IBM and Symantec Update Cybersecurity Offerings

DARPA_Big_Data

Yesterday, CivSource reported on a new cybersecurity startup from former NSA employees seeking to provide threat intelligence on social engineering. Now, new updates from IBM and Symantec show that the big guys are getting in on the act as well. Both companies released new cybersecurity roadmaps aimed at providing greater prevention and protection against social engineering type attacks.

IBMs new project relies on big data analytics to find abnormalities in behaviour in order to spot possible attacks or malware. The company says analytics are the next prevention frontier as relying on previous attack signatures isn’t successful over the long term.

IBM is putting the updated plan into two offerings the first – IBM Threat Protection System is meant to act as a one stop shop for managed security services. The other, IBM Critical Data Protection is designed to focus on critical assets and infrastructure within the enterprise and provide continuous monitoring of those assets. The two products are partly the outgrowth of several recent cybersecurity acquisitions IBM has made in recent years.

Symantec’s new system – Symantec Managed Security Services – Advanced Threat Protection (MSS-ATP), is a managed service that reduces the time it takes to detect, prioritize and respond to security incidents by producing integration between its endpoint security and third-party network security vendors’ products. The product relies on an alliance of third party vendors that work together to monitor and report abnormalities that could be an attack.

Within the next six months, Symantec will also introduce two key services. The first is an entirely new Incident Response service, providing customers with immediate access to critical capabilities, knowledge and skill sets during incident response scenarios. The second is a new Intelligence service, providing unmatched threat visibility and analytics that create insights into risks to key cyber assets through portal, data feed and service-based intelligence offering, as well as Managed Adversary information that delivers advanced reports on threat actors for unprecedented visibility into the types of attacks that may target an organization.

Tying it all together, Symantec will bring to market a new Advanced Threat Protection Solution, which is scheduled to be in beta testing within six months and generally available within the next 12 months.The end-to-end solution will deliver integrated advanced threat protection across the endpoint, email and gateway to provide customers with critical detection and response capabilities at each respective control point.