With an advanced portfolio of enterprise security solutions, IBM Security enables customers to effectively manage risk and defend against emerging threats
“IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services.”
Security Software Sales Leader,
IBM Technology Sales,India/South Asia
The Pandemic has forced businesses to shift to online operations and there has been a massive adoption of remote working culture and online learning, resulting in digitalisation on an unprecedented scale. Along with the shift to online has also come an unacceptable rise in cybersecurity issues.
With rising ransomware cyberattacks on IT infrastructure, businesses have realized the importance of embracing zero tolerance for gaps in their security strategy. They are increasingly investing on strengthening their cybersecurity to secure their crown jewels and their valuable data. This has thrown open a big opportunity for cybersecurity players.
As the India market remains in the eye of a major digital transformation buoyed by a tech-centred Union Budget, SME Channels embarks upon recording the voices of the who’s who of the Cybersecurity landscape.
As part of our effort to make the voices of major security players heard by the channel community, here is the Security Predictions from IBM Security.
In a special interaction with SME Channels, Prashant Bhatkal, Security Software Sales Leader, IBM Technology Sales, India/South Asia, reveals his organization’s strategy to address growing need for security solutions from customers, his predictions for the cybersecurity industry in 2022 and his vision and plans for the channel community. Edited excerpt
Please give a brief introduction of your company.
IBM has been present in India since 1951. Since inception, IBM India has expanded its operations with regional headquarters in Bangalore and offices across many cities in India.
Today, IBM has established itself as one of the leaders in the Indian Information Technology industry. As a leading Hybrid Cloud & AI company, innovation is at the core of the IBM company strategy. This is reflected in the end-to-end solutions delivered to clients, which span from software and systems hardware to a broad range of AI, cloud and consulting services. IBM helps clients solve complex business and technical issues by delivering deep business process and industry expertise. We offer a complete, open-source platform including our AI-enabled software and application modernization, cloud transformation services, systems, security and the IBM public cloud, underpinned by IBM’s unmatched expertise in industry verticals.
This is enhanced with advanced analytics, research capabilities and the proven ability to implement enterprise solutions to deliver bottom line value to businesses and governments worldwide.
IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio, supported by world-renowned IBM X-Force research, enables organizations to effectively manage risk and defend against emerging threats. Our innovative, AI-drive security capabilities are used by thousands of clients around the world, spanning SIEM, SOAR, data security, identity and access management, mobile security, fraud prevention and more. These industry-leading solutions also simplify how organizations deploy a zero-trust architecture with the core principles of least privilege access; never trust, always verify; and assume breach.
IBM’s revolutionary Cloud Pak for Security is an open security platform that brings together leading capabilities from IBM and other vendors to connect security data, tools and teams across hybrid cloud environments. The recently launched IBM QRadar XDR Suite is the industry’s first comprehensive extended detection and response (XDR) solution that provides comprehensive visibility across security tools and data sources, whether in the cloud or on-premises, equipping security teams with the insights they need to act quickly.
With the pandemic still lurking there, what are the major market trends you are forecasting for 2022?
As per the 2022 IBM Security X-Force Threat Intelligence Index, Asia Pacific is now the most targeted region for cyberattacks – representing 26% of attacks analysed in 2021. India was among the top three most attacked countries in the region, with Japan and Australia being the others. Ransomware was the dominant attack type against organizations in India, with the Sodinokibi and BitLocker ransomware groups accounting for most of these attacks. A common pathway for many of the attacks on Indian organizations was phishing attacks. This trend signals a growing need for security investments amongst Asian organizations including in India, particularly those in financial services and manufacturing, which together at nearly 60%, were the most-targeted industries in the region.
The rise in online operations and huge business migrations to the cloud during the pandemic has created humongous security issues, how are you bracing to address the security challenges faced by businesses?
Here are few recommendations for organizations to be better prepared-
- Pull the “kill switch” on trust
The growing attack surface works against virtually any business, so operate under the assumption of compromise, with a Zero Trust model, and scrutinize your trusted relationships – whether that be with users or applications.
- Harden your cloud environments and include a zero-trust approach to your security strategy. As environments continue to expand, managing privilege access becomes paramount to ensuring that users are only granted access to the data that is essential to their job. Defenders should implement conditional access (CA) policies based on their organization’s needs.
- Limit access to sensitive data and protect highly privileged accounts
Leverage AI to monitor, detect and contextualize dynamic behaviors and movements across hybrid cloud environments, in order to verify the legitimacy (or lack of) a threat and automate a response.
- Extend detection and response
When multiple solutions are holistically integrated into an XDR (extended detection and response) solution, it provides organizations with a significant advantage in the early identification and eradication of attackers from a network, before they can reach the final stage of their attacks
- Adopt open source
As attackers invest in ways to scale operations through cloud environments, businesses must focus on extending visibility into their hybrid infrastructure. Hybrid cloud environments that are built on interoperability and open standards can help organizations remove blind spots and accelerate and automate security responses.
