Armonk, NY - 02 mars 2010: L'IBM Institute for Advanced Security aidera les clients, partenaires, universitaires et entreprises à mieux comprendre et traiter les risques liés à la sécurisation du cyberespace. Forte de son expertise en logiciels, services, systèmes et R&D, cette organisation aidera les gouvernements et les entreprises à travers le monde à se protéger des menaces existantes et futures. Aux Etats-Unis, l'IBM Institute for Advanced Security collaborera avec des représentants des secteurs public et privé à Washington, et aidera le gouvernement à sécuriser et protéger de façon plus efficace les informations sensibles menacées par des attaques de plus en plus malveillantes.

 

Les infrastructures critiques, exploitées dans autant de secteurs économiques que l'énergie, la santé, la banque, les transports ou le secteur public, se transforment en systèmes de plus en plus intelligents. Par conséquent, toute défaillance peut entraîner des conséquences catastrophiques pour notre société, notre économie et notre environnement. Selon une étude récente de l'équipe de recherche et développement IBM X-Force sur la cybercriminalité, les menaces continuent d'évoluer et les cybercriminels modernes orchestrent des attaques toujours plus sophistiquées. IBM et ses partenaires intensifient leurs efforts pour combattre ces menaces et protéger les citoyens.

A l'occasion de la conférence RSA qui se déroule du 1er au 5 mars 2010 à San Francisco, IBM annonce également de nouveaux produits et services, ainsi que des innovations issues de ses laboratoires de recherche qui permettront de répondre à une demande accrue de la part des entreprises et des pouvoirs publics en matière de sécurisation des infrastructures physiques et numériques.

Aujourd'hui, les nouveaux modèles informatiques et métiers poussent les entreprises à repenser leur approche de la conformité, de la gestion du risque et de la protection des données. Grâce à une gestion de services et des outils intégrés, IBM propose une vision globale, de type  "centre de commande", des opérations et des domaines de risques potentiels chez un client. Les offres annoncées aujourd'hui aideront les entreprises à tirer le meilleur parti des nouvelles technologies telles que le Cloud Computing ou des nouveaux modèles comme le travail à distance.

“Les entreprises et les gouvernements à travers le  monde réalisent des investissements importants dans les nouvelles technologies et les processus qui leur permettent d'être plus efficaces, souples et concurrentiels. Si ces investissements leur ouvrent de nouvelles opportunités, ils engendrent aussi de nouvelles complexités et de nouveaux risques concernant les infrastructures critiques, la vie privée et l'identité", explique Al Zollar, General Manager, Tivoli Software, IBM. “Cette annonce montre notre volonté de collaborer avec les entreprises et les pouvoirs publics pour vaincre les menaces existantes et émergentes".

********************

 

IBM Launches Initiative to Foster Cybersecurity Collaboration with Public and Private Sector Clients

                                              

ARMONK, NY--March 2, 2010--IBM (NYSE: IBM) today announced a company-wide cybersecurity initiative to apply its research, services, software and technology expertise to help government and other key clients improve the security and resiliency of their IT and business systems.

        

Under this initiative, the company is establishing the IBM Institute for Advanced Security to help government and private sector clients, academics and business partners more easily understand, address and mitigate the issues associated with securing cyberspace.

 

Based in Washington, D.C., the Institute will provide a collaborative setting for public and private sector officials to tap IBM’s vast security expertise so they can more efficiently and effectively secure and protect critical systems and information threatened by increasingly malicious and costly cyber threats.  IBM’s approach will help public and private organizations avoid the trend of adding security on after the fact by providing them the education, expertise and resources to design security into the foundation of their infrastructures. 

IBM experts from across the company will come together within the Institute to help clientsaddress existing and emerging cybersecurity challenges by using analytics and other advanced technologies, services and solutions to anticipate, prevent and mitigate the growing risk and potential economic impact of cyber attacks.   

 

IBM's initiative will enable others to embrace a strategic approach to managing cybersecurity, building on the security rich systems and software that have earned the trust of IBM clients around the world for decades.  For instance, the U.S. Air Force recently selected IBM to design and demonstrate a highly secure cloud computing infrastructure that can support defense and intelligence networks.  The Institute also will provide a forum for clients to better understand how recent IBM Research advances, such as the fully homomorphic encryption breakthrough, can help them to operate in more intelligent ways, while protecting the privacy and security of critical information.

 

“There is no lack of security products and services available today, but adding security after a system is developed or implemented seldom works.  Moreover, today’s rapidly-evolving threats make such “bolt-on” approaches even less effective at a time when clients are wary of not realizing a return from their security investments,” said Charles Palmer, director of the Institute for Advanced Security and chief technologist of Cybersecurity and Privacy for IBM Research. “IBM will engage with government clients and other constituents to help them comprehensively understand how to develop and integrate effective security protections into the fabric of their critical systems and services.”

