I’ve been into superheroes since I was a kid. My two favorites were Dr. Fate and Batman, in that order. You could argue that my interest in these two unique heroes lines up with IBM’s approach to security. Dr. Fate is a normal human with a magical helmet that gives him both powers and a magical, knowledgeable assistant, not unlike IBM Watson. Batman is also a normal human surrounded by advanced computing capabilities and more focus on security than anyone else, not unlike financial institutions that use IBM.
IBM has two powerful symbiotic security services that stand out, the just-announced QRadar offering and the IBM Cloud for Financial Services which has been out for a while. Let’s talk about both as if they were superpowers this week. (You can tell I’m getting excited about the new Flash movie with my favorite Batman coming out this week).
IBM Cloud for Financial Services
Financial services have a huge operational problem, particularly if they are international, in that every country has a massive number of regulations that these services must comply with, and there aren’t a lot of commonalities between companies. These regulations tend to get changed a lot as a result of breaches, thefts, company failures (like the recent SVB bank failure in Silicon Valley), and bad actors.
IBM’s unique superpower is knowing and staying up to date with all these related regulations, changing laws, and government requirements which can range from risk management to employee makeup, depending on the country.
Financial services companies like BNPP Paribus which are large, successful, and international in nature are also naturals for compliance reviews because governments know that companies with this kind of span often miss compliance requirements because of the massive number and diversity of these laws and regulations.
IBM’s ability to bridge countries and assure compliance is unique in the market and allows IBM to argue that its Cloud for Financial Services isn’t just a nice-to-have solution; it is a must-have solution for any company not wanting to be on the front page of a newspaper or in social media as non-compliant.
Internal audit is a natural internal function to assure compliance, but audit teams (I used to run a field audit team when I worked at IBM) are typically understaffed and overworked, reducing their effectiveness, and they use a sampling methodology that often enables non-compliance problems and outright theft to fall through the cracks.
While IBM has yet to put Watson in as part of this solution, my expectation is that it will. This could revolutionize audits because Watson could analyze an entire data population and not just live off smaller samples. Since it doesn’t get tired, it could do this 24/7 and across all the firm’s systems and platforms, making it even more unique and powerful as a result.
But even before that, IBM’s Cloud for Financial Services stands so far ahead of the competition you’d think it was a superpower and IBM a superhero.
QRadar was just launched this month and is impressive in its comprehensive capability to find and mitigate cyber threats.
It is one of a growing number of related security services that span from endpoints to the back office, and right out of the gate, it addresses the biggest issues with SIEM offerings in that SIEM tools do a great job in terms of identifying exposures. But IT is generally not staffed well enough to mitigate the related problems which is why, historically, SIEM products haven’t done as well as they could have. No one wants a product that is good at pointing out negligence but can’t address the underlying cause of the identified exposure.
This makes the QRadar SOAR product critical to this solution in that it has both an award-winning user interface and will automatically mitigate exposures and orchestrate incident response workflows to close the exposures that QRadar SIEM identifies. The two other components to this solution are QRadar EDR which focuses on protecting endpoints and is particularly strong against zero-day threats, and QRadar Log Insights, providing simplified data ingestion and a rapid search feature improving the speed in which an investigator can surface the cause of a breach and more effectively move to mitigate it. Analysts can now perform security-focused analytics on terabytes of data with almost unbelievable speed and accuracy.
Wrapping up: Maybe IBM needs a cape
Or maybe not, but it does have a unique portfolio of security products that appear to be better able to protect companies the way superheroes protect cities and planets from the increasingly hostile and damaging cyber security threats facing financial institutions. Because they contain large amounts of money, these institutions are high-priority targets for criminals and hostile states while the laws and regulations surrounding them are nearly impossible to navigate, particularly if they are multi-national.
IBM’s Cloud for Financial Services and QRadar help encompass and protect against this massive number of threats and will only get better when IBM eventually adds a custom instance of Watson to the solution set.
IBM’s security approach, particularly with financial institutions, stands out as uniquely powerful and comprehensive, making it a Security Superhero in my book.
- BlockCerts: Building Blockchain Solutions that Work - December 1, 2023
- IBM Power and the Importance of Measurable Results - November 24, 2023
- Windows 10/11 with Copilot: Anticipating Windows 12 - November 17, 2023