23
Mon, Dec
1 New Articles

IBM Extends Security Reach to Protect Critical Infrastructure

New Products, Agreements and Trends
Typography
  • Smaller Small Medium Big Bigger
  • Default Helvetica Segoe Georgia Times

IBM is introducing new software, systems, and services to help global organizations securely adopt new forms of technology like cloud computing.


IBM detailed new IBM security solutions last week at the RSA Conference including research initiatives, partnerships, and client results aimed at meeting the rising demand by businesses and governments worldwide to secure digital and physical infrastructures.

Critical infrastructures operated by government, energy, health, banking, transportation and other industries are rapidly transforming into more intelligent systems. As a result, their failure can have catastrophic consequences for our society, economy, and environment, according to IBM. Recent studies from the IBM X-Force research and development team indicate that the threat landscape continues to evolve rapidly and modern-day attackers take ever more sophisticated approaches in their assault on business and governments. Today, IBM, public and private sector partners are intensifying efforts to combat these threats and safeguard citizens.

"Businesses and governments around the world are making bold investments in new technologies and processes that make them more efficient, agile and competitive," said Al Zollar, general manager, Tivoli Software, IBM. "These investments enable new possibilities, but they also create new complexities and beget new risks to critical infrastructure, privacy and identity. With today's announcements, we demonstrate our ability to partner and innovate to overcome existing and emerging threats."

Security by Design

New computing paradigms and business models fundamentally require businesses to rethink how they deal with compliance, risk management, and data protection. Central to IBM's approach to addressing clients' security challenges is a shift in focus from securing assets to securing critical services.

With integrated service management-tools that provide can provide a "command center" view into a client's operations and potential areas of risk, IBM can help its clients design security into the fabric of the services they deliver, making security intrinsic to their business processes, product development, and daily operations.

The announcements, based on IBM's experience with hundreds of global clients and businesses, are designed to further expand on the vision that security, by design, is an enabler of innovative change. IBM is introducing new software, systems, and services to help global organizations securely adopt new forms of technology like cloud computing and new business models like telework, while addressing emerging compliance constructs.

New IBM Security Solutions include:

  • IBM Secure Web Gateway Service 2.0--IBM X-Force research indicates a dramatic rise in the number and complexity of Web application attacks. This new service enables greater protection against Web-based threats and enforcement of corporate IT policies while lowering overall management costs.
  • IBM Managed Firewall Service and IBM Unified Threat Management Service--this new bundled offering allows clients to use select Check Point firewall and unified threat management devices while receiving IBM Managed Security Services for those devices for a monthly fee. This provides clients increased levels of protection without the burden of upfront capital expenditures for the devices.
  • IBM Security Information and Event Manager 2.0--this updated software helps to reduce costs by automating enterprise log management and central management, reduce insider threats and protect integrity by monitoring and auditing privileged user activities, and facilitate compliance efforts and streamline management with compliance management modules.
  • IBM Security Content Analysis Software Development Kit (SDK)--rapid growth of the Internet and the constant onslaught of spam requires advanced filtering technology that is expensive to develop and maintain. This new SDK provides developers with up-to-date filter database and accurate analysis--along with an easy-to-implement application programming interface (API).
  • IBM AppScan Source Edition--as organizations continue to develop and design products and services that are increasingly interconnected, they are also placing increased emphasis on securing the software that powers these products and services. This new edition of IBM Rational AppScan Source Edition AppScan can scan software source code and identify potential security and compliance vulnerabilities during the earliest stages of software development, when they are less expensive to correct.
  • IBM Lotus Protector for Mail Encryption--for secure collaboration and communication, IBM is announcing a new software product called IBM Lotus Protector for Mail Encryption. Available in April, it extends IBM's flagship messaging software, offering Lotus Notes' native e-mail encryption feature to include any address accessible on the Internet--irrespective of e-mail system or client used by the recipient.  IBM Protector for Mail Encryption addresses the Internet encryption challenge, in a simple and integrated way, unlike third-party "bolt-on" products that have historically been complex and expensive to deploy.
  • IBM Security Privileged Identity Management and Compliance Solution--rising trend from attackers to use privileged user identities to gain access to core systems, increasing compliance mandates and high administrative costs all add to the difficulty of managing users and identities and blocking against internal and external threats.  This combined solution provides threat prevention, identity management and meeting compliance needs through file integrity monitoring, separation of duties, role hierarchy, and intrusion prevention.
  • IBM z/OS V1.12--With the latest release of z/OS, IBM helps clients promote improved operations, availability, manageability, and security through self-learning, self-managing, and self-optimization capabilities. z/OS security functions, such as data encryption, encryption key management, digital certificates, password synchronization, and centralized authentication and auditing, can be deployed as part of enterprise-wide security solutions and can help mitigate risk and reduce compliance costs.