 

IBM, which holds more than 3,000 security and risk management patents and maintains one of the world’s largest comprehensive threats and vulnerabilities databases, will use the IBM Institute for Advanced Security to apply the capabilities and experience of its more than 15,000 multidisciplinary global security experts to a broad range of cybersecurity and privacy challenges. 

 

“IBM has a long history of dealing with the most critical security issues on a global perspective,” said Alan Wade, former Chief Information Officer of the U.S. Intelligence Community.  “Their initiative to establish a collaborative environment to examine how current and future technologies could lead to a more secure planet will be well received in both the public and private sector.”

 

The Institute also will enhance and support IBM’s existing work with government and private sector leaders, and serve as a focal point for new clients, policymakers, and other key constituencies to access and collaborate with the company’s cybersecurity experts and resources in the U.S. and around the world.  It also will engage in public-private collaboration and policy activities to drive innovation in next-generation security models and capabilities, which are essential for progress in the cybersecurity arena.

 

“To their credit, government leaders have realized that the isolated, piece-part approach to IT security is no longer an adequate solution,” said Todd Ramsey, general manager, IBM Federal. “These leaders seek an end-to-end strategy for securing their critical business information, processes and systems.  IBM’s long-term experience in managing security challenges with both government and private industry provides unique insights that will accelerate the ongoing innovation and that must occur in this field.”

 

IBM views cybersecurity as achieving resilience and integrity across the critical information infrastructure of the smarter planet, which requires more secure government, cities, utilities, transportation systems, water supplies and telecommunications.  Government and private sector clients are beginning to utilize smarter systems and are seeking answers for how to secure and govern these systems. 

 

To help clients find answers to their cybersecurity questions, IBM’s Institute for Advanced Security will host the first in a series of planned workshops, entitled “A Smarter and Secure Planet,” in Bethesda, Maryland on March 22-23.  The workshop will feature an exchange among technical and policy professionals, researchers, officials and practitioners on the requirements for secure, agile systems. 

 

For more details and information about the IBM Institute for Advanced Security and related initiatives, visit http://www.ibm.com/federal/security.

 

 

********************

 

 

IBM EXTENDS SECURITY REACH TO PROTECT CRITICAL INFRASTRUCTURE

Unveils New Research Initiatives, Partnerships, Products and Services

SAN FRANCISCO, CA – March 2, 2010 – Today at the RSA Conference, IBM detailed new IBM Security Solutions, research initiatives, partnerships and client results aimed at meeting the rising demand by businesses and governments worldwide to secure digital and physical infrastructures.

 
Critical infrastructures operated by government, energy, health, banking, transportation and other industries are rapidly transforming into more intelligent systems. As a result, their failure can have catastrophic consequences for our society, economy and environment. Recent studies from the IBM X-Force research and development team indicate that the threat landscape continues to evolve rapidly and modern day attackers take ever more sophisticated approaches in their assault on business and governments. Today, IBM, public and private sector partners are intensifying efforts to combat these threats and safeguard citizens.

 
“Businesses and governments around the world are making bold investments in new technologies and processes that make them more efficient, agile and competitive,” said Al Zollar, general manager, Tivoli Software, IBM. “These investments enable new possibilities, but they also create new complexities and beget new risks to critical infrastructure, privacy and identity. With today’s announcements, we demonstrate our ability to partner and innovate to overcome existing and emerging threats.” 

Security, by Design

New computing paradigms and business models fundamentally require businesses to rethink how they deal with compliance, risk management and data protection.  

Central to IBM’s approach to addressing clients’ security challenges is a shift in focus from securing assets to securing critical services.

 
With integrated service management - tools that provide can provide a "command center" view into a client's operations and potential areas of risk, IBM can help its clients design security into the fabric of the services they deliver, making security intrinsic to their business processes, product development and daily operations. 

Today’s announcements, based on IBM’s experience with hundreds of global clients and businesses, are designed further expand on the vision that security, by design, is an enabler of innovative change. IBM is introducing new software, systems and services to help global organizations securely adopt new forms of technology like cloud computing and new business models like telework, while addressing emerging compliance constructs.

 
New IBM Security Solutions include:

 

-        IBM Secure Web Gateway Service 2.0 – IBM X-Force research indicates a dramatic rise in the number and complexity of Web application attacks. This new service enables greater protection against Web-based threats and enforcement of corporate IT policies while lowering overall management costs.

