Do you know what is it like to measure and optimize global security operations centers (SOCs)? At IBM Managed Security Services’ (MSS), we measure an SOC a bit like operating and managing the performance of a factory. It’s incredibly important to monitor and measure the performance of every component and how they all work together. This measurem

Managed security service providers (MSSPs) can speed up detection and response capabilities in complex, distributed security environments. However, many traditional managed security providers simply act as alert factories that collect log data and spit out low-value alerts. These increase the workload on their clients’ security teams rather than offloa

Transportation networks are foundational to our modern way of life. The current restrictions on global movement and the corresponding reduction in demand for travel and transportation services, while profound, are temporary. Forecasting future demand and capacity requirements is nearly impossible. But, the travel and transportation industries are part of the

On Wednesday, July 15, the Twitterverse was ablaze with what Twitter itself has described as a “coordinated social engineering attack” that was launched at around 4pm ET. The outcome of this breach was compromised Twitter accounts of many well-known people and organizations, including Jeff Bezos, Elon Musk, Bill Gates, former President Barack Obama, Joe Bide

Before the coronavirus pandemic hit, working from home used to be a novelty for many employees. According to a June 2020 IBM Security and Morning Consult “Work From Home Survey,” 80% of respondents say they worked from home either rarely or not at all prior to the pandemic. In-office work allowed employers and information technology (IT) teams to

As a security architect within IBM Security Services, I often get asked the question, “What exactly is a Zero Trust architecture?” Well, there is no single or unique answer to that question for two reasons. First, Zero Trust is not an architectural model but rather a set of guiding principles that should be applied to existing and new designs. W

The transition to a remote workforce has happened so quickly that many security teams have not had an opportunity to apply desired controls. Organizations are dealing with remote access and execution privileges that were unplanned even a couple of months ago. The use of personal devices and home workspaces has increased potential risks. Typical controls such

While organizations around the world are rightly focused on the COVID-19 pandemic, the work of cybersecurity must continue. In fact, attackers often increase their efforts to breach networks and systems during times of trouble, counting on the chaos as a useful distraction. In such times, the best cybersecurity practices should actually refocus on the most b

If you work in the healthcare industry, you may have heard about a family of vulnerabilities called “SweynTooth.” Researchers from Singapore first discovered the vulnerabilities in 2019. After waiting 90 days to announce them, which is part of the responsible disclosure process, they published a technical paper. If you are not familiar with the S

The constantly changing threat landscape makes a robust security program a moving target. But defenders aren’t standing still — from advanced artificial intelligence (AI) to real-time threat detection and adaptive risk protection, cybersecurity services are evolving to offer IT teams the breadth of knowledge and depth of functionality they need to rall

Penetration testing is no longer an extraordinary security engagement. Due to regulatory mandates, internal policies, business executive requests and the overall desire to avoid becoming the next breach victim, testing is now commonplace among many organizations. The kind of testing, however, can still be a question. Do you need ad hoc testing, that as-neede

Operational technology (OT) encompasses many aspects of our world, including industrial control systems (ICS) that are used to control core operational processes. ICS technologies often control essential services such as water and power supply and are also used to monitor these services to prevent hazardous conditions. Manipulation of these systems and proce

As organizations adapt and respond to the impact of COVID-19, significant new challenges are on the rise as a majority of the workforce has shifted to remote work arrangements. Employee-owned devices and home networks that were not formerly protected by enterprise security controls have rapidly expanded many organizations’ attack surfaces. At the same

Organizations around the world are adapting to respond to the impact of the novel coronavirus (COVID-19). Companies may experience increased stress and challenges across their security programs arising from increased remote user demand, site availability impacts, stringent travel restrictions and requests for social distancing. Security organizations may als

I recently had the opportunity to speak at a security conference where I presented the operating models that an organization can embrace when managing cyberthreats and the guiding principles associated with them. It was a great chance to share some of my experiences with the greater community and foster intellectual curiosity around an increasingly important