Story image

IBM harnessing augmented intelligence for context-specific endpoint management

23 Nov 2017

Hackers are constantly unleashing creative new phishing attacks to get credentials to gain access to a PC, tablet or smartphone.

Zero-day attacks and the use of tools that find vulnerable systems require new defences to protect organisations.

In just a few short years, we have seen the shift from mobile device management to endpoint mobility management to unified endpoint management (UEM), which provides a higher level of management functionality and far more effective security capabilities.

Among the most important advances in UEM is the integration of augmented intelligence and cognitive technology, as IBM has done with IBM MaaS360 with Watson.

The integration with Watson changes the game on several fronts.

First, it reduces the number and scope of manual tasks and mobile minutiae that systems managers and admins spend time on by discovering key insights and alerts and delivering them right to the MaaS360 console.

Second, it speeds changes to security policies and rules.

And third, the use of cognitive technology enables further refinement of policies and standards so they are contextual to the specific needs of the organisation rather than more general rules.

How augmented intelligence and cognitive technologies reduce endpoint vulnerability

In many cases, the problem with endpoint security is not a lack of input information from logs, threat intelligence, behaviour tracking and other data.

Rather, it’s the difficulty of building a meaningful understanding of what is occurring and how to respond.

Cognitive technologies use augmented intelligence to sort through all of the information and activity to provide security analysts and IT admins with actionable intelligence and more useful dashboards focused on endpoint devices.

UEM tools with augmented intelligence will change management and security processes by delivering more context about threats, customised for the unique needs and infrastructure of a specific organisation.

As such, actions are driven by prioritisation based on the organisation, not a general perspective.

As the number of vulnerabilities and threats increases each month, being able to prioritise them accurately is critical.

Cognitive technologies enable both IT and security teams to take a far more proactive approach to cyberdefense, determining the following:

  • What happened: Teams can identify and understand a security event or endpoint management problem more quickly. While many existing solutions can identify most of these events, they often take longer to do so, don’t find them consistently or provide only partial information. This forces staff to spend additional time identifying the details of the issue and how the information applies to their environment. Many legacy products provide only reactive—rather than proactive—support after the problem or breach has occurred.  
  • What can happen: With augmented intelligence, it becomes possible to forecast what may happen to endpoints prior to an event occurring so SecOps can prepare for the impact. This is a game changer. Not every organisation has the same vulnerabilities or endpoint management capabilities, and these unique elements have a substantial bearing on future risks or issues. Cognitive technologies allow organisations to match future threats against their current cyberdefenses.  
  • What should be done: Once there is a more accurate understanding of future risks, it becomes possible to 3 Augmented Intelligence Slashes Mobile and Endpoint Vulnerabilities define the options for action. However, using cognitive technologies and intelligence, organisations can evaluate more options and gain a better understanding of the outcome for each. Using consistent data for each permutation, and reducing the amount of subjective input, it becomes far simpler to compare options and pick the best alternative. Actions can then be delivered to an administrator with just a click.

Legacy approaches to managing endpoint vulnerabilities can’t keep up or provide the kind of true insight organisations require to make informed and optimal decisions.

Improving endpoint management tools with augmented intelligence and cognitive technologies is the answer. 

Sonatype and HackerOne partner on open source vulnerability reporting
Without a standard for responsible disclosure, even those who want to disclose vulnerabilities responsibly can get frustrated with the process.
OutSystems and Boncode team up for better code analysis
The Boncode and OutSystems alliance aims to help organisations to build fast and feel comfortable that the work they're delivering is at peak quality levels.
Nuance biometrics fight back against fraud
Nuance Communications has crunched the numbers and discovered that it has prevented more than US$1 billion worth of fraud from being passed on to users of its Nuance Security Suite.
SIS announces a partnership with Platform 4
“We are looking forward to a strong future in the New Zealand security industry with this global giant as our strategic partner."
Attacks targeting Cisco Webex extension explode in popularity - WatchGuard
WatchGuard's Internet Security Report for Q4 2018 also finds growing use of a new sextortion phishing malware customised to individual victims.
Developing APAC countries most vulnerable to malware - Microsoft
“As cyberattacks continue to increase in frequency and sophistication, understanding prevalent cyberthreats and how to limit their impact has become an imperative.”
Worldwide spending on security to reach $103.1bil in 2019 - IDC
Managed security services will be the largest technology category in 2019.
Kiwis know security is important, but they're not doing much about it
Only 49% of respondents use antivirus software and even fewer – just 19% -  change their passwords regularly.