Monthly Archives: December 2015

One trend for 2016 will be Security as a Service (SECaaS)

31 Thursday Dec 2015

Posted by in Uncategorized

Leave a comment

Tags

This morning’s disruption to the digital services from the BBC highlighted the significant increase recently in network attacks. I foresee 2016 to have an increased need for security service providers for outsourcing of security for those who need extra assistance in case of DDoS or other serious encounters.  Call it Return of the Outsourcing Responsibility, for those in a Star Wars frame of mind…

This InfoSecurity article makes a relevant point in that companies need to understand that while they can outsource responsibility for security they cannot outsource accountability.  This is why I have also recently written several pieces on cyber insurance and the growing interest to find ways to mitigate the financial impact of cyber risk.

You can listen to my podcast on cyber insurance with IBM and SwissRe   here, or read the guest blog post on The State of Security blog here.

The evolution of Security as a Service (SECaaS) will be determined by how fast consulting companies can get staffed with quality security specialists.  In my opinion, that will be difficult and will be on par with the gold rush era of getting SAP R/3 specialists on board in the 1990s.

 

Advertisement

2016 resolution – do more with less

26 Saturday Dec 2015

Posted by in Uncategorized

Leave a comment

Tags

, , ,

I was watching CNBC this morning, looking at a previous show on the sharing economy in Asia. And I was struck by one commonality among the entrepreneurs they were interviewing. The assets they were leveraging were high end, but easily accessible. Large pieces of luggage, designer dresses – – all had value, but were not so scarce that the entrepreneur could not retire or replace the asset if it was damaged.

Later I was reading an article from the MIT Sloan Management Review from March this year, entitled Competing With Ordinary Resources and there was one paragraph towards the end that was very relevant to this issue: “By eroding established barriers to imitation, ordinary resource-based business models may disrupt the business landscape. In a whole array of industries (retail, manufacturing, banking, automobile, hospitality, higher education, etc.), enabling the power of strategic resources requires mundane assets, and leveraging massive amounts of ordinary resources through platforms and ecosystems could be as profitable as securing unique possessions and talents.”

Rooms in existing houses, somebody’s car, vacation homes that are empty – there are lots of common items with reasonable value propositions where they can be repurposed for more than one consumer. In this period leading to the New Year, many try to make resolutions for 2016.   For enterprises, I might suggest the following: Try to create and/or develop new solutions by leveraging low-cost technologies and largely available firm assets. In this period of austerity, doing more with less will be the strategy to achieve medium and longer term growth.

IBM expands its ecosystem by opening APIs for QRadar

08 Tuesday Dec 2015

Posted by in Uncategorized

Leave a comment

Tags

, , , ,

IBM today (8 December 2015) made some interesting information security announcements. The first was that IBM is opening the APIs of its IBM Security QRadar to allow developers to build custom apps utilizing the platform’s advanced security intelligence capabilities. The second announcement is that IBM has created a marketplace community called IBM Security App Exchange to engage developers to create and share apps based on the company’s security technologies.

The rationale behind IBM opening up the APIs for QRadar is to extend the ecosystem to encourage and engage developers and partners to further utilize the capabilities of its advanced security platform and take it deeper into the enterprise. In the newly built community, IBM and partners including Bit9 + Carbon Black, BrightPoint Security, Exabeam and Resilient Systems already have populated this exchange with dozens of customized apps that extend IBM Security QRadar security analytics in areas like user behavior, endpoint data and incident visualization. This opening of the APIs allows the security community to rapidly build new QRadar applications using software developer kits. IBM Security will be monitoring and testing every application before it is posted to the App Exchange to examine the integrity of these community contributions to the platform.

To further address cyber threats in the enterprise space, there is a need for a more open and collaborative approach to security to get more developers involved and more applications integrated into the advanced platform of IBM. Enlarging the ecosystem will allow IBM to integration with third-party technologies and provide even better visibility into more types of data threats.

With thousands of customers now standardizing on IBM’s security technologies, opening this platform for closer collaboration and development with partners and customers changes the economics of fighting cybercrime,” said Marc van Zadelhoff, Vice President, Strategy and Product Management, IBM Security. “Sharing expertise across the security industry will allow us to innovate more quickly in order to help stay ahead of increasingly sophisticated attacks.”

Who benefits from this announcement are software security tool developers wanting to partner with IBM Security to get access to some of the best security analytics out there. IBM Security operates one of the world’s broadest security research and development, and delivery organizations.

IBM was also announcing today a new release of IBM Security QRadar, which further integrates QRadar with IBM BigFix endpoint security management to help customers better prioritize threats and patches on user devices.