen testing, as well as the ability for companies to respond to continuously evolving threats.
Content retrieved from: https://searchenterpriseai.techtarget.com/feature/AI-cybersecurity-tools-help-spot-threats-before-they-cause-harm.
Campaign cybersecurity poses next major challenge for federal election officials
By Jacqueline Thomsen – 11/01/18
Federal officials say they want to help political campaigns guard against against cyberattacks, but are struggling to figure out how.
Election officials said this week that while much of the attention since 2016 has focused on protecting voting systems, campaigns remain highly susceptible to cyber intrusions. However, those same officials have no means of directly communicating with the hundreds, if not thousands, of candidates about how best to address cyber threats.
Robert Kolasky, director of the Department of Homeland Security’s (DHS) National Risk Management Center, said DHS has resorted to contacting the Republican and Democratic national committees to try to reach campaigns. And even then federal officials aren’t able to reach everyone.
Few campaigns reach out to DHS about cybersecurity issues, Kolasky told reporters on Tuesday, adding that candidates are more likely to contact the FBI or their national committees when they notice something has gone wrong.
He said that after the midterms he hopes lawmakers, officials and the political parties can figure out a better way to communicate when it comes to making sure campaigns have stronger protections against cyberattacks.
“Competitors work together on security, they don’t compete on security,” Kolasky said after an event at the Center for Strategic and International Studies (CSIS). “I’d like the department and campaigns to work together on security, work with the government, and not compete on security.”
Groups like the Belfer Center at Harvard University have offered guidance to campaigns on how to beef up their cybersecurity, while private firms have offered free resources to campaigns in recent months.
Microsoft provides free cybersecurity software to campaigns, as well as nonpartisan groups like think tanks, and other companies have offered similar resources at no cost.
John Gilligan, the CEO of the Center for Internet Security, said his group is starting to talk with campaigns about how they can offer support ahead of the 2020 elections.
Gilligan, speaking at the CSIS event, compared campaigns to “pick-up games.” A candidate will decide to run and quickly hire staffers to start the operation, he said, but those workers generally don’t include IT professionals or cybersecurity experts.
He said that after the midterms, his group will be among those “focused on seeing what we can do to help.”
“So we’re really starting an outreach effort now,” Gilligan said.
Still, the lack of institutionalized resources has been underscored in attacks on smaller campaigns, which generally lack the means or the know-how to tackle cyber threats.
Three Democratic candidates in California were victims of cyberattacks shortly before they lost their primaries, and all three attacks could have been prevented with basic security measures.
Jeanette Manfra, the chief cybersecurity official at DHS, said campaigns are more likely to push all of their resources toward getting their candidate elected, rather than focus funds on a relatively new area like cybersecurity.
“So how do you work to make sure that they have what they need from the security side?” she said after an event at the Carnegie Endowment for International Peace in Washington.
DHS and the FBI aren’t the only federal agencies charged with supporting elections. The Election Assistance Commission (EAC), created by the Help America Vote Act of 2002, also plays a role.
But for the time being, EAC’s hands are largely tied when it comes to finding a solution on campaign cybersecurity, according to Executive Direct Brian Newby. The commission has only two commissioners — one short of a quorum — meaning it can’t fully operate until at least one more member is confirmed by the Senate.
President Trump has tapped two nominees for the commission: Donald Palmer in July, and Brandon Halverson earlier this month. Both are awaiting action by the Senate Rules and Administration Committee.
Katie Boyd, a spokesperson for Committee Chairman Roy Blunt (R-Mo.), said the panel has no immediate plans to vote on the nominees. Newby said that if both nominees are approved by the Senate this year, the EAC will have four commissioners for the first time in roughly eight years.
“I think overall, the idea of what we can do to address campaign issues, other issues, I think will get a big boost when that occurs,” he said at Tuesday’s CSIS event.
But even if one of the nominees is confirmed, it’s unclear what role the agency would play in supporting campaign cybersecurity.
When campaigns fall victim to a cyberattack, they generally report it to their national party committee or organizations who in turn notify the FBI or other federal agencies.
A Republican National Committee (RNC) spokesperson told The Hill that the RNC has offered trainings on best security practices for staff and outside groups, and that it has hosted seminars and briefings to state party officials and campaigns on how to protect their systems from cyber threats.
The party also had DHS experts talk to the committee about cyber issues during the RNC’s annual meeting this summer.
At the DNC, chief security officer Bob Lord told The Hill that the committee has been having “low level” conversations with outside groups about how better to provide cybersecurity support to campaigns.
He said that after next week’s elections the DNC and other groups will figure out which areas they need to improve on and create a playbook for the 2020 elections. From there, he said, private and public groups are going to have to work together to come up with a solution to ensure campaigns are better protected from cyberattacks.
“There’s no one organization that’s going to be able to save the day,” Lord said.
Content retrieved from: https://thehill.com/policy/cybersecurity/414182-campaign-cybersecurity-poses-next-major-challenge-for-federal-election.
Team8 announces $85 million fund to build 8 cybersecurity startups
Chris O’Brien – October 23, 2018
Cybersecurity venture capital firm and startup studio Team8 announced it has raised $85 million from a coalition of major corporate partners to develop eight security startups over the next five years.
Those partners include Walmart, Airbus, Softbank, Moody’s, Dimension Data, Munich Re and Scotiabank. They join corporations that have already invested in Team8, including Microsoft’s venture arm M-12, Cisco Investments, and Nokia.
