IBM announced Autonomous Security for Cloud (ASC), an AI-powered solution from IBM Consulting designed to automate cloud security management and decision-making to help mitigate risk for organizations accelerating their cloud journey on Amazon Web Services (AWS) environments.
Highlighted in IBM’s 2024 Cloud Threat Landscape report, misconfigurations and compliance failures were identified as the top threats organizations face as they increasingly rely on cloud computing environments. Yet, in a technology landscape where security is non-negotiable, maintaining compliance and security can be complex, especially in highly regulated industries such as financial services, manufacturing and the public sector where legacy, labor-intensive compliance processes can be slow to evolve to rapidly changing cloud infrastructures and the strict regulatory standards required to protect data.
For organizations focused on cloud-based architectures, security management requires robust and specific policies and configurations to mitigate potential risks. To address those needs, IBM’s ASC solution will leverage Amazon Bedrock generative AI technology to automate, evolve and enforce client-chosen security controls quickly.
“Insights from theCUBE Research shows that 96% of organizations continue to embrace cloud transformation, which intensifies the challenge of managing and securing data,” said Dave Vellante, Chief Analyst and co-founder of theCUBE Research. “Generative AI-driven automation has the potential to be a game-changer, empowering companies to swiftly adapt, enforce, and control data policies.”
Using generative AI, automation to alleviate cloud security management challenges
Using generative AI for autonomous decisions, ASC aims to help ease operational burdens, accelerate deployment and management and mitigate risks by offering continuous monitoring, immediate adjustments and proactive threat mitigation, all designed to minimize manual work. Augmenting traditional Cloud Security Posture Management (CSPM) solutions, ASC will provide a tailored approach to cloud security management by harnessing AI-powered intelligence to consider the client-chosen control framework, along with future updates. In addition, the ASC solution is designed to automate and enforce hygiene maintenance, resolve misconfigurations, and reduce and address long-term policy drift.
“IBM recognized the opportunity for our clients to better manage and enforce security policies in their cloud environments,” said Dimple Ahluwalia, Global Business Information Security Officer and Senior Partner for Cybersecurity Services at IBM. “With ASC, we’re utilizing AI and automation tools to help organizations better manage their data, tackle cloud migration challenges and positively impact their compliance posture, to deliver value to stakeholders across the C-suite.”
As a scalable cloud solution, ASC is designed to help clients:
- Harness the power of generative AI to understand clients’ security policies and standards using large language models (LLMs) and retrieval-augmented generative (RAG) applications;
- Infer AWS native technical controls that apply to an organization’s workloads based on the client-chosen regulatory obligations;
- Autonomously monitor and deploy cloud security controls to mitigate misconfigurations; and,
- Address their non-compliance discrepancies using cloud-native automation.
And, for client security teams that spend months mapping security policies, aligning them with regulations and transforming them into scripts, ASC also seeks to accelerate the time spent on policy deployment using a combination of generative AI and cloud-native automation.
Accelerating Cloud Transformation with IBM and AWS
The introduction of ASC underscores IBM’s commitment to helping mutual clients harness the power of AWS. By combining IBM’s expertise in cloud transformation with AWS, ASC will allow clients to accelerate their cloud adoption and unlock new opportunities for business transformation and growth.
Beginning with deployment and onboarding, IBM consultants with cloud certifications and AWS expertise can assist clients utilizing ASC with tailored assessments, continuous monitoring and optimization, and proactive risk and compliance management. In addition, IBM Consulting can support ASC integration on AWS to address client’s evolving cloud infrastructure needs with the goal of improving accuracy and effectiveness over time.
IBM’s ASC solution will be generally available globally beginning in December 2024 and showcased during an AWS re:Invent 2024 session titled, “Harnessing AI for Autonomous Cloud Security: IBM & AWS Game-Changing Solution.” For more information on IBM’s Autonomous Security for Cloud solution, visit: https://www.ibm.com/services/autonomous-security-cloud.
