Game Changing Technology Prediction for 2017

Every year influencers always come up with their predictions for the next year. What will the hottest new trend be? What will the game changing technology be? What technology will all other innovations be based upon? Normally there isn’t a single technology that I believe will be the center of all things, but this year cognitive computing is taking the gamut.

With everything from IBM Watson in Cancer research to Amazon’s Echo in home automation, consumers and technology are working together to get things done and learn from one another. This collaboration will bring along things that humans alone would never be able to accomplish. We’ve been very focused on real time marketing and results in the past, but now with all the new quickly and efficiently analyzed data and learned knowledge, we’ll be able to deploy “right – time” marketing tactics.

This year and the years to come will have much to do how humans and technology can learn from one another. Technology will learn from us, our patterns, habits and what actions reap the best results. It will be able to present the results to us Humans so we can in turn use this data to create a personalized consumer experience. Collaboration is key this year, and changes will be seen all over the industry, especially in Security, to be able to support this collaboration and allow us to continue to grow and learn together.

Mobile Security heading into 2017

Just recently Google had 1 million accounts compromised by Malware, and Apple had to push out a rush patch back in August due to vulnerability. Will it get better in 2017? Will it get worse?

Since companies have recognized how important mobile devices are, they have gone to great lengths to protect them. Many companies have implemented sandboxing (when employees can only operate their devices within a contained environment) code signing (ensuring the source and author of an app is legitimate) surface hardening (defensive measure to protect against memory corruption) and a plethora of other tactics to protect their devices. But when companies like Apple and Android don’t grant security access to outside companies and researchers, we can’t gain a deeper understanding into their issues and how to protect their systems better. This is a huge road block that we’ve constantly hit when it comes to mobile security, which might be breaking down a bit as we edge into 2017. Word has it, that there is an application being researched that will be built in at the processor level to better detect behaviors or irregularities within a device and trigger an immediate alarm.

While this all seems like an uphill battle losing battle, and something that won’t be able to be fixed until much later. There is still plenty you can do to protect your company’s Mobile Devices today. IBM has the leading solution providing the best protection possible moving into the new year, MaaS360 . Check it out in a quick 3 minute overview  below and don’t forget there is a 30 day free trial so you can try it out on your own risk free!

Data Breach Protection

Yahoo’s security breach has shaken things up a bit when it comes to password protection. Are you guilty of using the same password for multiple accounts? With the added requirements that passwords must be 8 characters long, contain at least one number, one Capital Letter and one special character, many consumers keep the same password or similar passwords for all their accounts so they can remember it. What about your security questions? Are they the same for every account as well? During the Yahoo Breach the data that was stolen included names, email addresses, phone numbers, (scrambled) passwords, and security questions/answers. If you use the same password, email, and/or security questions for multiple accounts, and you were hacked, you should definitely change all passwords/questions to make sure your information cannot be used to enter into other accounts.

When a large company gets hacked that is supposed to have “top of the line” security, you begin to wonder. If someone was able to hack them, what about me? What about my company? We don’t have a million dollar network protection plan installed… how do I reduce the risk of this happening to my customers? How do I protect not only them, but myself and my company?

2016-per-recond-cost-data-breach

IBM has an tried and true solutions for all your security needs, no matter how big or small your company is. In today’s world, you need to be protected. Consumers are asking how their information is stored, protected and accessed. Provide them and yourself, with peace of mind and get started choosing the perfect solution for your needs today. Check out this white paper about securing cloud applications for a safer environment and also a previous post on IBM’s Qradar solution.

IBM Watson Analytics

When it comes to businesses and data, the amount your business retains can be absolutely mind boggling. Everyone stores it, backs it up and protects it, but not everyone uses it to its fullest potential. IBM Watson Analytics is a cloud based service that will allow you to analyze your data quickly to discover patterns and actual meaning within your data. It will provide you with natural language dialogue so you can interact with it and obtain answers you can actually understand.

When you’re ready to get started, its as easy as asking Watson a question, in your own words. Once entered, you will receive a data visualization almost instantly. You can dig deeper into this analysis, find a predictive summary as to why this is occurring, and combine your findings to create dashboards and infographics.

If that isn’t enough for you, with Watson Analtyics Plus, you can even connect to Twitter data which will allow you to improve your connectivity with your customers by viewing tactics that have been proven most effective for your business in the past. 1 user and  2 gb of storage not enough for your company? Don’t worry, Watson analytics Professional (for enterprises) will give you 100gb with additional storage options.

Interested in analyzing social media information but don’t necessarily need additional storage? Watson for social media will  allow you to collect data from online boards, review sites, social networks to provide you with a  more refined analysis to drive better business outcomes.

With Watson Analytics, the possibilities are endless. Try it free for yourself and see how beneficial it can be for you and your company.

