How IBM is pushing data-driven security

Security in the cognitive era is about enabling analysts to make data driven analysis with the help of an intelligent, collaborative data analytics-based process that contextualizes real-time threats, said IBM Senior Security Strategist Peter Allor.

“What we’re talking about here is human-centric … cognitive is not about the machine thinking for you, it is about augmenting your ability to think with the volume and velocity of data. And that’s important because we’re being flooded [with breach alerts],” said Allor Thursday at FedScoop’s Lowering the Cost of Government IT Summit.

“Our analysts that are doing security, right now, they’re not data scientists.”

Cognitive security is not a step towards artificial intelligence or automated defenses, Allor reiterated, but rather can be understood as an important tool to help security analysts be more effective and capable of managing all of the cyber threat alerts they receive.

In the past, cybersecurity centered on a perimeter defense methodology — causing organizations to focus on firewalls and basic detection products. But we now know that this old strategy is no longer effective, said Allor, who spent time in the U.S. Army Special Forces.

“Beyond the old firewall-based approach of old, the next step we saw involved the introduction of threat intelligence gathering products and services,”he explained.

Analysts today, however, are “flooded” with data breach alerts that do not provide useful information or help them quickly understand the level of threats to a specific organization based on its own, unique technology infrastructure, Allor said.

The next generation of cybersecurity technology — one which is being piloted by IBM through Watson and several other products — will look to transform the aforementioned threat alert systems, explained Allor, making intelligence feeds more user friendly to both new professionals and veteran analysts.