Organizations should consider an open approach to security because it is more collaborative and integrated. This is one of the major points discussed in the “IBM Security ASEAN Summit held recently.” With companies operating in different locations because of the pandemic, corporate data are more vulnerable and the infrastructure is more vulnerable than before.
Security is already a major concern among organizations before the COVID-19 pandemic hit this year. But the need to have a resilient security posture has never more pronounced than when organizations decided to adopt work from home arrangements from employees.
“Security is the next frontier for open technology,” said Justin Youngblood, Vice President, IBM Securit. “While we are still at the nascent stage of our openness, open security is the key to transforming our industry.”
According to Youngblood who discussed “Threat Management: Modernize Security with an Open Platform,” 80% of workload these days remained on traditional IT and over 90% of organizations are concerned about cloud security.
The main concern on the traditional IT infrastructure is it was built with silos put together manually. The disconnection of different components makes it even more challenging for security engineers. This is on top of the management of different security tools that sometimes come from different security vendors. The data are unstructured and the skills gap remains a problem to “adequately protect enterprises.”
“Security must be integrated into every layer of organizations — technology, processes, and culture. “It must happen at times of transformation,” Youngblood said. “The goal is to build faster and more resilient technology that can both engage users and build digital trust.”
Today’s current enterprise IT environment is complex as organizations migrated their processes in the cloud. The cloud environment has also evolved and nearly every organization has a mix of public cloud, private cloud, SaaS application, and traditional IT infrastructure. This setup made it even harder to oversee and managed.
Youngblood stressed the need for the industry to “reimagine security” and find a different approach to improve security visibility and response to the growing threat landscape.
“We must embed security into and keep up with the pace of business transformation,” she said.
What IBM Security sees as the viable path forward “is to rebase security on the principles of open technology.” The open approach will allow organizations to integrate different silos.
“Open security offers a model for developing and collaborating with the upstream community to drive innovation,” Youngblood explained. “By sharing what we are doing across a community of defenders, we can dramatically improve security postures around the world.”
Youngblood shared the four dimensions of Open Security Techniques, which include Open Security Standards, Open Source Code, Intelligence and Analytics, and Best Practices.
IBM CloudPark for Securities
For its part, IBM introduced the IBM CloudPark for Securities, a platform to more quickly integrate existing and future security tools to generate deeper insights into threats, orchestrate actions and automate responses. It was built to enable organizations simplify and organize their security operations.
With IBM CloudPark, organizations will have the ability to gain complete insights with a unified console that provides analytics across IBM and third-party security tools, data and clouds. The solution will enable security teams to act faster with AI (artificial intelligence) and automation. It will pave the way for architecture modernization that would allow operations to run on open, multi-cloud platform that gives companies flexibility and extensibility.
“We built IBM CloudPak for Securities as an open platform because we believe that the future of security must be open to addressing the broken state of traditional security in our industry,” Youngblood said. “IBM CloudPak for Securities sits on a foundation of open standards and data connectors that can gather insights from any security tools across the repository.”
By adopting open source security, IBM hopes to help clients modernize their security programs end-to-end most especially now that business operations changed dramatically and corporate data travel from cloud to cloud. While some companies are still in its infancy in terms of security, other companies need guidance to mature their programs in order to manage the full life cycle of threats.