“The commitment from our new partners illustrates the significance of our work to galvanize digital transformation across all industries,” said Team8 CEO Nadav Zafrir in a statement. “The synergy and insight from leaders in retail, aerospace, insurance, financial services and technology combined with our unrivalled attacker perspective and data expertise at Team8 will enable companies to adopt new data-driven methods of working, ensuring they can retain their competitive advantage and thrive, in spite of cyber threats.”
Founded by former leaders of Israel’s military intelligence Unit 8200, Team8 has so far launched four companies and has another four operating in stealth mode. These portfolio companies are developing innovative approaches to cybersecurity. Team8 has now raised a total of $260 million and has 370 employees globally.
Team8 works by partnering with others to develop security companies that can solve problems arising from the rapid digitization of such large traditional businesses. In a press release, Team8 noted its partners were motivated to form a coalition after realizing many emerging security issues were beyond their capacity to address.
Following Team8’s company-building model, which is led by its own researchers and engineers, the collaborative effort will also include chief information officers and engineers from member organizations. Together, the group will decide how to develop companies around various cybersecurity isses and then back them with seed money.
“Walmart’s readiness to experiment with and adopt emerging technologies such as blockchain, VR and robotics is pivotal to continually improve our customer shopping experience, stay ahead of the curve and drive market share,” said Jerry Geisler, Walmart’s Chief Information Security Officer, in a statement. “Our digital transformation is underpinned by more connectivity than ever before. We’re joining Team8’s coalition because of their cybersecurity expertise, proven ability to integrate their viewpoints into leading technology solutions and unique access to insights from other sectors.”
Content retrieved from: https://venturebeat.com/2018/10/23/team8-announces-85-million-fund-to-build-8-cybersecurity-startups/.
IBM brings artificial intelligence to the heart of cybersecurity strategies
By Charlie Osborne – October 15, 2018
On Monday, the New York-based technology company unveiled the open platform, which IBM says “is the first security cloud platform built on open technologies, with AI at its core, to analyze federated security data across previously unconnected tools and environments.”
An analysis conducted by IBM suggests that cybersecurity teams in the enterprise use, on average, over 80 cybersecurity solutions provided by roughly 40 vendors.
This is a potential recipe for chaos and may reduce the overall effectiveness of security and defense.
IBM Security Connect makes use of both cloud technology and AI. Users of the platform will be able to apply machine learning and AI, including Watson for Cyber Security, to cybersecurity products to increase their effectiveness.
At launch, over a dozen security vendors and business partners have signed up.
“IBM Security Connect will help tackle some of the biggest security challenges today via open standards, which can help pave the way toward collaborative innovation,” the tech giant says. “As it is built on open standards, it can help companies build unique microservices, develop new security applications, integrate existing security solutions, and leverage data from open shared services.”
Artificial intelligence, which includes neural networking, machine learning, analytics, and the use of algorithms to complete tasks, allows machines to learn from experience.
In cybersecurity, the machine learning subset of AI has the most use — at least at this stage in AI development. While there is little use of ‘true’ cognitive AI, machine learning can provide a springboard from traditional, signature-based antivirus and cybersecurity solutions to a more extensive means of protection through data collection and analysis.
When machine learning systems are given a large enough data pool to digest and analyze, this can be used to help shrink attack surfaces through predictive analytics, the detection of what is likely to be suspicious behavior, and this, in turn, eases the burden on cybersecurity staff who often have to triage cybersecurity-related events on a daily basis.
AI and machine learning are not perfect and cannot be considered a silver bullet for cybersecurity defense. However, solutions and platforms which leverage these technologies can give the enterprise an additional way to defend themselves against cyberattacks which are constantly evolving and increasing in sophistication.
IBM appears to have recognized this opportunity in the cybersecurity market. Alongside the firm’s IBM Security Connect, the firm’s Security Operations Centers (SOCs) and Watson for Cyber Security are key elements of IBM’s move into the AI for cybersecurity market.
The firm’s SOCs are found in countries including the US, India, Japan, and Poland. The SOCs act as X-Force training hubs which offer training and cyberattack simulations, of which virtual environments are used to interact with real-life scenarios.
The centers process over one trillion security events every month to generate threat intelligence.
Big Blue’s Watson was integrated into a security offering last year. The supercomputer, which combines AI and data analytics, acts as a knowledge repository for cybersecurity professionals using IBM’s Cognitive Security Operations Center platform.
These services are not reserved purely for the enterprise; IBM also caters for government and federal agencies.
The ongoing effort to develop AI solutions for modern businesses is further achieved with the launch of IBM AI OpenScale, an enterprise platform for the creation and management of artificial intelligence applications.
In addition to IBM Security Connect, the company also announced a new addition to its Security Operations Center, a mobile unit called the IBM X-Force Command Cyber Tactical Operations Center (C-TOC).
The mobile unit will travel to companies in the US and Europe and offer training on incident response, defense strategies, and crisis leadership.
IBM has been pushing for the integration and further development of AI solutions in the enterprise and by taking up a vendor-agnostic stance in the AI realm especially when the need for cybersecurity solutions is great, the company is setting itself up as one of the major AI-security players not only in the present but potentially the future.
Content retrieved from: https://www.zdnet.com/article/why-artificial-intelligence-is-at-the-core-of-ibm-cybersecurity-strategies/.
Social Media: