"Security grew up in data centre, placing a perimeter of protection around the important assets. As cloud adoption grew, the perimeter has disappeared. And organisations have deployed point security tools, some for their on-premise defences, others for their cloud forms and for their SaaS applications leading to an extremely fragmented security landscape, one that is vulnerable to attacks and breaches," he noted. SaaS stands for software-as-a-service, delivered through the cloud.
His conclusion: "Organisations have too many security tools, too much data without insights, and not enough people with skills to adequately to protect their enterprises."
The solution, Youngblood said, is to reimagine security so that visibility is improved, responses to threats can be made more quickly, and security as a whole keeps up with business transformation, via following proven open technology principles.
"When we apply an open approach, we can start bringing different security silos together, we can innovate more rapidly as an industry and source ideas from the community rather than individual vendors. And we can simplify security and deliver better security outcomes faster," he said.
"When we take an open approach, the entire community stands in the game. With open security, you are no longer forced to rely on a single vendor, or just your own developers and security experts. You have an entire community lineup for the support of a particular standard and (to) deliver open source codes and technologies," he elaborated.
Today, Youngblood shared that open projects from the community such as the Open Cybersecurity Alliance (OCA) are backed by multiple leading vendors and have created a proper governance structure for the development of open standards and open source code that can be use by vendors and customers alike. IBM is a founding member of the OCA, which counts 26 vendors and partners among its members.
"IBM is committed to open technologies and we are innovating with an open approach because we see the benefit to help our clients and transform the industry," he said. For the industry to move forward, Youngblood highlighted four dimensions for open security techniques:
• Open security standards
Open security standards help to facilitate interoperability of security tools, driving integration across products.
• Open source code
Open source code can quickly fill gaps such as bugs and a lack of application programming interfaces (APIs) in commercial products, accelerate innovation with and contribute to creating new capabilities.
• Intelligence and analytics
Information, especially threat intelligence and analytics, should be shared so everyone can quickly respond to threats with the most appropriate remediating actions.
• Best practices
Sharing best practices can bring synergy to industry collaboration.
 |
| Youngblood explains more about the four dimensions around open security techniques. |
IBM is contributing to the open security movement in several different ways. Besides being part of the OCA, IBM also released IBM CloudPak for Securities, which delivers on the company's vision for a open, modern, security platform that works across hybrid multicloud environments.
Youngblood said: "We built IBM CloudPak for Securities as an open platform because we believe that the future of security must be open to address the broken state of traditional security in our industry. IBM CloudPak for Securities sit on a foundation of open standards, and data connectors that can gather insights from any security tools across repository. We are committed to open-source initiatives to enable data connectors because we believe they can prove how security tools are being developed and consumed."
IBM also offers expertise in services to help client modernise their security programmes end-to-end. "We work with thousands of organisations around the world providing strategic advice and technical leadership to help them mature their security programme and better protect critical assets, managing the full lifecycle of threats, and doing so with the industry's most open and modern platforms and technologies," Youngblood added.
No comments:
Post a Comment