Healthcare Developments with IBM Watson

IBM Watson Health has been a game changer in the Healthcare IT world since its launch in 2015, and we have only learned to utilize the very tip of its vast knowledge. From assisting physicians to diagnose patients, to determining the best care plan for patients based on their specific needs, diagnosis and past trials, Watson has helped bring more efficient and effective care to its patients. Recently, Memorial Sloan Kettering and Quest Diagnostics have partnered with Watson to help provide a new service that would combine Watson’s cognitive computing with genomic tumor sequencing, which in turn will help physicians decide on precision treatment options for cancer patients. This program, IBM Watson Genomics from Quest Diagnostics, Launched in October of this year and has the potential to dramatically change the way we treat cancer in America today.

watson-genomics

So this sounds great right? But how does it all work?

Cancer therapy often depends on the type of gene mutations occurring in the tumor. The latest therapies are designed to target tumors with a specific genetic makeup. Essentially a therapy that is effective for one kind of tumor may not be effective for another. Making sure patients get the correct treatment requires genomic sequencing expertise along with a vast knowledge base which must be rapidly updated because of all the changes in scientific discoveries, trials and therapies that occur almost daily. IBM Watson Genomics allows physicians to send their patients’ solid tumor biopsies to Quest Diagnostics where pathologists will prepare the tissue samples for genomic sequencing. They will then sequence the treatment associated genes and feed the genetic files into Watson. Watson will then compare that data against its massive, constantly updated, databases to help create potential therapeutic options that match the patients’ tumor mutations. Quest Pathologists will then review Watson’s results and send the plans back to the treating physicians.

This amazing technology will allow cancer patients the best cancer treatment no matter where they live in the U.S. Physicians across the country will have access to expert knowledge and treatment plans by simply sending in biopsy tissue, and patients will increase their risk of survival and quality of life. This service, I’m sure, is only the beginning and I personally cannot wait to see what results this brings and how our Healthcare system changes to adapt to this innovative technology.

Want to learn more? Click here for some patient and physician FAQs.

IBM Connections

Are you and your team always on the same page when it comes to projects and what must be done? Do you ever hit roadblocks because you are using multiple tools and applications to send/receive, collaborate and store important information? In today’s work environment, teams are dispersed all over the state, country or world. Its difficult, sometimes near impossible to get everyone into a physical meeting to discuss projects, updates, goals, and next steps. What if you and your team were able to work within a single platform that would allow you to communicate, collaborate and access essential information quicker and more efficiently than ever before? That would be pretty amazing wouldn’t it? That’s where IBM Connections comes in.

With IBM Connections you can:

  • Form communities: ever need an answer to something but don’t know who to ask? With communities you, your team, even your enterprise will be able to organize and share insights, gain access to experts in each specific area, search blogs, wikis, and forums to accurately find relevant information specific to you and your assignments.
  • Store Content: Tired of sending a million attachments back and forth with the latest updated files? Or using a bunch of different unsecure applications to edit files with your team? With Connections you will be able to store, efficiently access, organize, protect and share files all within its platform. All files will automatically synchronize between computers and all devices, all with real time editing. You’ll be able to share folders, upload content with version control, share files with a single link, and edit documents with up to 20 team members simultaneously.
  • Chat: Ever just need a quick, but urgent response from one of your teammates? Connections chat allows you to securely instant message one another, create a group chat, start an audio-visual call, or even send over file transfer instantly. You can even create groups so you don’t have to worry adding everyone individually into your message. Simply select the group and send away!
  • Meetings: Want to create the same feel as a physical meeting brings? Connections Meetings allows you to collaborate with your team by enabling you to host an audio/video meeting with up to 200 participants. Multiple participants are displayed and streamed so there there’s plenty of interaction with one another.
  • Email: Ever have to search through your endless list of contacts to figure out who specializes in exactly what you’re looking for? VERSE (connections email) allows you to integrated cognitive analytics capabilities along with its innovative social features streamlines these searches and connects you with the appropriate contact without having to dig through countless contact listings.

IBM Connections can increase your team’s productivity and collaboration without question, but you don’t have to take my word for it. Here’s some more in-depth information along with a free trial! Stop spending hours worrying if your team is on the same page and start completing tasks and moving forward again!

How do you monitor your vulnerability?

How do you currently monitor your vulnerability? How many different applications do you have in place to accomplish this task? How many different reports do you get? How long does it take to read through all of them and then fix all the issues? With IBM’s Qradar, instead of purchasing another application, you can simply activate Qradar’s Vulnerability manager with a licensing key.

The Vulnerability Manager integrates directly with Qradar so it is able to easily pull results through both scheduled and dynamic vulnerability scans with network asset information, security configurations, flow data, logs and threat intelligence. It then combines that data with asset information from QRadar’s common database, enabling a real-time view of an organization’s security exposure.  From a topology point of view you will be able to see the direct path to where you are exposed so you can locate and fix the issue as soon as possible. From an endpoint point of view, you will be able to see if a device is acting strangely, and if necessary, push a patch to resolve the issue. These alerts and scans are just 2 of the many abilities Qradar’s Vulnerability Manager will bring to your environment.

vulnerability manager lifecycle

Overview:

  • Helps prevent security breaches by discovering and highlighting over 70,000 known dangerous default settings, mis-configurations, software features and vendor flaws.
  • Provides a consolidated vulnerability viewacross major vulnerability products and technologies.
  • Adds context to identify key vulnerabilitiesand reduce false positives.
  • Integrates with IBM QRadar Security Intelligence Platform for easy installation, faster time to value and reduced deployment cost.
  • Performs intelligent, customizable scheduled and event-driven scanning, asset discovery and asset profiling for 360-degree, enterprise-wide visibility to your network.

vulnerability managerInterested in some more detailed information? Click here or contact us at sales@metrotsg.com.

