IBM | September 08, 2023
IBM has announced the expansion of its Cloud Security and Compliance Center to help enterprises protect data and mitigate risk across their hybrid, multi-cloud environments and workloads.
With the addition of the latest solutions, IBM's solution suite now goes beyond compliance posture management and workload protection. It now includes application-level security capabilities.
IBM Cloud Security and Compliance Center suite offers benefits, including intelligent automation technology, expanded compliance, and visibility into third- and fourth-party risk posture, among others.
IBM, a global technology innovator at the forefront of automation, AI, and hybrid cloud solutions, has unveiled the expansion of the IBM Cloud Security and Compliance Center. This suite offers a range of updated cloud security and compliance solutions carefully designed to aid enterprises in mitigating risk and safeguarding data within their hybrid, multi-cloud environments and workloads.
As organizations grapple with emerging threats along the supply chain and navigate evolving global regulations, this solution suite stands as a pillar of support for their resilience, performance, security, and compliance requirements, all while aiding in the reduction of operational costs.
IBM's newly introduced Cloud Security and Compliance Center Data Security Broker solution offers a transparent data encryption layer. It utilizes format-preserving encryption and anonymization technology to safeguard sensitive data used in business applications and AI workloads.
Rohit Badlaney, General Manager at IBM Cloud Product and Industry Platform, said,
The expansion of the IBM Cloud Security and Compliance Center displays our continued focus on industry-specific capabilities that assist in addressing real world business challenges for our clients. For ex., clients have the ability to employ the IBM Cloud Framework for Financial Services, which can enable them to address evolving rules, laws and regulations surrounding cloud risk. The new capabilities demonstrate our commitment to supporting clients on their hybrid cloud modernization journeys, designed for security, privacy, compliance, and trust at the forefront of our product roadmap.
[Source – Cision PR Newswire]
IBM Cloud has a long history of working with client companies in financial services and other highly regulated sectors, especially when it comes to assisting them to drive innovation while securing their sensitive data, added Badlaney.
In combination with the IBM Cloud Security and Compliance Center Data Security Broker, the upgraded suite of the IBM Cloud Security and Compliance Center will introduce a number of new features. These additions are intended to aid clients, especially those operating in regulated industries, in meeting security, compliance, and data residency requirements specific to their industry.
Key features due to the expansion of IBM Cloud Security and Compliance Center:
Intelligent automation technology
Enhanced Cloud Security Posture Management (CSPM)
Optimized Cloud Workload Protection Platform (CWPP)
Improved Cloud Infrastructure Entitlements Management (CIEM)
Enhanced visibility into third- and fourth-party risk posture
Frank Dickson, VP of Security and Trust at IDC, said,
As more companies adopt a hybrid, multi-cloud approach to managing applications of all sorts across PaaS, SaaS, IaaS and on-premises, centrally automated and managed technologies that can execute security and compliance capabilities at scale are required. The IBM Security and Compliance Center addresses this requirement for holistic protection – which is especially crucial for organizations in highly regulated sectors that manage sensitive data, such as financial services – regardless of the application within which the data may live.
[Source – Cision PR Newswire]
VentureBeat | September 27, 2023
Microsoft announced a series of new enterprise security features today that use artificial intelligence (AI) to help defend Windows 11 against increasingly sophisticated cyberattacks. The tech giant claims its new AI capabilities will reduce security incidents by 60% and firmware attacks by 300% for businesses using the latest version of its software.
Microsoft’s vice president of enterprise and OS security, David Weston, explains in a company blog post that was published today specifically how AI is being used to fortify Windows 11 against sophisticated attacks, ranging from malware to firmware threats, and even nation-state attacks.
At the heart of this AI-focused security upgrade is the integration of Microsoft’s Pluton Security Processor and Secured-core PCs. Both systems leverage AI algorithms to isolate sensitive data and provide defense against potential threats. IT professionals should note that these Secured-core PCs are reported to be 60% more resilient to malware than non-Secured-core PCs, a significant improvement in system defenses.
Microsoft’s AI strategy also appears to be forward-thinking, with the company starting to adopt memory safe languages like Rust for traditional attack targets. Rust’s memory safety features without garbage collection make it an ideal language for building reliable and efficient systems, further multiplying the cybersecurity benefits.
The end of passwords? Microsoft’s groundbreaking move
Perhaps most notable among today’s announcements is Microsoft’s push towards a passwordless future, a move that could fundamentally alter the landscape of cybersecurity.
Microsoft’s AI will now be used to develop and implement passkeys — unique, unguessable cryptographic credentials securely stored on a user’s device, which have the potential to replace traditional multi-factor authentication. This is a substantial leap forward in phishing protection, making it considerably more difficult for hackers to exploit stolen passwords.
