In addition to new blueprints, IBM Security also announced a partnership with the cloud and network security provider Zscaler.
On Wednesday, IBM Security announced new ways the company will help customers adopt a zero trust approach to security. A zero trust approach, the announcement explained, is founded on the principles of providing the least privileged access: never trust, always verify and assume breach. IBM Security also announced an alliance partnership with cloud and network security provider Zscaler and new blueprints for common zero trust use cases, a SaaS version of IBM Cloud Pak for Security and a strategic partnership with a leading cloud and network security provider to help customers modernize and secure remote work.
Security professionals should apply zero trust as a framework to update security programs. It will facilitate a smoother adaptation to the risks which emerge from the changing business environment. IBM Security cited a recent ESG study which found that 45% of organizations who were more mature in their zero-trust strategies were able to smoothly transition to a remote or work-from-home model, which was in contrast to those who were the least mature at only 8%.
"With a mobile workforce and data residing everywhere, the internet has become our primary network," said Mauricio Guerra, CISO for The Dow Chemical Company in a press release. Guerra will participate in IBM Think on May 11, 2021.
Guerra continued, "Embracing a zero trust architecture enables us to add new capabilities and strengthen security. Working with partners like IBM Security and Zscaler can help us provide users with secure remote access to all of our locations, as well as access to applications wherever and however they are hosted."
SEE: Security incident response policy (TechRepublic Premium)
IBM Security's new zero trust blueprints will offer tech pros a framework for creating a security program which applies the aforementioned three core principles of zero trust. With the blueprints, companies will have "a prescriptive roadmap of security capabilities along with guidance on how to integrate them as part of a zero-trust architecture."
IBM Security used customer engagements to develop the capability and guidance for the blueprints. The company said that this will help organizations plan zero trust journeys and investments, with a "pragmatic approach that better aligns security and business objectives."
Business initiatives which can use the blueprints:
Preserve customer privacy
Secure the hybrid and remote workforce
Reduce the risk of insider threat
Protect the hybrid cloud
To address the fragmentation and complex challenges security teams face as they adopt a zero trust strategy, IBM security said there must be an open approach. IBM is collaborating with leading technology partners to help simplify and connect security for an organization's vendor ecosystem
"Working from anywhere, combined with enterprises' move to SaaS and the cloud, has effectively rendered the perimeter security model obsolete and traditional security defenses ineffective," said Jay Chaudhry, chairman, CEO and founder of Zscaler in the press release. He said validated user identity should be combined with business policies for direct access to authorized applications and resources. Chaudry also added that the IBM Security alliance will help organizations and employees "embrace working from anywhere and protect enterprise data."
The announcement further said that IBM will collaborate with ecosystem partners to help them implement zero trust strategies with worldwide customers.
IBM Cloud Pak for Security will combine threat management capabilities and data security into a single, modular, easier to consume solution. With the new IBM Cloud Pak for Security as a Service, customers gain the option to choose between an owned or hosted deployment model—whichever is best suited for their environment and needs. It also provides access to a unified dashboard across threat management tools, with the option to easily scale with a usage-based pricing approach.
"Our customers need to secure their rapidly changing business environments without causing delays or friction in their daily operations," said Mary O'Brien, general manager, IBM Security in the press release. "It's not uncommon to have users, data and applications operating in different environments. They all need to connect to one another quickly, seamlessly and securely. A zero trust approach offers a better way to address the security complexity that is challenging businesses today."
For more about zero trust from O'Brien, Guerra and Chaudhry join IBM Think on May 11,2021 in North America and May 12, 2021 in Europe and Asia.
- Zero trust: The good, the bad and the ugly (TechRepublic)
- 5 tips for implementing a zero trust model (TechRepublic)
- How to become a cybersecurity pro: A cheat sheet (TechRepublic)
- Security threats on the horizon: What IT pro's need to know (free PDF) (TechRepublic)
- Checklist: Securing digital information (TechRepublic Premium)
- Online security 101: Tips for protecting your privacy from hackers and spies (ZDNet)
- Cybersecurity and cyberwar: More must-read coverage (TechRepublic on Flipboard)