Our world is becoming more digitized and interconnected. This significantly increases the risks of costly losses due to more frequent and damaging security threats and data breaches. Additionally, the level of sophistication and coordination of cyber threats, attacks and motives is rapidly escalating.
Today, a single organizational data breach costs an estimated $5.5M (or $194 per record) and can cause unquantifiable damage to the brand, the supply chain, and viability of the business.1 According to a Gartner study2, the financial impact of cybercrime will increase 10% per year through 2016, primarily due to the continuing discovery of new vulnerabilities. As a result, we are seeing the topic of Security move well beyond “IT housekeeping” to become a true business imperative for IT and business leaders in the C-Suite.
As Vice President and Business Line Executive of Security in IBM’s Systems and Technology Group, I meet with customers about security readiness and hear how their organizations are coping with emerging threats. This past year, the titles of the people around the room in client briefings I attended, have evolved to include teams from the offices of the CFO and CIO in addition to line of business executives. Many organizations now have chief information security officers (CISOs) who are tasked with building a risk-aware culture and an integrated security strategy. As organizations continue moving to platforms like cloud, virtualization, mobile, and social business, it’s more important than ever that security be designed-in and built-in throughout the system.
“Built-in” is the architectural premise around having a security-ready infrastructure, which is one of our key components of our Smarter Computing strategy. We believe a security-ready IT infrastructure should inherently provide data security and integrity, deliver trusted identity and access, and enable secure cloud and data systems. This helps organizations mitigate business risk, ensure compliance and control costs.
At IBM, we have created a comprehensive Security Framework to help ensure that every necessary IT security domain is properly addressed. As part of the framework, IBM has a comprehensive portfolio of security products and services.
This security framework is designed and backed by more than 6,000 IBM security engineers and consultants, the award-winning X-Force research team and the largest vulnerability database in the industry. With 40-plus years as a leader in security innovation — from hardware cryptography on IBM mainframes in the seventies to simplified security in IBM PureSystems today — IBM ensures end-to-end coverage of the security foundation.
We have developers and researchers working on security in 23 labs across the globe, and we have created the IBM Institute for Advanced Security to bring information and insights to CISOs. These teams, with inputs from our customers and business partners around the world, continue to enhance and deliver innovative security solutions.
This is the first in our Security blog series running this month. Subject matter experts across IBM will address key aspects of security, including reputational risks associated with breaches, cloud security, and the role of hardware, software and services in security solutions.
I invite you to comment and engage with me and my colleagues in this series. To kick off the conversation, it would help me to hear from you.
What is your greatest IT infrastructure security challenge for 2013?
 Ponemon Institute, 2011 Cost of Data Breach Study: Global. March 2012.
 Gartner Press Release, “Gartner Reveals Top Predictions for IT Organizations and Users for 2012 and Beyond“ Dec 1, 2011.
To effectively compete in today’s changing world, it is essential that companies leverage innovative technology to differentiate from competitors. Learn how you can do that and more in the Smarter Computing Analyst Paper from Hurwitz and Associates.