Thursday, February 20, 2014

IBM Develops Cybersecurity Framework for Nation’s Critical Infrastructure

IBM, in collaboration with the National Institute of Standards and Technology (NIST) and other government agencies,  has developed a new Cybersecurity Framework designed to help organizations assess and manage cybersecurity risk associated with the nation's critical infrastructure.

IBM said its framework establishes a common language for organizations to evaluate their cybersecurity posture and to identify and prioritize opportunities to improve it.

"Cyber threats are not limited to select industries such as financial services and retail companies.  There is a growing need to apply advanced security to our increasingly interconnected critical infrastructure like power facilities, electrical grids, industrial manufacturing operations and others,” said Kris Lovejoy, general manager of IBM Security Services.

IBM’s own analysis shows that that infrastructure-dependent industries are among the most targeted by cyber attackers.  The top five industries that reported the most incidents include:

  • Manufacturing – 26.5% of all observed security incidents
  • Finance and Insurance – 20.9%
  • Information and Communication – 18.7%
  • Health and Social Services – 7.3%
  • Retail and wholesale – 6.6%

See also