Today's leaders face multiple challenges, including the need to innovate in extremely competitive conditions, address dynamic regulatory and compliance challenges, speed returns on investments to counter shrinking IT budgets, and secure the enterprise against a barrage of new and evolving sophisticated threats. However, unlike other business challenges, organisations often take a technology-driven approach to securing their infrastructure, when a risk-based, business-driven approach is more effective.
The IBM business-driven approach to enterprise security helps you to address risk and reduce cost and complexity. This approach:
- Helps to identify gaps in your existing capabilities across the people, processes, applications, data, technology and physical facilities across your organisation
- Helps you prioritise security initiatives and investments for optimal return
- Simplifies and speeds the planning and execution of an enterprise-wide security program
- Provides repeatable, measurable planning processes, a roadmap and solutions to help you manage security in a way that supports competitiveness and growth
- Helps you reach a desired security posture that meets business and regulatory requirements
- Helps you leverage smart security solutions to lower overall costs
IBM is the only security vendor in the market today with end-to-end coverage across all risk areas to help you create an intelligent infrastructure that drives down costs, is secure, and is just as dynamic as today's business climate.
IBM X-Force® 2011 Mid-year Trend and Risk Report
An explosion of breaches has opened 2011 with continuing, near daily new reports, marking this year as “The Year of the Security Breach.” These breaches have been notable not just for their frequency, but for the presumed operational competency of many of the victims. The environment is changing: the boundaries of business infrastructure are being extended – and sometimes obliterated – by the emergence of cloud, mobility, social business, big data and more, while the attacks are getting more and more sophisticated, often showing evidence of extensive pre-operation intelligence collection and careful, patient, long term planning. The repercussions of these attacks are large enough to move security discussions out of technical circles and into the board room.
Paradoxically, a lot of improvement in the fight to secure the Internet has been shown so far this year…with many vulnerability and attack statistics significantly improving. So the good guys are winning some key battles, but the fight is far from over. The bad guys are simply moving on to new attack surfaces, and one of those new battlefields is smartphones. The rapid proliferation of these devices combined with a consolidation of operating systems has caused attackers to finally warm up to the opportunities these devices represent. As such, IBM X-Force research is predicting that exploits targeting vulnerabilities that affect Mobile operating systems will more than double from 2010.
In this new, more complex environment, compliance is simply not enough. Read the report to find out what the IBM X-Force Research and Development team would do if we were managing your network.
And also…the SQL slammer worm all but disappeared in March. Is this a good thing? IBM X-Force Research has determined that the possible cause of the SQL Slammer disappearance was a Black Knight creating a botnet. Read about it in the full report.
Latest Threat Insight Quarterly Report
This edition of the X-Force Threat Insight Report Quarterly delivers a new insightful article on "Stopping the Lulz of PII Theft," or how an enterprise can go about stopping the near daily breaches we're seeing in 2011. It also delivers a great article on the history of smartphones and the mobile computing revolution as related to enterprise security risks. And last, as always, an exhaustive list of Q2 threats, vulnerabilities, and security events are categorised and discussed.
Latest Threat Insight podcast
This edition of the X-Force Threat Insight Quarterly podcast contains two discussions with the authors of the articles featured in our Q1 2010 report. The first interview is with Peter Trinh who discusses how the gaming industry has become a favorable target for hackers. In the second interview, Lyndon Sutherland revisits fraud scams and dissects an employment scam that has been in operation since 2005.
Neil Readshaw
Senior Security Architect
Neil Readshaw is an Information Security Solution Architect. He works with customers and business partners to architect solutions that consider Tivoli Security products and how they integrate into a broader IBM and heterogeneous ecosystem. He works across all industries and geographies, and he has particular interest in emerging technologies such as security in cloud and electronic healthcare environments.
Neil's blog
Information, news and perspectives on IBM security products, solutions and research, and how they are positioned in the context of the information security industry at large.*
Other ways to connect with Neil
Neil also recommends:
- Tivoli Technical Library on IBM developerWorks
- Tivoli Security home page (US)
- Tivoli Redbooks
- IBM Security Community
*Postings on non-IBM sites are independent of IBM and do not necessarily represent IBM's positions, strategies or opinions.
We're here to help
Easy ways to get the answers you need.
Or call us at:
1800 557 343
Mon - Fri,
8:30 a.m. - 5:00 p.m. AEST
Web code: 109HJ03W
Your IBM Expert
Neil Readshaw is an Information Security Solution Architect for IBM Tivoli Software. Neil welcomes your feedback.
Managing Identities and Access in the Cloud
Continuous Compliance through Identity and Access Management
Whitepaper: Network and Endpoint Overview
Proactive response to today’s advanced persistent threats