- Scrutinize your supply chain
This assess potential risks introduced by third-party partners. Confirm you have robust monitoring, access controls and security standards in place that third-party partners need to abide by.
- Develop a response plan for ransomware
Every industry and every geography is at risk of a ransomware attack, and how your team responds in the critical moment can make all the difference in the amount of time and money lost in a response. Beyond the technical components of a response plan:
- Who do you call to assist (IR service, Law enforcement)? Establish specific contacts.
- Which employees need to be part of the assembled crisis response team?
- Do you have a crypto wallet?
Where will you host your “war room” and communications channels if your network is down?
- PATCH. Refine and mature your vulnerability management system
Vulnerability management is an art—from identifying which vulnerabilities are most applicable to your organization’s network architecture, to identifying how to deploy them without breaking anything in the process.
- Have a team dedicated to vulnerability management
- Prioritize critical patches. IBM’s X-Force Exchange includes a repository of vulnerabilities and associated criticality levels to assist in identifying and prioritize vulnerabilities of most concern
- Conduct specialized vulnerability scanning
- Use Threat Intelligence to Understand the Threats to Your Organization
Each threat actor has different motivations, capabilities, and intentions, and threat intelligence can use this information to increase the efficacy of an organization’s response to an incident
- Enforce Multifactor Authentication (MFA)
The cost-benefit of MFA is tough to overstate, providing significant cybersecurity benefit in reducing the value of stolen or guessed passwords dramatically. The 2021 report indicates that BEC attackers may have realized greater success by shifting focus to geographies where MFA is not as widely implemented.
Which areas are you focusing on in the channel – skillsets, sales and marketing, vertical and technology practice development, service capability, etc.?
Ecosystem partners are central to our growth strategy including IBM Security. We offer a wide array of flexible benefits to our partners which span across Sales,Pre-Sales, Marketing, Skill development & flexible financing Options
Some of the key initiatives include:
- Software Access Catalog available at no cost for new partners where they can access over 16,000 offering in the software access catalog to build products & services – this also includes IBM Security solutions
- Co-creation with Client Engagement Centers
- Go-to-market Messaging Acceleration for IBM Security
- Service Competency incentives for Proof-of-Concept (POC)
- Funds for co-marketing initiatives enables partners to reimburse ‘eligible’ marketing expense.
- Build Credit enables partners to build with USD 18,000 IBM Cloud credits.
Cybersecurity is highly tech-intensive. How do you educate your partners to deliver in this highly challenging and competitive security landscape?
At IBM Security, we are simplifying our engagements with our partners to help them demonstrate their expertise and increase market credibility. Some of the skilling initiatives include:
- Alignment of cybersecurity skills to the competency framework and job roles with clear learning pathways and technology to bring IBM training into partners’ own learning management systems
- ‘My Digital Marketing’ is a no-cost digital collaboration platform which offers ‘ready-to-execute’ digital campaigns, with personalization and measurement mechanisms to better respond to new ways of communicating. In addition, we are enabling our partners to acquire new age digital skills by organizing Digital Marketing learning modules which are conducted on a regular basis.
- Digital workshops for IBM Security provides partners access to key virtual selling, training & learning tools
- IBM Virtual Client Center offers 24/7 access to solutions, demos, webinars and more
- IBM Training provides access to digital badges and professional certifications for cybersecurity as well and Seismic is a central repository which offers enablement materials on demand where updated IBM sales enablement content and industry use cases for IBM Security are also available.
- IBM also recently unveiled the IBM Security Command Center for Asia Pacific in Bengaluru which helps to train everyone from C-Suite to the technical staff on cybersecurity response techniques through highly realistic, simulated cyberattacks that build pressure. This enables partners to give clients a glimpse of what their worst day could look like and inculcate crisis leadership decision-making skills.
As an organization, we are also committed to bridge the vast cybersecurity skills gap that exists in our industry by working with an ecosystem of partners, industry associations and the government. To help fulfill the required specialized and relevant skills in various security domain, we intend to train 500,000 people in India over the next five years.
Are you planning any new product additions for the channel market?
We recently launched IBM QRadar XDR Suite, a unique comprehensive extended detection and response (XDR) that can help companies modernize threat detection and response with below key benefits –
- Connected – Integration with Existing Tools or IBM’s
The industry’s largest Open XDR ecosystem can integrate your endpoint detection and response (EDR), security information and event management (SIEM), network detection and response (NDR), Security Orchestration, Automation and Response (SOAR) and Threat Intelligence, while leaving data where it is for a complete XDR approach
- Unified – Single User Experience across Tools & Teams
Simple XDR workflows, co-designed with experts, help speed up alert triage, threat hunting, investigation and response
- Intelligent – AI Built for Analyst Productivity
Automate the work of enriching, correlating, and investigating threats with purpose-built AI and pre-built playbooks, including automated root cause analysis and MITRE ATT&CK mapping
- Open – Adaptable Architecture
Help avoid lock-in built on IBM Cloud Pak for Security for deployment on premises or on cloud, and ready for use by security service providers