A whole new approach to security

Share this post:

How to take risks without fear and thrive in the face of cyber uncertainty? It’s not just a question of another security tool. What we need is a new, resilient mindset and a more unified approach. Valuable lessons were learned at the IBM Security Summit Belgium 2019.

Technology is changing our lives. We buy houses online, work in the cloud while flying and stream a video anytime. “These are just some examples of how we live at the speed and scale of cloud,” says Kevin Skapinetz, VP Strategy & Design of IBM Security. “Technology is accelerating fast, and that demands new security rules.” The effectiveness of ‘old school’ security is wearing off. There are too many security tools, data volumes are growing fast, and organizations suffer serious skills gaps.

At the same time attacks and vulnerabilities are growing out of control. Skapinetz: “We need a more automated, orchestrated, cooperative approach. Compare a Formula-1 pit-stop in the eighties: slow, manual, every mechanic doing his own thing. Yet how fast and efficiently it’s done now.”

How is complexity impacting your security strategy? Read the 2019 Forrester Study ‘Complexity in Cybersecurity’.

Culture, controls, chaos

There are three focus points to the new security approach. First there’s culture. Skapinetz: “We must consider security from a business viewpoint and speak the business language. Everyone must understand the risks and what needs to be done. Active board involvement is also important, losing the do-it-yourself mentality ‒ we must be more open to outside help.” Second are the controls, says Skapinetz. “Building more gates doesn’t work; people find a way around them. It’s better to use guard rails, keeping them where they need to be. These controls need to be modernized to the cloud.” Finally, there’s the challenge of dealing with chaos.

“Security today is fragmented and disconnected. We apply controls separately, with separate tools. We should move instead to an integrated security model combining private and public clouds, while analyzing and controlling the data on the devices where it resides.” This November IBM is introducing a new security platform to help control the chaos.

How well are you detecting advanced threats? Compare yourself to 340+ security practitioners in this report from the SANS Institute ‘Effectively Addressing Advanced Threats’. 

Cyber resilience journey

It’s not just the fast and ever-changing technology that’s impacting security. The fact is that security breaches are now inevitable, and every organization needs to become cyber resilient: prepare for and mitigate attack risks. A leading Belgian global financial institution has taken an integrated security approach on its journey to cyber resilience. It offers extensive services for crisis and incident management, threat intelligence, resilience and readiness testing, and training and awareness at a group level. The services are constantly reshaped to match internal needs and external threats.

A crisis is never wasted; with new regulations or external challenges, the service offering is strengthened and extra internal awareness is created.

Get more insights and guidance for improving cyber resilience: view the 2019 Ponemon Institute Study on the Cyber Resilient Organization.

Virtual incident response team

One of the steps the institution has taken is creating a group-wide virtual incident response team. All local cyber security teams are connected through one tool, IBM Resilient. It supports the worldwide organization’s cyber security incident process, critical vulnerability management and crisis management. Automated runbooks help deal with security incidents, coordinating tasks dynamically. In an emergency, a ‘break the glass’ button automatically involves more teams and triggers crisis management tasks and notifications. However effective a company’s security tools may be, practice is also needed to ensure everyone knows what to do in a crisis.

For example, that’s why the financial institution brought together its business and IT management in IBM’s X-Force Command Cyber Tactical Operations Center for training. The experience made them aware of what it means to be under attack, realizing how important a cooperative and coordinated response is ‒ throughout the entire organization.

Is your organization mature enough for SOAR?  Read the new Gartner report.

Quantum threat

It’s not just today’s security challenges we face. With imminent new technologies like quantum computing, we also need to prepare for the future. Quantum computers might decrypt public key cryptography in a matter of years, says Michael Osborne, Manager Security and Privacy Group of IBM Research Zurich. “We can only estimate when, but by 2030 quantum computing is likely to pose a threat.” Codes that algorithms would take millions of years to crack on current computers will be decrypted in hours with quantum technology. “In 15 years, we may no longer be able to trust that digital signatures haven’t been manipulated. Or we may not be able to guarantee the confidentiality of data long-term.”

Learn more about the pending impact of quantum security on cybersecurity: view this webinar.

Prepare now

Organizations need to migrate sensitive data and systems to quantum-safe cryptography and ensure cryptographic agility. “They need to know where and how they use crypto, and how to identify and solve issues quickly,” explains Osborne. IBM is part of a consortium developing post-quantum standards, as called for by NIST (the National Institute of Standards and Technology). NIST expects to publish standards for quantum-safe security technology by 2024. Meanwhile organizations should not sit and wait for what’s coming but act now.

Osborne: “First they should baseline the risks: how will quantum technology impact them over time? IBM can help in assessing quantum security risks. Secondly, they must monitor changes. For example, how are quantum computing algorithms improving? Third, they need to plan the migration to quantum-safe security. There’s no better time for this than when moving applications to the cloud.”

Learn more about the new rules of security and how to apply them.

Contact victor.szymanski@ibm.com to receive the IBM Security Summit Belgium 2019 presentations.