In advance of the RSA Conference next week at San Francisco’s Moscone Center, IBM issued a security check point intended to help provide more collaboration in the sharing of threat intelligence.
In partnership with Check Point Software, IBM Security announced an expanded alliance and a broad set of product integrations and increased investment across IBM’s consulting and managed security services.
Cybercrime has become a significant threat to businesses around the globe, and in fact is now one of the world’s largest illegal economies, accounting for US$445 billion in annual profits according to the United Nations.
The expanded partnership with Check Point and IBM Security is designed to address these threats and also provide today’s enterprise with a new level of confidence in detecting security risks and empowering customers with tools to try and prevent attacks before they happen.
The new alliance includes four main areas of collaboration:
- Shared threat intelligence. An open approach to collaborative defense in the security industry is needed to effectively protect against new and evolving threats. IBM X-Force and Check Point’s security research team will directly collaborate through the bi-directional sharing of threat identification and analysis using IBM X-Force® Exchange (XFE), IBM’s threat intelligence sharing platform.
- Integrated event management. Sharing capabilities across the security management platforms deployed by customers accelerates the company’s collective response to threat activity, and extends the value of security technology investments for clients. Check Point will be launching a new SmartConsole application in the IBM Security App Exchange for integration with the IBM Security QRadar® Intelligence Platform.
- Advanced mobile protection. Integration within IBM Maas360 enterprise mobility management (EMM) will allow customers to easily deploy and manage Check Point Mobile Threat Prevention to limit compromised devices from accessing enterprise networks and data, based on real-time insights.
- Managed security services. IBM Managed Security Services (MSS) will continue to deepen its expertise in delivering and managing Check Point solutions for IBM customers.
On the Check Point and IBM Security news, Caleb Barlow, IBM vice president of strategy, IBM Security, had this to say:
“The sharing of intelligence and expertise is how the security industry will take our defensive capabilities to the next level. Cybercriminals are not new to this concept of sharing and our industry needs to step up to the challenge. Having a partner the quality of Check Point validate this approach is a big win for our joint customers.”
The Threat Matrix: IBM’s X-Force Threat Intelligence Report
This past week, IBM also released its most recent X-Force Threat Intelligence Report, which included substantial evidence that organized crime groups stepped up their game in 2015 by focusing on higher-value records. This included health-related personally identifiable information (PII) and other types of sensitive data, and saw less emphasis on the emails, passwords, and credit card data that were the targets in years past.
The study also revealed that cybercrime is no longer primarily the domain of amateurs, and that, in fact, the more impactful cybercrime is without a doubt the domain of organized gangs.
And furthermore, the 2015 study revealed that news of security breaches are being reported more widely around the world. This is reflected in not only the volume of incidents reported publicly, but also new government regulations requiring disclosure, such as those the Netherlands has implemented. And, in fact, 2015 saw notable breaches far beyond the normal suspects, including in Canada, Australia, the U.K., France, Turkey, and Japan.
IBM @ RSA 2016: Tales from the Cybercrime Underground
The week of February 29, 2016, IBM will be a gold sponsor of the RSA Conference taking place in San Francisco, and will feature several IBM Security speakers among the RSA lineup:
- Roee Hay serves as the team lead for the X-Force Application Security Research Team at IBM, which focuses on discovering new vulnerabilities. Hay has published dozens of papers or advisories in the past, including several ones in Android. You can read Roee’s blog here and follow him on Twitter at @roeehay. His RSA session is entitled “Android Serialization Vulnerabilities Revisited.”
- Diana Kelley serves as an Executive Security Advisor with IBM, and is an internationally recognized information security expert, speaker, market analyst and writer. She has over 20 years of IT security experience. You can follow Diana on Twitter @dianakelley14 and her blog here. Her RSA session is entitled “Board Room Rodeo: How to Align the C-Suite and Make Better Security Decisions.”
- Mark Vincent Yason is a security researcher with IBM’s X-Force Advanced Research team, one whose current focus areas include browser-based vulnerability/exploit research, browser exploit kits research, and advanced malware research. You can read Mark’s blog and follow him on Twitter @MarkYason. His RSA session is entitled “Understanding the Attack Surface and Attack Resilience of EdgeHTML.”
To get started scanning your own apps for security vulnerabilities, check out this free trial of IBM Security AppScan.