IBM announced a multi-million dollar investment in its resources to help businesses prepare for and manage the growing threat of cyberattacks to organizations across the Asia Pacific (APAC) region.
The centerpiece of this investment is the new IBM Security Command Center, the first of its kind in the region, for training cybersecurity response techniques through highly realistic, simulated cyberattack – designed to prepare everyone from C-Suite through technical staff. The investment also includes a new Security Operation Center (SOC) which is part of IBM’s vast network of existing global SOCs – providing 24X7 security response services to clients around the world.
According to a new IBM Security X-Force Threat Intelligence Index, Asia is now the #1 most targeted region for cyberattacks – representing 26% of attacks analyzed in 2021. The data reveals a significant regional shift compared to the past decade of the report, where North America and Europe have historically ranked as most-targeted. This trend signals a growing need for security investments amongst Asian organizations, particularly those in financial services and manufacturing, which were the most-targeted industries in the region. The new IBM cybersecurity center will help address the most pressing need of the hour for organizations of all types, to accelerate their security strategies and align business priorities with a security-first approach.
The new facilities in Bengaluru, India, represent a strategic hub for IBM cybersecurity activities in the region, which also include IBM Managed Security Services, access to IBM’s elite team of incident response experts, as well as full range of IBM Consulting, IBM Research Labs, IBM India Software Labs, and IBM Garage, a collaborative approach to fast-track innovation and drive meaningful, lasting transformation for clients.
“Today, not only the CISO but the entire company needs to be prepared for cyberattacks. Leaders and cross functional teams like HR, marketing and financial operations need to experience and practice a cyber exercise, because how organizations respond during the critical moments of an attack can make all the difference in the amount of time and money lost in a response, said Aileen Judan-Jiao, President and Country General Manager of IBM Philippines.
“With Asia being one of the most attacked regions today, and with cyber attacks continuing to grow in the Philippines, the new IBM Security Command Center, together with security services and technology delivered by IBM in the Philippines, will allow businesses in the Philippines and around Asia to fully be equipped to deal with some of the biggest threats today and into the future,” she said.
At the launch event of the IBM Security Command Center in India, Carlos Santos, vice president for Corporate Services and Chief Information Officer of JG Summit Holdings said, “With the ongoing digital transformation, the emergence of IoT and devices and more employees working form home hence being more exposed to the attacks, security awareness and culture across organizations must be in place. We need to ensure the best security approach and policies are updated across the conglomerate. Most importantly, technology partnership like IBM’s Security Operations Center is the key security foundation for JG Summit. Digital transformation, together with business’ security awareness and security technology inhibited, are very crucial for organizations today,”
“Employees are the first line of defence, and we need them to experience the attacks and their impacts, educating them what they are exposing themselves to and what can be the consequences of the incidents. Cyber range is a very good opportunity to expand from the cybersecurity practitioners who probably already know how to handle cyber attacks, to the business units across organizations, from communications, legal, to business operations. JG Summit wants to ensure that security preparedness is the partnership between business and employees, and the new areas of digital transformation we are going into is secured,” added Carlos.
JG Summit is one of the large conglomerates in the Philippines that has been actively working on enhancing its cyber defence, in partnership with IBM.
Capabilities of the IBM Security Command Center
The highly realistic, immersive training simulations offered in the new IBM Security Command Center in Bengaluru leverage industry-leading audio and visual effects as well as live malware, ransomware and other real-world hacker tools. IBM designed the simulations after emergency and disaster response training models, in consultation with dozens of experts from different industries including emergency medical responders, active duty military officers and its incident response experts. The IBM Security Command Center in Bengaluru can deliver customized experiences and workshops – including virtually – that are tailored to organizations’ unique security requirements and objectives, leveraging the IBM Cyber Range Design consulting team.
Some examples of the types of trainings available include:
- Ox Response Challenge: Designed for the executive team to immerse a wide variety of stakeholders in a realistic “fusion team” environment in which players must figure out how to respond to a cyberattack as a team, across dimensions such as technical, legal and public relations.
- Operation Red Escape: Giving participants the opportunity to flip roles, it puts them in the ‘seat’ of a real-world attacker as an elite member of a growing adversarial group and develop a cloud-based attack on a major corporation. This non-technical interactive scenario allows business leaders to see first-hand how adversaries carry-out common cyberattacks on organizations with real adversarial tools and techniques.
- Cyber Wargame: In this hands-on scenario, participants uncover a cyber-attack lead by a cybercrime gang targeting a fictitious corporation. The Cyber Wargame tests the organization’s incident response process, communication and problem solving by positioning technical and business teams in the middle of a cyber security incident to see how they would work together to resolve it.
Expanding IBM’s Global Security Operation Center (SOC) Network
Adjacent to the new cyber range facility, IBM’s new Security Operations Center (SOC) will provide Managed Security Services (MSS) to clients across the globe. With capacity for 600 security response operators, it is the second IBM SOC in Bengaluru, with the other SOC continuing to specifically serve regional Indian clients. The new SOC is part of IBM’s vast global network of SOCs, which serve more than 2,000 clients around the world – managing more than 2 million endpoints and 150 billion potential security events per day. IBM’s global SOC network now includes 9 locations such as Atlanta (U.S.,) Australia, Costa Rica, Japan, Poland, Saudi Arabia and more. It offers MSS investigation experts to assist with on-the-ground response, dedicated security experts with strong vertical expertise, personalized advisory services combined with a holistic approach to secure hybrid cloud environments. IBM’s SOC model leverages AI, machine learning and automation, bringing together human expertise and advanced technologies to help respond with speed, efficiency and transparency.
2022 IBM Security X-Force Threat Intelligence Index Highlights
The 2022 IBM Security X-Force Threat Intelligence Index announced today unveiled the following insights regarding the threat landscape in Asia:
- Financial services and manufacturing were the top attacked industries in Asia, representing nearly 60% of attacks studied.
- Japan, Australia and India were the most-attacked countries in the region.
- Top Attack Types: Server access attacks (20%) and ransomware (11%), Data theft (10%) were the top attack types observed in Asia.
- Initial Infection Methods: Vulnerability exploitation and phishing tied for the top infection vector at Asian organizations in 2021, each representing 43% of attacks observed in the region.
- Ransomware groups: REvil made up 33% of ransomware attacks analyzed, and Bitlocker, Nefilim, MedusaLocker and RagnarLocker were significant players as well