Security News

IBM Security QRadar and LogRhythm provide security to organizational networks through their SIEM solutions. The IBM Security QRadar SIEM works to detect cyberthreats and suspicious activity across the network enterprise within on-premises, hybrid and cloud environments.

The interesting part about where IBM is actually headed is, security and what we actually do in security is about protecting the surface area. When you look at Snyk and Snyk's kind of whole ethos is to say, "Well, that's the core. That's the heart. You have to be developer-first." And the meaning of that, one of my favorite things to do is to talk to a chief security officer and say, "Yes, you're kind of here to sort of help secure the organization and you are the one likely to sign the check, but you're not the most important user of the product." Because the most important user of the product, the biggest risk we both face is the developers don't actually pick it up.

Two legacy IBM System x server models, retired in 2019, are open to attack and will not receive security patches, according to hardware maker Lenovo. The two models, IBM System x 3550 M3 and IBM System x 3650 M3, are both vulnerable to command injection attacks.

Firms looking to save money by shifting to more flexible ways of working will need to think carefully about IT security and the additional cost of breaches linked to staff working from home. That's according to the latest annual "Cost of a Data Breach Report" conducted by Ponemon Institute along with IBM Security, which found that the average total cost of a remote-working data breach was more than $1m higher than cyberattacks where remote working wasn't a factor.

A global study commissioned by IBM Security shows that the average cost of a data breach exceeded $4.2 million during the coronavirus pandemic, which the company pointed out is the highest in the 17-year history of its "Cost of a Data Breach" report. The average cost of a data breach increased by nearly 10% compared to the previous year, from $3.86 million to $4.24 million, but IBM noted that "Costs were significantly lower for some of organizations with a more mature security posture, and higher for organizations that lagged in areas such as security AI and automation, zero trust and cloud security."

IBM announced IBM z/OS V2.5, the next-generation operating system for IBM Z, designed to accelerate client adoption of hybrid cloud and AI and drive application modernization projects. According to an IBM Institute for Business Value study "Application modernization on the mainframe" released today, 71% of executives surveyed say mainframe-based applications are central to their business strategy; and in three years, the percentage of organizations leveraging mainframe assets in a hybrid cloud environment is expected to increase by more than 2x. IBM z/OS V2.5 helps drive value for our clients by delivering new capabilities across AI enablement, application modernization, resiliency, enhanced security and an improved developer experience.

Scale Computing announced a collaboration with IBM that will help organizations adopt an edge computing strategy designed to enable them to move data and applications seamlessly across hybrid cloud environments, from private data centers to the edge. Scale Computing is delivering on-premises edge computing solutions for applications that are designed to be flexible and intelligent to help address high-availability and resilience.

Law firm Campbell Conroy & O'Neil has warned of a breach from late February which may have exposed data from the company's lengthy client list of big-name corporations including Apple and IBM. The breach, which was discovered on 27 February 2021 when a ransomware infection blocked access to selected files on the company's internal systems, has been blamed on an unnamed "Unauthorised actor." While it's not yet known precisely what data was accessed during the breach, the system affected held a treasure trove including "Certain individuals' names, dates of birth, driver's license numbers/state identification numbers, financial account information, Social Security numbers, passport numbers, payment card information, medical information, health insurance information, biometric data, and/or online account credentials," the company confirmed in a statement regarding the attack.

IBM announced an agreement to acquire Bluetab Solutions Group to extend its portfolio of data and hybrid cloud consulting services. Bluetab will become a strategic part of IBM's data services consulting practice to further advance its hybrid cloud and AI strategy.

Open Cybersecurity Alliance announced it has accepted IBM's contribution of Kestrel, an open-source programming language for threat hunting that is used by Security Operations Center analysts and other cybersecurity professionals. IBM Research and IBM Security jointly developed Kestrel to enable threat hunters to express hunts in an open, composable threat hunting language.