Microsoft says that its AI system analyzes more than 65 trillion security signals per day— with more than 4,000 password attacks every second — to identify suspicious login attempts and request additional identity verification when needed in the new system.
The company also revealed a new capability called Config Refresh that relies on AI to detect and revert unwanted changes to device policies in near real-time. This allows IT teams to lock down device settings while leveraging intelligence to accommodate legitimate policy updates.
Microsoft pioneers a new cybersecurity path with AI
The company’s commitment to AI solutions aligns with its longstanding strategy of positioning itself as a leader in enterprise computing. By weaving AI into the fabric of Windows 11, Microsoft is demonstrating its commitment to providing businesses with secure, reliable, and forward-thinking solutions.
Business analysts see this as a clear indicator of Microsoft’s strategy to leverage its AI prowess to drive growth and cement its position in the enterprise data and AI market. Given the increasing importance of cybersecurity in the modern business landscape, Microsoft’s investment in AI could pay significant dividends.
However, the real test of these new AI-powered features will be their effectiveness against real-world threats. As cyber threats continue to evolve, so too must our defenses. If Microsoft’s AI enhancements can live up to their promise, they will represent a significant advance in cybersecurity and a potent tool in the fight against cybercrime.
As AI continues to transform enterprise data and security, it’s clear that companies like Microsoft are leading the charge. By harnessing the power of AI, Microsoft is not just shaping its future but also the future of cybersecurity as a whole. Only time will tell how these developments play out, but one thing is certain: the era of AI-driven cybersecurity is here, and Microsoft is at its helm.
Cisco | September 15, 2023
Cisco Secure Application, new to the Cisco Full-Stack Observability Platform, brings application and security teams together to secure cloud-native application development and deployment.
The platform integrates Cisco's industry-leading security products' security intelligence with application performance data to provide business context with security findings.
Cisco-exclusive business risk observability enables IT professionals to identify, assess, and prioritize risk and fix application security concerns based on potential business impact.
Cisco, a worldwide technology leader that offers innovative software-defined networking, cloud, and security solutions, has unveiled the availability of the Cisco Secure Application, formerly known as Security Insights for Cloud Native Application Observability, on the Cisco Full-Stack Observability platform. This integration empowers organizations to seamlessly unite their application and security teams, facilitating the secure development and deployment of modern applications. The latest release of Cisco Secure Application extends its capabilities to securely manage both cloud-native and hybrid applications.
In an effort to assist organizations in bolstering their cloud-native applications security, Cisco has introduced the new Cisco Secure Application offering, which is available on Cisco's recently introduced Full-Stack Observability platform. This solution equips customers with enhanced visibility and intelligent insights regarding business risk in various cloud environments.
As a result, businesses gain the ability to more effectively prioritize and respond to security risks that could impact revenue and reputation in real time, leading to a reduction in overall organizational risk profiles.
As organizations strive to provide smooth digital experiences, IT teams have faced growing demands to transition to modern, distributed applications.
According to a recent study by Cisco, 92% of global technologists acknowledge that the urgency to innovate and adapt to evolving customer needs has often resulted in compromised application security during software development.
As a consequence, organizations have become susceptible to security vulnerabilities and threats. They face broader attack surfaces and gaps in their application security layer due to the isolation of teams. These teams face challenges in obtaining adequate visibility and the necessary business context for prioritizing vulnerabilities. Consequently, organizations are witnessing a surge in security incidents within the modern environment, thereby jeopardizing customer data and the reputation of their businesses.
Mark Leary, Research Director, IDC, stated,
Cisco's extensive domain experience across multi-cloud and hybrid environments and comprehensive full tech stack oversight positions the company well to assist customers bring business risk observability, application observability, and security intelligence data together. Combined, they give customers access to the critical information they need to make smarter decisions about their application security
[Source – Cision PR Newswire]
Senior VP and General Manager of Cisco Full-Stack Observability and AppDynamics, Ronak Desai, said,
An organization's ability to swiftly assess risks based on potential business impact, align teams and triage threats is entirely dependent on understanding where vulnerabilities exist, the severity of those risks, the likelihood they’ll be exploited, and the risk to the business of each issue. This business risk observability can enable IT professionals understand and prioritize those risks and is uniquely delivered by Cisco. The availability of Cisco Secure Application on the Cisco Full-Stack Observability platform is a crucial next step in our commitment to providing customers with the tools they need to provide unmatched and secure digital experiences across multi-cloud and hybrid environments.
[Source – Cision PR Newswire]