Institute for Advanced Security

Last February, IBM, the Security and Defence Agenda (SDA) and a coalition of international think tanks hosted almost 4,000 global experts from government, industry, academia, non-government organizations (NGOs) in a virtual dialogue on the world's greatest security challenges. Cybersecurity was identified as a significant potential threat to international peace and stability, and a number of experts called for the creation of a cybersecurity agency to increase public and private sector collaboration and educate global leaders on cyber issues.

In order to address such concerns, the company is launching the IBM Institute for Advanced Security to help clients, academics, partners and other businesses more easily understand, address and mitigate the issues associated with securing cyberspace. The Institute will collaborate with public and private sector officials in Washington, D.C., and provide access to a wide range of resources to help the government more efficiently and effectively secure and protect critical information threatened by increasingly malicious and costly cyber threats.

As part of this effort, IBM is bringing to bear expertise from its Software, Services, Systems and Research arms to help governments and businesses around the world safeguard themselves from new and existing threats. For instance, the U.S. Air Force recently selected IBM to design and demonstrate a highly secure cloud computing infrastructure that can support defense and intelligence networks.  

The IBM Institute for Advanced Security will provide a collaborative setting for public and private sector officials to tap IBM's vast security expertise so they can more efficiently and effectively secure and protect critical systems and information threatened by increasingly malicious and costly cyber threats.  IBM's approach will help public and private organizations avoid the trend of adding security on after the fact by providing them the education, expertise and resources  to design security into the foundation of their infrastructures.  

"There is no lack of security products and services available today, but adding security after a system is developed or implemented seldom works.  Moreover, today's rapidly-evolving threats make such "bolt-on" approaches even less effective at a time when clients are wary of not realizing a return from their security investments," said Charles Palmer, director of the Institute for Advanced Security and chief technologist of Cybersecurity and Privacy for IBM Research. "IBM will engage with government clients and other constituents to help them comprehensively understand how to develop and integrate effective security protections into the fabric of their critical systems and services."

A podcast with Al Zollar on the Decade of Smart Security--the focus of his RSA keynote presentation--is available at: https://365.rsaconference.com/blogs/podcast-series-rsa-conference-2010/tags/key_305  

Further information about the software, services and initiatives announced today is available at http://www-03.ibm.com/security/.

BLOG COMMENTS POWERED BY DISQUS

LATEST COMMENTS

Support MC Press Online

$

Book Reviews

Resource Center

  • SB Profound WC 5536 Have you been wondering about Node.js? Our free Node.js Webinar Series takes you from total beginner to creating a fully-functional IBM i Node.js business application. You can find Part 1 here. In Part 2 of our free Node.js Webinar Series, Brian May teaches you the different tooling options available for writing code, debugging, and using Git for version control. Brian will briefly discuss the different tools available, and demonstrate his preferred setup for Node development on IBM i or any platform. Attend this webinar to learn:

  • SB Profound WP 5539More than ever, there is a demand for IT to deliver innovation. Your IBM i has been an essential part of your business operations for years. However, your organization may struggle to maintain the current system and implement new projects. The thousands of customers we've worked with and surveyed state that expectations regarding the digital footprint and vision of the company are not aligned with the current IT environment.

  • SB HelpSystems ROBOT Generic IBM announced the E1080 servers using the latest Power10 processor in September 2021. The most powerful processor from IBM to date, Power10 is designed to handle the demands of doing business in today’s high-tech atmosphere, including running cloud applications, supporting big data, and managing AI workloads. But what does Power10 mean for your data center? In this recorded webinar, IBMers Dan Sundt and Dylan Boday join IBM Power Champion Tom Huntington for a discussion on why Power10 technology is the right strategic investment if you run IBM i, AIX, or Linux. In this action-packed hour, Tom will share trends from the IBM i and AIX user communities while Dan and Dylan dive into the tech specs for key hardware, including:

  • Magic MarkTRY the one package that solves all your document design and printing challenges on all your platforms. Produce bar code labels, electronic forms, ad hoc reports, and RFID tags – without programming! MarkMagic is the only document design and print solution that combines report writing, WYSIWYG label and forms design, and conditional printing in one integrated product. Make sure your data survives when catastrophe hits. Request your trial now!  Request Now.

