Endpoint Security And Intrusion Detection Remain Top Concern

Tom Jowitt,

IBM’s security boss Dave Merrill talks about what threats and challenges are keeping him awake at night

Business IT managers currently face an increasing challenge of securing both their physical and virtual endpoints, whilst at the same time fending off the nightmare scenario of hackers penetrating their internal systems.

So says Dave Merrill, IBM’s Chief Information Security Officer, who spoke to eWEEK Europe UK about the critical need to secure an organisation’s endpoints and the security implications of the cloud, plus what is keeping security managers awake at night.

Today’s Threat Assessment

Merrill believes that currently endpoint security encompasses the ongoing challenge of incorporating people’s smartphones and even tablets into the corporate infrastructure, but it also includes traditional endpoints such as desktops PCs, servers, roaming laptops etc.

Another headache is posed by specialised equipment such as point-of-sale devices, ATMs, and self-service kiosks etc.

“What keep me awake at nights is the fact consistently across most enterprise organisations we are confronting two or three major ‘plays’ at the moment,” said IBM’s Merrill.

“The first concerns the threat being posed by targeted attacks, as witnessed by the recent Sony Playstation attack,” said Merrill. “We are very concerned about targeted attacks and the measures we have to take in order to prevent this, as these attacks can not only damage an organisation’s intellectual property, but also the brand reputation.”

“From IBM’s perspective this has caused us a lot of intense discussions lately, as attacks like these are very difficult to identify, kind of like finding a grain of sand at the bottom of the ocean,” said Merrill. “We are now used to botnet attacks, but the latest attacks are an order of magnitude more difficult to detect and repel.”

Endpoint Security

“The other two major concerns we have at the moment concern mobile enablement and the cloud, both of which are key transformational items for a business,” said Merrill. “These offer critical and essential benefits, so how do we enable mobile and smartphones as well as tablets, but at the same

Continued on page 2