As part of the agreement, Cisco will integrate its security solutions with Big Blue’s QRadar enterprise security information and event management (SIEM) to provide solutions aimed at protecting networks, endpoints, and cloud infrastructures.
The partnership will also involve IBM Global Services providing support of Cisco products in the managed security service provider (MSSP) offerings.
Customers will also benefit from the scale of IBM Global Services support of Cisco products in their Managed Security Service Provider (MSSP) offerings.
The collaboration also establishes a new relationship between the IBM X-Force and Cisco Talos security research teams, who will begin collaborating on threat intelligence research and coordinating on major cybersecurity incidents.
“Cybercrime is expected to cost the world $6 trillion annually by 2021,” said Marc van Zadelhoff, general manager, IBM Security. “With Cisco joining our immune system of defense, joint customers will greatly expand their ability to enhance their use of cognitive technologies like IBM Watson for Cyber Security. Also, having our IBM X-Force and Cisco Talos teams collaborating is a tremendous advantage for the good guys in the fight against cybercrime.”
For example, during the recent WannaCry ransomware attacks, Cisco and IBM had shared threat intelligence. Teams from both firms coordinated their response and researchers exchanged insights into how the malware was spreading.
A recent Cisco survey of 3,000 chief security officers found that 65 per cent of their organizations uses between six and 50 different security products. Managing such complexity, according to Cisco, is a challenge to security teams.
The Cisco and IBM Security relationship are focused on helping organizations reduce the time required to detect and mitigate threats by offering integrated tools which help automate threat responses.
“In cybersecurity, taking a data-driven approach is the only way to stay ahead of the threats impacting your business,” said Bill Heinrich, chief Information security director, BNSF Railway, one of the largest railroad network in North America. “…This more open and collaborative approach is an important step for the industry and our ability to defend ourselves against cybercrime.”
In 2016, the Ponemon Institute found for companies surveyed the cost was at its highest ever at $4 million – up 29 per cent over the past three years.
A slow response can also impact the cost of a breach – incidents that took longer than 30 days to contain cost $1 million more than those contained within 30 days.
Cisco apps for QRadar
As part of the collaboration, Cisco will build new applications for IBM’s QRadar security analytics platform. The first two new applications will be designed to help security teams understand and respond to advanced threats and will be available on the IBM Security App Exchange.
These will help clients identify and remediate incidents more effectively when working with Cisco’s Next-Generation Firewall (NGFW), Next-Generation Intrusion Protection System (NGIPS) and Advanced Malware Protection (AMP) and Threat Grid.
IBM’s Resilient Incident Response Platform (IRP) will integrate with Cisco’s Threat Grid to provide security teams with insights needed to respond to incidents faster.
For example, analysts in the IRP can look up indicators of compromise with Cisco Threat Grid’s threat intelligence, or detonate suspected malware with its sandbox technology. This enables security teams to gain valuable incident data at the moment of response.
“By combining Cisco’s comprehensive security portfolio with IBM Security’s operations and response platform, Cisco and IBM bring best-of-breed products and solutions across the network, endpoint, and cloud, paired with advanced analytics and orchestration capabilities,” said David Ulevitch, senior vice-president and general manager, Cisco Security.
SAMSUNG GALAXY S8 PLUS
The Samsung Galaxy S8 Plus is a beautifully crafted smartphone with nearly no bezel, curvaceous in design and reflects a…
How to: Connect to Exchange Online Using Multi-Factor Authentication
Using PowerShell to manage your Microsoft cloud services like Exchange Online and using multi-factor authentication (MFA) separately is awesome. Using…