 

-        IBM Managed Firewall Service and IBM Unified Threat Management Service– this new bundled offering allows clients to use select Check Point firewall and unified threat management devices while receiving IBM Managed Security Services for those devices for a monthly fee. This provides clients increased levels of protection without the burden of upfront capital expenditures for the devices.

 

-        IBM Security Information and Event Manager 2.0 – this updated software helps to reduce costs by automating enterprise log management and central management, reduce insider threats and protect integrity by monitoring and auditing privileged user activities, and facilitate compliance efforts and streamline management with compliance management modules.

 

-        IBM Security Content Analysis Software Development Kit (SDK) – rapid growth of the Internet and the constant onslaught of spam requires advanced filtering technology that is expensive to develop and maintain. This new SDK provides developers with up-to-date filter database and accurate analysis—along with an easy-to-implement application programming interface (API).

 

-        IBM AppScan Source Edition – as organizations continue to develop and design products and services that are increasingly interconnected, they are also placing increased emphasis on securing the software that powers these products and services. This new edition of IBM Rational AppScan Source Edition AppScan can scan software source code and identify potential security and compliance vulnerabilities during the earliest stages of software development, when they are less expensive to correct.

 

-        IBM Lotus Protector for Mail Encryption - for secure collaboration and communication, IBM is announcing a new software product called IBM Lotus Protector for Mail Encryption. Available in April, it extends IBM's flagship messaging software, offering Lotus Notes' native e-mail encryption feature to include any address accessible on the Internet -- irrespective of e-mail system or client used by the recipient.  IBM Protector for Mail Encryption addresses the Internet encryption challenge, in a simple and integrated way, unlike third-party "bolt-on" products that have historically been complex and expensive to deploy.

 

-        IBM Security Privileged Identity Management and Compliance Solution –rising trend from attackers to use privileged user identities to gain access to core systems, increasing compliance mandates and high administrative costs all add to the difficulty of managing users and identities and blocking against internal and external threats.  This combined solution provides threat prevention, identity management and meeting compliance needs through file integrity monitoring, separation of duties, role hierarchy, and intrusion prevention.

 

-        IBM z/OS V1.12 - With the latest release of z/OS, IBM helps clients promote improved operations, availability, manageability, and security through self-learning, self-managing, and self-optimization capabilities. z/OS security functions, such as data encryption, encryption key management, digital certificates, password synchronization, and centralized authentication and auditing, can be deployed as part of enterprise-wide security solutions and can help mitigate risk and reduce compliance costs.

Institute for Advanced Security

In February 2010, IBM, the Security & Defence Agenda (SDA) and a coalition of international think tanks hosted almost 4,000 global experts from government, industry, academia, non-government organizations (NGOs) in a virtual dialogue on the world’s greatest security challenges. Cybersecurity was identified as significant potential threat to international peace and stability, and a number of experts called for the creation of a cybersecurity agency to increase public and private sector collaboration and educate global leaders on cyber issues.

 
In order to address such concerns, the company is launching the IBM Institute for Advanced Security to help clients, academics, partners and other businesses more easily understand, address and mitigate the issues associated with securing cyberspace. The Institute will collaborate with public and private sector officials in Washington, D.C., and provide access to a wide range of resources to help the government more efficiently and effectively secure and protect critical information threatened by increasingly malicious and costly cyber threats.

 
As part of this effort, IBM is bringing to bear expertise from its Software, Services, Systems and Research arms to help governments and businesses around the world safeguard themselves from new and existing threats. For instance, the U.S. Air Force recently selected IBM to design and demonstrate a highly secure cloud computing infrastructure that can support defense and intelligence networks.

The IBM Institute for Advanced Security will provide a collaborative setting for public and private sector officials to tap IBM’s vast security expertise so they can more efficiently and effectively secure and protect critical systems and information threatened by increasingly malicious and costly cyber threats.  IBM’s approach will help public and private organizations avoid the trend of adding security on after the fact by providing them the education, expertise and resources to design security into the foundation of their infrastructures.

   
“There is no lack of security products and services available today, but adding security after a system is developed or implemented seldom works.  Moreover, today’s rapidly-evolving threats make such “bolt-on” approaches even less effective at a time when clients are wary of not realizing a return from their security investments,” said Charles Palmer, director of the Institute for Advanced Security and chief technologist of Cybersecurity and Privacy for IBM Research. “IBM will engage with government clients and other constituents to help them comprehensively understand how to develop and integrate effective security protections into the fabric of their critical systems and services.”

A podcast with Al Zollar on the Decade of Smart Security - the focus of his RSA keynote presentation – is available at:

https://365.rsaconference.com/blogs/podcast-series-rsa-conference-2010/tags/key_305 

Further information about the software, services and initiatives announced today is available at http://www-03.ibm.com/security/.