The world is becoming more digitised and interconnected, and IBM feels that this is opening the door to emerging threats and leaks.
This observation came the way of IBM A/NZ security systems division business unit executive, Jason Burn, during a showcase of IBM’s Australian Development Laboratory (ADL) on the Gold Coast.
Burn framed IBM’s security strategy and portfolio behind an age of big data, as well as an explosion of data overall.
“The explosion of digital information has arrived and is facilitated by the pervasiveness of applications accessed from everywhere,” he said.
Burn added that for IBM, security and business intelligence offer insightful parallels, as the vendor is committed to delivering security intelligence, integration and expertise across “a comprehensive framework.”
Globally, IBM is keeping an eye on the 14 billion Web pages and images that are analysed and 40 million spam and phishing attacks that take place, not to mention the billions of intrusion attempts daily and the millions of unique malware samples.
“What IBM has is global coverage and security awareness,” he said.
“When it comes to security intelligence, we have a comprehensive portfolio across security domains.”
Burn adds that in addition to increasing security while at the same time reducing complexity, IBM is striving towards an integrated approach when it comes to security intelligence, research and protection.
While the IBM security systems division was formed this year, ADL has a long and successful history on the Gold Coast.
IBM security systems solutions team development manager, Chris Hockings, provided an insight into the IBM facility, which is one of several in Australia and Asia-Pacific.
According to Hockings, the Gold Coast branch did not originally start out as an IBM business but as an unrelated IT company called DASCOM in 1996.
The business’ Gold Coast location meant that it had strong links to Queensland universities, and thus it was likely to hire top graduates.
DASCOM was acquisition by IBM in 1999, and since then it has grown to over 90 technical staff.
“We do design, development, test, project management, documentation, and support,” Hockings said.
“Our location also means that we are close to our Asia Pacific customers.”
The IBM security systems lab on the Gold Coast is mainly focused on product development, integration, and component development.
“We are defining a new approach to security adoption and development,” he said.
When it comes to the Cloud, IBM feels that it can be made secure for business.
Cloud security worldwide chief architect, Neil Readshaw, admitted that security concerns surrounding Cloud computing have become the “most widely talked about inhibitor” of mainstream adoption, though added that this was the case with “most new technology paradigms.”
“To gain the trust of organisations, Cloud services must deliver security and privacy expectations that meet or exceed what is available in traditional IT environments,” he said.
“This is no different to how transformational technologies of the past overcame concerns, such as PCs, outsourcing and the Internet.”
Readshaw went on to say that the IBM approach is to “align security with each place of a client’s Cloud project or initiative,” and to that end, is working with clients in the dual role of “trusted security advisor” and Cloud security services provider.
“IBM’s point of view is that Cloud can be made secure for business,” he said.
“We also recognise that there are a variety of ways that clients want to start with Cloud, each requiring different security capabilities.”
What is keeping IBM’s customers up at night? According to IBM advanced threat protection engineering manager, Paul Ashley, it is targeted attacks that shake business and governments.
“In addition to advanced threats and the sophistication of cyber threats, attackers and motives are rapidly escalating,” he said.
Aware of these issues, IBM has been investing significantly into providing advanced threat protection.
“Our strategy is to protect our customers with advanced threat protection at the network layer by strengthening and integrating network security, analytics and threat intelligence capabilities,” Ashley said.
IBM’s advanced threat protection platform is positioned as an evolution of the company’s intrusion prevention system so that it can become a threat protection platform, while the Q-Radar security intelligence platform aims to build tighter integration between network security products.
“X-Force threat intelligence is our investment in threat intelligence feeds and feedback loops for our products,” Ashley said.
IBM is also heavily involved in mobile security, and the company itself supports BYOD for employees.
According to ADL product architect, Shane Weeden, it is because IBM acknowledges that work is no longer a “place you go to” and has a potential to drive productivity.
“Mobile security is multi-faceted, driven by customers’ operational priorities,” he said.
IBM also has Lotus Traveller, which is an application that allows mobile access to email, calendar and contacts.
“Thirty per cent of employees worldwide are enabled on Lotus Traveller, and 20 per cent are active,” Weeden said.
There is also the Whirlwind internal app store with about 500 apps that have clocked up more than 40,000 downloads, as well as MyMobileHub, a VPN’d Cloud-based file storage.
“Security and safeguarding data is paramount, and IBM has a very conservative approach to this,” Weeden said.
“We are constantly evaluating devices, operating systems and applications for suitability.”
IBM is now also providing security for API-enabled businesses, with Weeden saying that they are driven by mobile applications and the ability to rapidly federate with new partners to quickly solve new scenarios.
“We went from an age of no IT, to internal IT, then Web 1.0, before ending up on businesses being run via APIs,” he said.