While most IT organizations are still held accountable for security breaches, many of them are now judged by the way they respond to a breach when one inevitably occurs. To help those IT organizations put a consistent incident response plan in place, today IBM at the RSA Security 2016 conference announced it has acquired Resilient Systems Inc.
As one of the pioneer vendors in the category, Caleb Barlow, vice president of IBM Security, says Resilient Systems extends IBM’s security portfolio to cover protecting and detecting threats, to include how to programmatically respond to them when they occur. Instead of wasting days trying to figure out what needs to be done in the event of a breach, Barlow says organizations need to have a plan in place that everyone in the organization can follow. That plan, adds Barlow, needs to cover everything from remediating the breach to informing the media and appropriate government agencies.
As a consequence, Barlow says a programmatic approach to incident response requires a mix of products and services that make it simple to implement best incident response practices. To that end, IBM today also announced an X-Force Incident Response Services offering designed to make IT cybersecurity experts remotely available in the event of an IT security attack.
IBM also announced today an alliance with Carbon Black under which the IBM security analysts will be able to use that company’s software to play back IT events to better discover how a breach might have occurred.
While a lot of advances in IT security are on the horizon thanks to the rise of artificial intelligence and machine learning algorithms, IT security breaches in one form or another will always be with us. The challenge is systematically addressing those events, minimizing their impact by making the incident response plan a core part of the organizational memory.