In this interview, Paul Garvey, Vice President of IBM Security, Asia Pacific, explains how IBM is gearing up to meet the security challenges and mitigate the next level of cyber threats.
1) How strongly has evolved IBM’s security practice in last 3 years?
As at April 2018, our revenue has risen 66% year-on-year to US$3.4 billion. Since 2015, we have also hired nearly 2,000 additional experts into our Security business, including world-class developers, consultants, and research professionals.
We now have 8,000 subject matter experts focused on security across 36 offices globally, 8,000 security-related patents, and over $2 billion in dedicated R&D. We also manage more than 20 billion events per day, with more than 3,700 clients worldwide in 133 countries.
2) Considering the advanced and sophisticated nature of next generation threats, how effectively can IBM’s security solutions counter them?
At IBM Security, our people are our competitive advantage; our 8,000 subject matter expert talents around the world include software researchers, incident response teams, interim CISOs, ethical hackers, security intelligence analysts, and malware, spam & dark web analysts.
As an intelligence-driven business, we work with our clients 24/7 around the clock to apply real-time analytics to safeguard their operations against next-generation threats. We host one of the world’s largest URL databases with over 25 billion web pages and images, collect more than 1,000 financial malware samples daily, and leverage intelligence at least 270 million endpoints.
To defend against cyber threats, we recognize the urgent need for security professionals in both private and public sectors to improve our methods for collaborating and sharing information on threats and how to mitigate them before they become viral. We have been investing heavily in R&D and sharing our findings with the wider Industry. Our Future of Identity study shares insights into the consumer perspective around identity authentication. We launched the IBM X-Force Exchange in 2015 to share real-time data on threats so that others in the industry can quickly adapt their defense to fight back.
3) How seriously is IBM considering implementation of AI in designing security solutions?
Cognitive security tools are absolutely the necessary evolution to keep pace with the advanced threats and growing workforce shortage facing the industry today.
We recognize the importance of leveraging the power of AI to understand the full context of various types of threats, as well as that for the automation of specific actions via intelligent orchestration. Despite the increasing ubiquity of AI, we have noticed that businesses have not redesigned their processes for factoring in human and machine intelligence working side-by-side in highly complex environments.
So IBM Security has been committed to leading this journey towards AI and Intelligent Automation in Cybersecurity.
In 2017, we brought the power of Watson to the cybersecurity market to help augment the skills of security analysts in their investigations. Watson for Cyber Security automates the hunt for security analysts – quickly and accurately identifying the critical threats facing today’s enterprise.
Currently, more than 100 clients are using IBM QRadar Advisor with Watson and seeing results that are more accurate, insightful and faster.
4) With respect to drastic changes in security technology how does IBM design any solution considering the ever-changing landscape?
As an intelligence-driven business, we work around the clock analyzing threats in real-time to help businesses safeguard their operations against next-generation threats. As part of IBM’s $200 million investment in Response, we have invested significantly to modernize and create new facilities within our global network of IBM X-Force Command Centres. These Command Centres uses cognitive technologies like Watson for client services, and Watson for Cybersecurity to improve decision making.
We have also created an elite group of security professionals and ethical hackers – IBM X-Force Red – who help businesses discover vulnerabilities in their computer networks, hardware, and software applications before cybercriminals do. As part of IBM Security Services, the team also examines human security vulnerabilities that attackers often use to circumvent security controls.