Skip to main content

Emerging security trends and risks

Insights for the business executive

2011 was a remarkable year for IT security.
The frequency and scope of data loss, “distributed denial of service” attacks (preventing legitimate users from accessing a service) and “social hacktivism” (using computer networks for social or political protest) reinforce the need to protect assets in an increasingly connected world. Because it is unrealistic to avoid new connection-enabling technologies, business executives can address emerging security risks by: building a proactive security intelligence capability; developing a unified view of all endpoints, including mobile devices; protecting information assets at the database level; and creating safer social habits.

Download the Executive Report (PDF, 1.37MB)

Protecting against cyber threats in the modern business infrastructure

Enable innovation with secure approaches to cloud, mobility, social business, big data and more.

Executive summary
With headlines touting the financial, political and brand implications associated with modern security breaches, boardrooms are buzzing with the topic of information security. The discussion is fuelled by technological shifts that are expanding the boundaries of business infrastructures. New computing trends like cloud, mobility, and social business can foster innovation, collaboration, competitive advantage and closer connections with customers. But they are also stress points where trust and risk collide - pitting usability and access to information against cyber threatsand vulnerabilities. Advances in enterprise computing and a massive accumulation of data have raised the stakes. Business continuity, brand image, financial results and strategic execution are all at risk. As a result, executives have both heightened interest and increased expectations for IT security. Addressing these expectations requires informed, aligned, intelligent risk management that encompasses:

Download the Whitepaper (PDF, 147KB)

Finding a strategic voice

Insights from the 2012 IBM Chief Information Security Officer Assessment

With explosive growth in connectivity and collaboration, information security is becoming increasingly complex and difficult to manage. Yet, some security organizations are rising to the challenge. Our research reveals a distinct pattern of progression - and distinguishing traits of those that are most confident and capable.

These forward-thinkers are taking a more proactive, integrated and strategic approach to security, highlighting models worth emulating and the emerging business leadership role of the Chief Information Security Officer (CISO).

Download the Study (PDF, 1.39MB)

IBM X-Force 2011Trend and Risk Report

March 2012

2011 - Year of the security breach

From mid-year to the New Year - the breach plays on

At the mid-year, IBM X-Force declared 2011 “Year of the Security Breach” which was marked with a litany of significant, widely reported external network security breaches and other incidents, notable not only for their frequency, but for the presumed operational competence of many of the victims.

The second half of 2011 continued to demonstrate common reports of weekly wide-scale network security breaches, leaving a wake of leaked customer data, inaccessible web services, and billions of dollars of damages. IT security is now a board room discussion affecting business results, brand image, supply chain, legal exposure, and audit risk. In the IBM X-Force 2011 Mid-year Trend and Risk Report, we looked at the underlying motivations, attack methods, and basic security practices which were circumvented to set 2011 apart as the year of the security breach.

Download the full report (PDF, 10.9MB)

Strategies for assessing cloud security

Executive summary

Cloud computing provides flexible, cost-effective delivery of business or consumer IT services over the Internet. Cloud resources can be rapidly deployed and easily scaled, with all processes, applications, and services provisioned on demand, regardless of the user location or device. As a result, cloud computing helps organizations improve service delivery, streamline IT management and better align IT services with dynamic business requirements. Cloud computing can also simultaneously support core business functions and provide capacity for new and innovative services. Both public and private cloud models, or a hybrid approach using both models, are now in use. Available to anyone with Internet access, public clouds are acquired as a service andpaid for on a per-usage basis or by subscription. Private clouds are owned and used by a single organization. They offer many of the same benefits as public clouds, but give the owner greater flexibility and control. Although the benefits of cloud computing are clear, so is the need to develop proper security for cloud implementations - whether public or private. Embracing cloud computing with-out adequate security controls can place the entire IT infrastructure at risk. Cloud computing introduces another level of risk because essential services are often outsourced toa third party, making it harder to maintain data integrity and privacy, support data and service availability, and demonstrate compliance. Even if IT workloads are transitioned to the cloud, users are still responsible for compliance and data security. As a result, subscribers must establish trust relationships with their cloud providers and understand the risk posed by public and/or private cloud computing environments.

Download the full report (PDF, 217KB)

We're here to help

Easy ways to get the answers you need.

or call us at
1800 557 343

Highlights from the Sydney Event

IBM Security Symposium 2012 .ibm
Jason Burn, LinkedIn, Connect

Business Unit Executive, IBM Security Systems