Latest news
Martin Borrett is the Director of the IBM Institute of Advanced Security in Europe. He leads the Institute and advises at the most senior level in clients on policy, business, technical and architectural issues associated with security. In this interview Borrett discusses information security innovation, the importance of artificial intelligence in complex security architectures, CISO nightmares, and more.A myriad of new security technologies appeared in the past decade. Regardless, the rapid evolution and increasing sophistication of the threat landscape ensured a never-ending battle with the bad guys, often with millions of dollars as collateral damage. What can the information security industry do to truly innovate, not just follow the tactics of cybercriminals and, ultimately, act as a giant band aid?
Intelligence is the innovation play in security. We believe that tackling cybersecurity is more than any one individual step; it is a continuous process where you need to: Learn, Monitor, Analyse, Decide and Respond.
Today’s cyber threats require: continual inspection and analysis of high volumes of dynamic data from sensors and other devices to gain accurate insights into possible threats and system compromise in real time. Pattern and behavioural analysis across diverse data streams from many channels is necessary to detect evasive attacks.
Advanced situational awareness provides the context and alerting to enable decision making and appropriate response in circumstances when humans cannot keep up with the pace of the threat when under attack.
Defences need to be able to fuse information from a variety of sources, including real-time observations, and make them available within the right context. Such real-time analysis will have an impact on business processes that will need to be thought through carefully and automated in order to adapt and respond to the threat dynamically.
When do you expect to see the application of artificial intelligence on a large scale in complex security architectures? Could we expect to have a type of self-healing system in the future?
Artificial intelligence in security is all about advanced correlation and predictive analytics. Nothing is ever quite as random as it seems. There are patterns to be discovered in almost everything we do and security is no exception. The challenge is deploying software that not only can identify those patterns, but also ultimately share that intelligence with other systems and applications in a way that is actionable.
Spotlight
Information security executives need to be strategic thinkers
Posted on 17 June 2013. | George Baker, the Director of Information Security at Exostar, talks about the challenges in working in a dynamic threat landscape, offers tips for aspiring infosec leaders, and more.
Large orgs in denial about own security breaches?
Posted on 14 June 2013. | Over two thirds (66%) of large organizations said they either had not experienced a security incident in the last 12-18 months or were unsure if they had.
Vulnerability scanning with PureCloud
Posted on 12 June 2013. | nCircle PureCloud is a cloud-based network security scanning product built upon the companies' vulnerability and risk management system IP360.
To hack back or not to hack back?
Posted on 12 June 2013. | If you think of cyberspace as a new resource for you and your organization, it makes sense to protect your part of it as best you can. But is it a good idea?
Reactions from the security community to the NSA spying scandal
Posted on 11 June 2013. | Read on for comments on this scandal that Help Net Security received from a variety of security professionals and analysts.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
