IBM just announced a multi-million-dollar investment in its resources to help businesses prepare for and manage the growing threat of cyberattacks in Asia Pacific.
The centerpiece of this investment is the new IBM Security Command Center, the first of its kind in the region, for training cybersecurity response techniques through highly realistic, simulated cyberattacks – designed to prepare everyone from C-Suite through technical staff. The investment also includes a new Security Operation Center (SOC) which is part of IBM's vast network of existing global SOCs, providing 24X7 security response services to clients around the world.
According to IBM’s global analysis, Asia is now the #1 most targeted region for cyberattacks, representing 26% of attacks in 2021. The data reveals a significant regional shift compared to the past decade of the report, where North America and Europe have historically ranked as most targeted. This trend signals a growing need for security investments amongst Asian organizations, particularly those in financial services and manufacturing. The new IBM cybersecurity centers will help address the most pressing need of the hour for organizations of all types, to accelerate their security strategies and align business priorities with a security-first approach.
Located at IBM offices at Embassy Golf Links in Bengaluru, India, the new facilities represent a strategic hub for IBM cybersecurity activities in the region, which also include IBM Managed Security Services, access to IBM's team of incident response experts, as well as IBM Consulting, IBM Research, IBM India Software Labs, and IBM Garage, a collaborative approach designed to fast-track innovation and drive meaningful, lasting transformation for clients.
"Preparing for a cyberattack is like fire-drill training. Everyone from executives through to contractors need to understand their own role in an emergency and reinforce the crucial response steps through practice," said Chris Hockings, IBM Security CTO for Asia Pacific. "The new IBM Security Command Center is the first in Asia Pacific enabled to train the entire business in the art of response to a cyberattack event, further enhanced by the real-time experience of our security experts based in the adjoining global Security Operations Center. With Asia Pacific's enormous growth, diversity, and role in global supply chain, these capabilities can be a real game changer for helping customers face growing threats in the region."
Capabilities of the IBM Security Command Center
The highly realistic, immersive training simulations offered in the new IBM Security Command Center in Bengaluru leverage industry-leading audio and visual effects as well as live malware, ransomware, and other real-world hacker tools. IBM designed the simulations after emergency and disaster response training models, in consultation with dozens of experts from different industries including emergency medical responders, active-duty military officers and its incident response experts.
The IBM Security Command Center in Bengaluru can deliver customized experiences and workshops, that are tailored to organizations' unique security requirements and objectives, leveraging the IBM Cyber Range Design consulting team. Some examples of the types of trainings available include:
- Ox Response Challenge: designed for the executive team to immerse a wide variety of stakeholders in a realistic "fusion team" environment in which players must figure out how to respond to a cyberattack as a team, across dimensions such as technical, legal, and public relations.
- Operation Red Escape: giving participants the opportunity to flip roles, it puts them in the 'seat' of a real-world attacker as an elite member of a growing adversarial group and develop a cloud-based attack on a major corporation. This non-technical interactive scenario allows business leaders to see first-hand how adversaries carry-out common cyberattacks on organizations with real adversarial tools and techniques.
- Cyber Wargame: in this hands-on scenario, participants uncover a cyber-attack lead by a cybercrime gang targeting a fictitious corporation. The Cyber Wargame tests the organization's incident response process, communication and problem solving by positioning technical and business teams in the middle of a cyber security incident to see how they would work together to resolve it.
Adjacent to the new cyber range facility, IBM's new Security Operations Center (SOC) will provide Managed Security Services (MSS) to clients across the globe. With capacity for 600 security response operators, it is the second IBM SOC in Bengaluru, with the other SOC continuing to specifically serve regional Indian clients. The new SOC is part of IBM's vast global network of SOCs, which serve more than 2,000 clients around the world - managing more than 2 million endpoints and 150 billion potential security events per day. IBM's global SOC network now includes 9 locations such as Atlanta (U.S.,) Australia, Costa Rica, Japan, Poland, Saudi Arabia and more. It offers MSS investigation experts to assist with on-the-ground response, dedicated security experts with strong vertical expertise, personalized advisory services combined with a holistic approach to secure hybrid cloud environments. IBM's SOC model leverages AI, machine learning and automation, bringing together human expertise and advanced technologies to help respond with speed, efficiency and transparency.
The 2022 IBM Security X-Force Threat Intelligence Index unveils the following insights regarding the threat landscape in Asia:
- Financial services and manufacturing were the top attacked industries in Asia, representing nearly 60% of attacks studied.
- Japan, Australia, and India were the most-attacked countries in the region.
- Top attack types observed in Asia have been server access attacks (20%), ransomware (11%), and data theft (10%).
- Vulnerability exploitation and phishing are tied for the top infection vector at Asian organizations in 2021, each representing 43% of attacks observed in the region.
- REvil made up 33% of ransomware attacks analyzed, and Bitlocker, Nefilim, MedusaLocker and RagnarLocker were significant players as well.