Cisco and IBM take on cybercrime
Cisco® security systems will integrate with IBM’s QRadar to protect organizations across networks, endpoints and cloud. Customers will also benefit from the scale of IBM Global Services support of Cisco products in their Managed Security Service Provider (MSSP) offerings. The collaboration also establishes a new relationship between the IBM X-Force and Cisco Talos security research teams, who will begin collaborating on threat intelligence research and coordinating on major cybersecurity incidents.
One of the core issues impacting security teams is the proliferation of security tools that do not communicate or integrate. A recent Cisco survey of 3,000 chief security officers found that 65 percent of their organizations use between six and 50 different security products. Managing such complexity is challenging over-stretched security teams and can lead to potential gaps in security. The Cisco and IBM Security relationship is focused on helping organizations reduce the time required to detect and mitigate threats, offering organizations integrated tools to help them automate a threat response with greater speed and accuracy.
“In cybersecurity, taking a data-driven approach is the only way to stay ahead of the threats impacting your business,” said Bill Heinrich, Chief Information Security Director, BNSF Railway. “Cisco and IBM working together greatly increases our team’s ability to focus on stopping threats versus making disconnected systems work with each other. This more open and collaborative approach is an important step for the industry and our ability to defend ourselves against cybercrime.”
The cost of data breaches to enterprises continues to rise. In 2016, the Ponemon Institute found for companies surveyed the cost was at its highest ever at $4 million – up 29 percent over the past three years. A slow response can also impact the cost of a breach – incidents that took longer than 30 days to contain cost $1 million more than those contained within 30 days. These rising costs make visibility into threats, and blocking them quickly, central to an integrated threat defense approach.
The combination of Cisco’s best-of-breed security offerings and its architectural approach, integrated with IBM’s Cognitive Security Operations Platform, will help customers secure their organizations more effectively from the network to the endpoint to the cloud. As part of the collaboration, Cisco will build new applications for IBM’s QRadar security analytics platform. The first two new applications will be designed to help security teams understand and respond to advanced threats and will be available on the IBM Security App Exchange. These will enhance user experience, and help clients identify and remediate incidents more effectively when working with Cisco’s Next-Generation Firewall (NGFW), Next-Generation Intrusion Protection System (NGIPS) and Advanced Malware Protection (AMP) and Threat Grid.
In addition, IBM’s Resilient Incident Response Platform (IRP) will integrate with Cisco’s Threat Grid to provide security teams with insights needed to respond to incidents faster. For example, analysts in the IRP can look up indicators of compromise with Cisco Threat Grid’s threat intelligence, or detonate suspected malware with its sandbox technology. This enables security teams to gain valuable incident data in the moment of response.
“Cisco’s architectural approach to security allows organizations to see a threat once, and stop it everywhere,” said David Ulevitch, SVP and general manager, Cisco Security.
“Cybercrime is expected to cost the world $6 trillion annually by 2021. This is why IBM has been a proponent of open collaboration and threat sharing in cybersecurity to change the economics for criminals,” said Marc van Zadelhoff, general manager, IBM Security. “With Cisco joining our immune system of defense, joint customers will greatly expand their ability to enhance their use of cognitive technologies like IBM Watson for Cyber Security. Also, having our IBM X-Force and Cisco Talos teams collaborating is a tremendous advantage for the good guys in the fight against cybercrime.”