IBM and Fortinet have expanded their strategic relationship by agreeing to share threat information in an effort to help customers respond to emerging threats more quickly. The agreement, detailed during the Black Hat cybersecurity conference taking place in Las Vegas, runs primarily through IBM's X-Force research team and Fortinet's FortiGuard Labs. The aim is to integrate the threat intelligence feeds of each company to build proactive defenses against active cyber threats. The companies said that data will be shared bi-directionally on secure channels. Fortinet and IBM have been strategic partners for years.
The dark component of the deep web is the primary highway for the exchange and commerce among cybercriminal groups. In fact, very few cybercriminals work alone. Eighty percent of cybercrime is linked to criminal collectives, and stolen data-shaped goods surface rapidly on darknet forums and marketplaces following cybersecurity incidents with data loss. Adapting to these trends is essential. Organizations with the ability to extract threat intelligence from data-mining these elusive online sources can achieve a significant security advantage.
The traditional threat landscape comprised of conventional IT assets is difficult enough to protect, detect and respond to, but the landscape seems to be quickly expanding beyond traditional IT. Those new domains are operational technology (OT), the internet of things (IoT) and the internet of medical things (IoMT). Devices from non-traditional IT environments are finding their way onto corporate intranets, which can create a shadow IT environment. These devices are unmanaged and some managers don't have a full understanding of the risks associated with these devices. More visibility into these devices could help a chief information security officer (CISO) to understand whether they are acting appropriately.
IBM has upgraded the Resilience enterprise security platform to harness both human and machine intelligence for incident response. The new orchestration capabilities bring together the best of both worlds -- the expertise of cybersecurity professionals and machine learning (ML), which can be utilized to take the manual labor and strain off human partners, the tech giant said on Monday. According to the firm, the Resilient Incident Response Platform (IRP) will "dramatically accelerates and sharpens incident response by seamlessly combining incident case management, orchestration, automation, intelligence, and deep two-way partner integrations into a single platform." Threat actors and cybercrime are placing immense pressure on companies and their security teams which often find themselves understaffed and underfunded. Cisco suggests that last year, security teams were only able to investigate 56 percent of daily security threats, which leaves 44 percent of alerts unexplored on average.