Introducing the updated IBM Security Framework.

The Updated IBM Security Framework
The Updated IBM Security Framework

How does an IBMer describe how IBM covers security?  How can you map the product offerings we have to various security domains in frameworks like CoBIT, ISO, etc.?  Whats a good way to learn all the products in our portfolio?  The answer in the IBM Security Framework.  First used in 2008. it’s been modified to evolve with IBM’s broadening capabilities.  It’s the high-level overview that’s perfect for opening discussions with customers, business partners, and other IBMers.  The deep-dive version is the IBM Security Blueprint – a must read for security practitioners.  From Marc van Zadelhoff:

Today, we launch the updated version of the IBM Security Framework, depicted here.  The Framework represents a comprehensive way to view security risks and in turn the areas where IBM has invested in solutions.  As you can see, it identifies the four foundational aspects we continue to be focused on: People, Data, Applications and Infrastructure. You need best-in-class capabilities in each area in order to be secure and compliant today.  We’ve found that these dimensions extend equally well to solving problems that have become more prominent in the last few years: cloud security and mobile security.  The same dimensions apply and customers are using the Framework and IBM’s capabilities in each area to solve these newer issues like they do with traditional data centers security.

That box at the the top, Security Intelligence, Analytics and GRC, is my main playground. Traditionally this was just “SIEM”, but now we are looking to fill lots of roles.  We need advance intelligence to provide to the SOC teams.  We need in-depth analysis for compliance and CERT teams.  We need dashboarding and business relative data for GRC.  So just trowing around the term SIEM isn’t effective.

Go read Marc’s overview of the change to the framework and start using the new graphic with the new ISS division.

READ MORE:  Introducing the Updated IBM Security Framework


Rise, ancient unused blog! Be Reborn!

Hello World. This poor under used blog needs some love. There is much to talk about. Starting at the beginning of this year IBM create a new software division for most of it’s security software. So I no longer work for Tivoli, but am a proud member of IBM Security Systems. Yes, unfortunately we are using the same ISS acronym. That will make things confusing, so I will do my best to clear things up. ISS is now a full fledged software brand, just like Tivoli, Websphere, Rational and Lotus.

What will I be doing in the new org? I am still in services, meaning that I still am focusing on making out products work for our customers. I’m not in sales, but occasionally help our sales teams. I not in development, but give lots of feedback to our product managers. I build solutions for our customers, and look to build tools and documentation to make it easier and more productive to implement IBM Security Systems.

We have a broad portfolio in the ISS division now, but I will be focusing on Security Intelligence and Data Protection. In particular I am focusing on the recent Q1 Labs acquisition and ensuring their success under big blue. I will be writing future posts about TSOM, TSIEM and QRadar, so stay tuned. I just needed to get this “first post” out the way.