IBM brings AI to the heart of cybersecurity strategies

On Monday, the New York-based technology company, IBM launched it’s IBM Security Connect, a new platform designed to bring vendors, developers, AI and data together to improve cyber incident response and abilities.

Background

International Business Machines Corporation (IBM) is an American multinational information technology company headquartered in Armonk, New York. With operations in over 170 countries, the company began in 1911 as the Computing-Tabulating-Recording Company and was renamed International Business Machines in 1924. IBM manufactures and markets computer, hardware, middleware and software and provides hosting and consulting services in areas ranging from mainframe computers to nanotechnology. It is also a major research organisation, holding a record for the most number of US patents generated by a business (as of 2018) for 25 consecutive years.

Artificial intelligence (AI) is unleashing a new approach for customer experience strategy, design and development. IBM’s move into AI for cybersecurity market has been backed by the firms' Security Operations Centre and Watson for Cyber Security. The firms SOC’s are found in countries like India, US, Japan and Poland. The Big Blue’s Watson was integrated into the security offering last year. The supercomputer, that combines AI and data analytics acts as a knowledge repository for cybersecurity professionals using IBM's Cognitive Security Operations Centre platform.

Analysis

IBM Security Connect is the first security cloud platform built on open federated technologies, with AI at its core, to analyse security data across previously unconnected tools and environments. By integrating security data from IBM security products with an ecosystem of security vendors, clients, and business partners, IBM Security Connect is designed to help improve efficiency and collaboration as teams defend against cybercrime.

An analysis conducted by IBM suggests that cybersecurity teams in the enterprise, on an average, use over 80 cybersecurity solutions provided by roughly 40 vendors. This is a potential recipe for chaos and may reduce the overall effectiveness of security and defence. IBM Security Connect makes use of both cloud technology and AI. Users of the platform will be able to apply machine learning and AI, including Watson for Cyber Security, to cybersecurity products to increase their effectiveness.

When machine learning systems are given a large enough data pool to digest and analyse, this can be used to help shrink attack surfaces through predictive analytics, the detection of what is likely to be suspicious behaviour, and this, in turn, eases the burden on cybersecurity staff who often have to triage cybersecurity-related events on a daily basis.

With the well-documented skills challenge that the security industry is facing, IBM Security Connect will also feature digitised expertise from IBM's 4,000+ global security practitioners to provide best practices and guidance on how to implement security and risk management strategies.

The pre-integrated apps allow users to create easy-to-use common workflows across multiple applications, so teams can focus on solving security issues instead of struggling to integrate dozens of security products. In addition, IBM Security has dedicated 50 developers towards the development of the community, where security practitioners can collaborate and share integrations.

The ongoing effort to develop AI solutions for modern businesses is further achieved with the launch of IBM AI OpenScale, an enterprise platform for the creation and management of artificial intelligence applications.

In addition to IBM Security Connect, the company also announced a new addition to its Security Operations Centre, a mobile unit called the IBM X-Force Command Cyber Tactical Operations Centre (C-TOC). The mobile unit will travel to companies in the US and Europe and offer training on incident response, defence strategies, and crisis leadership.

Assessment

Our assessment is that AI gathers insights and uses reasoning to identify the relationship between threats, such as malicious files, suspicious IP addresses or insiders. This analysis takes close to seconds or minutes - allowing analysts to respond to the threats and sort large volumes of data up to 60 times faster. We also feel that AI eliminates time-consuming research tasks and provides curated analysis of risks thereby reducing the amount of time security analysts take to make critical decisions and launch an orchestrated response to remediate the threat.

We understand that IBM’s AI-enabled digital experience solution fused with the cyber-security holds a lot of promise by achieving an 85% success rate at detecting threats. They have been pushing towards the integration and development of AI solutions in their enterprise by taking up a vendor-agnostic stance in the AI realm. The company is setting itself as one of the major AI-security players not only in the present but potentially even in the future.

Read more:

• AI : threat to computer security
• The race for AI