IBM outlined a number of new security initiatives saying its new approach will focus on securing critical services rather than on the past emphasis on securing network assets. The goal will be to deliver integrated service management - tools that provide can provide a "command center" view into a client's operations and potential areas of risk as infrastructure evolves to cloud computing.
As part of these initiatives, the company is launching the IBM Institute for Advanced Security to help clients, academics, partners and other businesses more easily understand, address and mitigate the issues associated with securing cyberspace. The Institute will collaborate with public and private sector officials in Washington, D.C., and provide access to a wide range of resources to help the government more efficiently and effectively secure and protect critical information threatened by increasingly malicious and costly cyber threats.
New IBM Security Solutions include:
- IBM Secure Web Gateway Service 2.0 -- IBM X-Force research indicates a dramatic rise in the number and complexity of Web application attacks. This new service enables greater protection against Web-based threats and enforcement of corporate IT policies while lowering overall management costs.
- IBM Managed Firewall Service and IBM Unified Threat Management Service -- this new bundled offering allows clients to use select Check Point firewall and unified threat management devices while receiving IBM Managed Security Services for those devices for a monthly fee. This provides clients increased levels of protection without the burden of upfront capital expenditures for the devices.
- IBM Security Information and Event Manager 2.0 -- this updated software helps to reduce costs by automating enterprise log management and central management, reduce insider threats and protect integrity by monitoring and auditing privileged user activities, and facilitate compliance efforts and streamline management with compliance management modules.
- IBM Security Content Analysis Software Development Kit (SDK) -- rapid growth of the Internet and the constant onslaught of spam requires advanced filtering technology that is expensive to develop and maintain. This new SDK provides developers with up-to-date filter database and accurate analysis -- along with an easy-to-implement application programming interface (API).
- IBM AppScan Source Edition -- which can scan software source code and identify potential security and compliance vulnerabilities during the earliest stages of software development, when they are less expensive to correct.
- IBM Lotus Protector for Mail Encryption - for secure collaboration and communication, IBM is announcing a new software product called IBM Lotus Protector for Mail Encryption. Available in April, it extends IBM's flagship messaging software, offering Lotus Notes' native e-mail encryption feature to include any address accessible on the Internet -- irrespective of e-mail system or client used by the recipient.
- IBM Security Privileged Identity Management and Compliance Solution -- rising trend from attackers to use privileged user identities to gain access to core systems, increasing compliance mandates and high administrative costs all add to the difficulty of managing users and identities and blocking against internal and external threats. This combined solution provides threat prevention, identity management and meeting compliance needs through file integrity monitoring, separation of duties, role hierarchy, and intrusion prevention.
- IBM z/OS V1.12 - With the latest release of z/OS, IBM helps clients promote improved operations, availability, manageability, and security through self-learning, self-managing, and self-optimization capabilities. z/OS security functions, such as data encryption, encryption key management, digital certificates, password synchronization, and centralized authentication and auditing, can be deployed as part of enterprise-wide security solutions and can help mitigate risk and reduce compliance costs.
Separately, IBM completed the acquisition of National Interest Security Company, LLC (NISC), a privately held company headquartered in Fairfax, VA. Financial terms were not disclosed. The business will be integrated into IBM Global Business Services, operating initially as a wholly-owned subsidiary.