Qradar V Flow

IBM QRadar VFlow collector takes a different approach to detecting new security threats. Without looking at vulnerability signatures or flow based data , it can identify malware, viruses and anomalies through behavior profiling. This information, when combined with network and security events, will enable a more advanced analysis of the overall security posture of your network. This profiling can also be done throughout your network traffic, including your applications, hosts and protocols. VFlow runs on a virtual server making it more convenient since it doesn’t require any additional hardware and it also supports VMware environments to help profile more than 1000 applications. IBM Qradar VFlow Collector paired with IBM Qradar SIEM provides threat detection, policy and regulatory compliance management, social media monitoring, advanced incident analysis and insight and continuous asset profiling.

By monitoring and analyzing your social media you will have the near real-time ability to detect malware, recognize vulnerability and monitor your team’s communications and usage patterns.

five-critical-conditions-to-maximizing-security-intelligence-investments-29-638

Benefits of IBM Security QRadar VFlow Collector paired with IBM Security QRadar SIEM:

  • Threat detection.IBM Security QRadar VFlow Collector uses deep packet inspection technology on application-level network flow data to detect new security threats without relying upon vulnerability signatures. You can identify malware, viruses and anomalies through behavior profiling throughout network traffic including applications, hosts and protocols.
  • Policy and regulatory compliance management. You can identify and correct out-of-policy behavior; applications running over nonstandard ports; users logging on to critical servers with clear-text user names and passwords; and the use of unencrypted protocols in sensitive areas of the network.
  • Social media monitoring. With IBM Security QRadar SIEM and IBM Security QRadar VFlow Collector, you can monitor and analyze activity on social media platforms and multimedia applications to detect potential threats to your network. Near real-time anomaly detection and content capture capabilities make it easier to detect malware, recognize vulnerabilities, and monitor your team’s social communications including their usage patterns.
  • Advanced incident analysis and insight. You can perform near real-time comparisons of application flow data with log events sent from security devices. The correlation between log and flow data can help identify serious threats that might otherwise go undiscovered.
  • Continuous asset profiling. Automatically identify and classify new assets found on your network, and discover which ports and services they are running. These profiling capabilities can alert you when new systems or services are added and configuration changes occur.

 

Overall, adding the IBM Qradar Vflow to Qradar’s Siem will provide you with more more detailed knowledge and information about applications, host and protocols as well as products used for collaboration and social media thanks to monitoring data flows on layer 7.

Qradar Risk Manager

The IBM Qradar Risk Manager is all about bringing intelligence to SIEM. Qradar’s SIEM can already gather event data from firewalls, routers, switches and other devices into a single dashboard and normalize their format. With Risk Manager added,  it will also give you the ability to bring configuration information into the system, as well as routing configuration information so you can build a topology of your network. Once you build the topology and Qradar’s Risk Manager starts analyzing it along with routing rules and firewall rules, you will then be able to compare firewalls and see things that we omitted, changed or added within the configurations. You’ll be able to look at an expanded version of your network, run simulations and most importantly, you’ll be able to identify “attack paths” to vulnerable machines, high risk assets and much more.

Here are some of Qradar’s Risk Manager’s Main Functions:

  • Analyzes firewall configurationsto help identify errors and remove ineffective rules.
  • Provides network topology and connection visualization tools to view current and potential network traffic patterns.
  • Correlates asset vulnerabilities with network configuration and traffic to identify active attack paths and high-risk assets.
  • Supports policy compliance monitoring of network traffic, topology and vulnerability exposures.

Check it out in more detail below

 

Questions? Comments? Email us! sales@metrotsg.com

QRadar QFlow Collector

When our customers are putting together their Qradar Security plan, many times they’ve asked,  “What’s the benefit is of adding Qradar’s QFlow Collector when I already have the event data being collected?” Being able to collect Flow and Event data (Siem and QFlow conmbined) not only gives you a better view as to what is happening on your network it also allows you to the view flow of events that are coming in. This greater visibility will allow you to better detect threats, meet policy and regulatory compliance requirements and minimize risks to mission critical data, services and assets.

With IBM QRadar Qflow and Siem combined you will be able to monitor and analyze activity on social media, and multimedia applications. You will have near real time anomaly detection and content capturing capabilities to make it easier to detect malware, recognize vulnerabilities and monitor your team’s social communications including their usage patterns.

There is also a lot more added value to your policy and regulatory compliance management. You will be able to identify and correct out of date policies and applications running over nonstandard ports as well as complete many other actionable tasks.  You will be able to automatically identify and classify new assets found on your network and discover which ports and services they are running. This will allow you the capability to be alerted when a new system or service is added or configuration changes occur.

Adding Q Flow Collector to your QRadar Security plan gives you greater visibility into network activity and will ultimately minimize risk. Check out the webcast below and full data sheet here.