  • SB HelpSystems ROBOT GenericForms of ransomware has been around for over 30 years, and with more and more organizations suffering attacks each year, it continues to endure. What has made ransomware such a durable threat and what is the best way to combat it? In order to prevent ransomware, organizations must first understand how it works.

  • SB HelpSystems ROBOT GenericIT security is a top priority for businesses around the world, but most IBM i pros don’t know where to begin—and most cybersecurity experts don’t know IBM i. In this session, Robin Tatam explores the business impact of lax IBM i security, the top vulnerabilities putting IBM i at risk, and the steps you can take to protect your organization. If you’re looking to avoid unexpected downtime or corrupted data, you don’t want to miss this session.

  • SB HelpSystems ROBOT GenericCan you trust all of your users all of the time? A typical end user receives 16 malicious emails each month, but only 17 percent of these phishing campaigns are reported to IT. Once an attack is underway, most organizations won’t discover the breach until six months later. A staggering amount of damage can occur in that time. Despite these risks, 93 percent of organizations are leaving their IBM i systems vulnerable to cybercrime. In this on-demand webinar, IBM i security experts Robin Tatam and Sandi Moore will reveal:

  • FORTRA Disaster protection is vital to every business. Yet, it often consists of patched together procedures that are prone to error. From automatic backups to data encryption to media management, Robot automates the routine (yet often complex) tasks of iSeries backup and recovery, saving you time and money and making the process safer and more reliable. Automate your backups with the Robot Backup and Recovery Solution. Key features include:

  • FORTRAManaging messages on your IBM i can be more than a full-time job if you have to do it manually. Messages need a response and resources must be monitored—often over multiple systems and across platforms. How can you be sure you won’t miss important system events? Automate your message center with the Robot Message Management Solution. Key features include:

  • FORTRAThe thought of printing, distributing, and storing iSeries reports manually may reduce you to tears. Paper and labor costs associated with report generation can spiral out of control. Mountains of paper threaten to swamp your files. Robot automates report bursting, distribution, bundling, and archiving, and offers secure, selective online report viewing. Manage your reports with the Robot Report Management Solution. Key features include:

  • FORTRAFor over 30 years, Robot has been a leader in systems management for IBM i. With batch job creation and scheduling at its core, the Robot Job Scheduling Solution reduces the opportunity for human error and helps you maintain service levels, automating even the biggest, most complex runbooks. Manage your job schedule with the Robot Job Scheduling Solution. Key features include:

  • LANSA Business users want new applications now. Market and regulatory pressures require faster application updates and delivery into production. Your IBM i developers may be approaching retirement, and you see no sure way to fill their positions with experienced developers. In addition, you may be caught between maintaining your existing applications and the uncertainty of moving to something new.

  • LANSAWhen it comes to creating your business applications, there are hundreds of coding platforms and programming languages to choose from. These options range from very complex traditional programming languages to Low-Code platforms where sometimes no traditional coding experience is needed. Download our whitepaper, The Power of Writing Code in a Low-Code Solution, and:

  • LANSASupply Chain is becoming increasingly complex and unpredictable. From raw materials for manufacturing to food supply chains, the journey from source to production to delivery to consumers is marred with inefficiencies, manual processes, shortages, recalls, counterfeits, and scandals. In this webinar, we discuss how:

  • The MC Resource Centers bring you the widest selection of white papers, trial software, and on-demand webcasts for you to choose from. >> Review the list of White Papers, Trial Software or On-Demand Webcast at the MC Press Resource Center. >> Add the items to yru Cart and complet he checkout process and submit

  • Profound Logic Have you been wondering about Node.js? Our free Node.js Webinar Series takes you from total beginner to creating a fully-functional IBM i Node.js business application.

  • SB Profound WC 5536Join us for this hour-long webcast that will explore:

  • Fortra IT managers hoping to find new IBM i talent are discovering that the pool of experienced RPG programmers and operators or administrators with intimate knowledge of the operating system and the applications that run on it is small. This begs the question: How will you manage the platform that supports such a big part of your business? This guide offers strategies and software suggestions to help you plan IT staffing and resources and smooth the transition after your AS/400 talent retires. Read on to learn: