While the AI-powered systems have shown exponential growth and success in the past few years, they have been facing unparalleled security threats that have not been seen before in the traditional software space. To deal with these issues, IBM along with its large teams of scientists, engineers and developers are dedicated to creating novel defence techniques and deploying practical defences of real-world AI systems.
Analytics India Magazine got in touch with Vikas Arora, IBM Cloud and Cognitive Software Leader, IBM India/South Asia, who also leads the IBM’s security business and key transformation projects along with IBM’s cloud and cognitive business. In this candid chat, Arora spoke about the cybersecurity landscape in India, need of cognitive security operation centres, the role of AI in security and more.
Analytics India Magazine: How has IBM brought key transformations in the security business with the help of AI?
Vikas Arora: IBM is leading the journey towards AI and Intelligent Automation in Cybersecurity.
- In 2016, IBM invested heavily on the acquisition of Resilient Systems – the leading platform for orchestrating and automating the incident response processes
- The latest step in this journey is the automation of response – connecting machine intelligence and human expertise together more seamlessly across the entire threat lifecycle.
- In 2017, IBM brought the power of Watson to the cybersecurity market to help augment the skills of security analysts in their investigations (Watson for Security / QRadar Advisor with Watson)
- In April 2018, IBM introduced new innovations that move the needle towards a new era where machine intelligence and human expertise are orchestrated seamlessly together across the Security Operation Center
- In October 2018, IBM announced new features for QRadar Advisor which expand the platform’s knowledge of cybercriminal behaviour and allow it to learn from security response activities within an organization.
AIM: What does your role as cloud and cognitive software leader at IBM include to enable security domain at IBM?
VA: With a shift towards cloud, companies are looking for capabilities that enable the enterprise to integrate across public, private and on-premises environments. They are also looking for the ability to manage workflows across public clouds from multiple vendors, build cloud capabilities and have consistent management protocols.
Customers regularly ask for help on modernizing their security frameworks, respond to the global security skills shortage, address increasing cyber-attack vectors including IoT, secure the journey to the cloud and digital transformation and maintaining data privacy and regulatory compliance. We have integrated products and services, global expertise and leading-edge orchestration and AI tools to help them here.
AIM: How has the role of AI in security evolved over the years in India? What are the key innovations that you have witnessed?
VA: The state of cybersecurity is reaching an inflection point. The number of risks and events is growing exponentially, and security operation teams are struggling to keep up with
the volume. Security leaders are worried about how security incidents affect their operations today and how they may shape their reputations tomorrow.
Organisations are now looking to cognitive/AI security solutions to manage this situation and help address gaps in intelligence, speed and accuracy. Even though it is in the early days, there is great hope and optimism about its potential. It may enable improved detection and decision-making capabilities, improve incident response time, among others. However, there is still a lot of education and preparation that has to happen before widespread adoption occurs for AI-based security solutions.
AIM: What is the kind of security threats that AI-powered systems are susceptible to in the current scenario? How is IBM helping overcome these threats?
VA: As with any new technology, cybercriminals will also be looking for ways to use AI to their advantage. For instance, cybercriminals are constantly looking to leverage emerging technologies – both to compromise it as an attack vector or to help their current attacks become more widespread or effective.
We as the defenders need to be looking at the threats surrounding AI to stay ahead of cybercriminals. This can be done by using AI to detect advanced threats and help security teams and examining how AI can be weaponized by cybercriminals to make their attacks more successful. At IBM, we have experts focused on exploring both sides of this equation.
AIM: Would you like to highlight a few instances where IBM has provided security solutions to the client?
VA: For instance, Bombay Stock Exchange (India), the oldest stock exchange in Asia and now the fastest exchange in the world, has selected IBM Security to design, build and manage a Cyber Security Operations Center to safeguard the company’s assets and protect stakeholder data. Under the five-year managed security services agreement, the centre enables around-the-clock security event monitoring, event handling, security analysis, incident management and response along with synchronized management of devices, networks and applications.
AIM: What are some of the novel defence techniques and AI-based solutions by IBM in the security space?
VA: We are leading the journey towards AI and Intelligent Automation in Cybersecurity. Some of our key AI, Resilient and Automation solutions are:
- IBM QRadar Advisor with Watson: Leverages the power of cognitive AI to automatically investigate indicators of compromise and gain critical insights, accelerating your threat response times.
- IBM Resilient Incident Response Platform: Orchestrates and automates hundreds of time-consuming, repetitive and complicated response actions that previously required significant human intervention.
- IBM MaaS360 Advisor with Watson: Provides cognitive insights, contextual analytics and benchmarking to make sense of security events –while protecting your endpoints, users, apps, docs and data from one platform.
- IBM Application Security on Cloud: Automates code reviews with AI to help eliminate false negatives and false positives, so you can proactively secure your web, mobile and cloud-based applications.
AIM: How has been the adoption of cognitive security solutions in India? How do you anticipate it growing in the next couple of years?
VA: We believe that the adoption of AI/Cognitive solutions within Security space is still at a nascent stage, however, continues to be an important strategy. IBM is leading the journey towards AI and Intelligent Automation in Cybersecurity. We foresee both being a key priority for not just CISOs but the entire C-Suite in 2019. Enterprises are looking at driving service agility and resilience in their digital business along with data-driven security intelligence which can help them be prepared for any unforeseen threats.
AIM: What is IBM’s security business roadmap in the coming year? What are the key initiatives that you plan to take up in the cybersecurity space?
VA: IBM Security is one of the fastest growing vendors in the global security software market. We have simplified our portfolio to help clients in three strategic areas, “Strategy & Risk”, “Threat Management” and “Digital Trust”. Further, we are focused on top security needs we hear from our customers around advanced threats, cloud security, Mobile and IoT, Compliance Mandates and addressing the skills shortage in the security space. We are already the largest Security provider to the Enterprises in India, and we aim to strengthen this position as we drive our Security strategy in 2019.
AIM: What is your strategy to boost the hybrid cloud market play in India?
VA: Chapter one of the cloud was largely about moving a lot of new and customer-facing applications to the cloud. Chapter two is about scaling AI and creating hybrid clouds. It’s about bringing the cloud operating model to all those mission-critical apps and enabling customers to manage data, workloads, and apps and move them between multiple clouds. The result is a complex web of hybrid, multi-cloud environments. Studies estimate that while organisations plan to adopt hybrid architectures, very few will have procedures and tools they need to operate that environment.
To deal with this, IBM launched Multi-cloud Manager last year which gives businesses visibility and control across different clouds and vendors. Recently, we also launched new hybrid cloud tools and services designed to help enterprises navigate the complexities of this new landscape such as IBM Cloud Integration Platform and IBM Services.
The other important development that will allow IBM to help companies accelerate our journey to the hybrid cloud is the fact that IBM is in the process of acquiring Red Hat. Hybrid, Multi-cloud environment is a trillion dollar opportunity and IBM intends to be #1.
AIM: How do you plan to level up competition in the cloud space in India?
VA: Cloud is emerging as the essential construction site for the cognitive enterprise. Companies are moving beyond their initial cloud deployments and realising its potential to help optimise existing business applications, and launch new business services, with levels of speed and cognitive innovation previously impossible. As we go through 2019, organisations would be looking for advice on selecting the right cloud solution, help them move to cloud, create the modern cloud application suites and help businesses manage new multi-cloud environments as they build them. To address these needs we have devised IBM Cloud strategy as “Journey to Cloud 14 in 4 offerings” to support in these four areas, and beneath them, there are 14 offerings that bring our services and solutions to life.