Security News

IBM has unveiled the next evolution of its managed detection and response service offerings with new AI technologies, including the ability to automatically escalate or close up to 85% of alerts, helping to accelerate security response timelines for clients. The managed services are delivered by IBM Consulting's global team of security analysts via IBM's advanced security services platform, which applies multiple layers of AI and contextual threat intelligence from the company's vast global security network - helping automate away the noise while quickly escalating critical threats.

Assurances include watermarking, reporting about capabilities and risks, investing in safeguards to prevent bias and more. Some of the largest generative AI companies operating in the U.S. plan to watermark their content, a fact sheet from the White House revealed on Friday, July 21.

Johnson & Johnson Health Care Systems has informed its CarePath customers that their sensitive information has been compromised in a third-party data breach involving IBM. IBM is a technology service provider for Janssen; specifically, it manages the CarePath application and database supporting its functions. IBM has published a separate announcement about the incident that says there are no indications the stolen data has been misused.

A consortium led by Splunk and AWS are hoping to fix this by standardizing how events are noted in logs, reducing the burden on security teams to decipher alerts they receive from multiple tools and vendors. Last week at Black Hat, security vendor Splunk announced the general availability of the Open Cybersecurity Schema Framework.

The Colorado Department of Health Care Policy & Financing is alerting more than four million individuals of a data breach that impacted their personal and health information. The data breach was possible after Clop ransomware exploited the MOVEit Transfer zero-day in a hacking campaign that impacted hundreds of organizations worldwide.

Missouri's Department of Social Services warns that protected Medicaid healthcare information was exposed in a data breach after IBM suffered a MOVEit data theft attack. Yesterday, the Missouri Department of Social Services disclosed a data breach that exposed health information related to Medicaid services in the state.

Data breach costs rose to $4.45 million per incident in 2023, IBM found in its annual Cost of a Data Breach report. Average data breach cost rose to $4.45 million per incident.

IBM continues to expand its cloud offerings with Hybrid Cloud Mesh, a software-as-a-service platform meant to give DevOps and CloudOps teams more fine-grained control over application connectivity between clouds. Hybrid Cloud Mesh takes advantage of the recent acquisition of network automation company NS1. Hybrid Cloud Mesh will be available later in 2023, IBM said, and ut is currently part of an early access program.

In an effort to grow its hybrid cloud and artificial intelligence capabilities, IBM announced on Tuesday that it was acquiring Polar Security, an Israel-based company specializing in data security posture management. A 2023 study by Gartner, looking at DSPM functions and capabilities, reported that DSPM solutions are getting savvier at uncovering data repositories and identifying their exposure risk, thanks to their ability to use data lineage to "Discover, identify and map data, across structured and unstructured data repositories, that relies on integrations with, for example, specific infrastructure, databases and CSPs.".

At the RSA Conference, IBM launched a platform-centric expansion to its QRadar security product, designed as a one-stop shop to accelerate response and offer a unified framework for security operations centers. "Today's Security Operation Center teams are protecting a fast-expanding digital footprint that extends across hybrid cloud environments - creating complexity and making it hard to keep pace with accelerating attack speeds," according to IBM, which also said the products are specifically meant to help buttress security operations center teams facing labor-intensive alert investigations and response processes, manual analysis and the proliferation of tools, data, points of engagement, APIs and other potential vulnerabilities.