sb-nz logo
Story image

Inside the Check Point & IBM collaboration: What's in store for the future of cyber defence

23 Aug 2017

IBM and Check point are taking their longstanding partnership further into the cybersecurity industry by helping mutual customers boost their threat protection programmes.

IBM Security Intelligence detailed the partnership in a blog last week, which points out that threats are at an all time high, and the two companies have teamed up to find the solutions.

According to IBM, it recommends a three-C-step approach to cybersecurity. Cognitive solutions that can understand, reason and learn; cloud systems that have built-in security in their architecture; and collaboration within industry, such as intelligence sharing, to fight back against cyber criminals.

Check Point launched an event monitoring app on IBM’s App Exchange platform, which is able to consolidate monitoring, logging, reporting and event analysis into one app. The app, SmartView for QRadar, delivers network and security events from Check Point devices to QRadar for forensic analysis through a unified console, the company says.

“Security is proving to be best played as a team sport, with trust and open communication among fellow players as a best practice for winning. We’re taking the next step in collaboration and are thrilled to have Check Point as a security partner to join and support this new ecosystem,” IBM says in a blog.

In an IBM Security podcast, Deepraj Emmanuel Datt, solution design leader at IBM Security Services Asia Pacific, says that the practices across people, process technology process must be tightened.

“Hygiene is not necessarily building a fortress, and that’s something we’ve seen through our application modernisation exercises,” he says.

Evan Dumas, Check Point’s head of Emerging Technologies for APAC, Middle East and Africa, says that vendors such as IBM and Check Point collect a lot of intelligence.

He mentions that organisations need to layer specific targeted intelligence over their security solutions. This can include looking across the clear web, deep web and dark web for their people, assets and their brands.

“Typically, some of the senior-level people are all being targeted at some level. When you collect intelligence it’s interesting, but what makes it useful is when you deliver it into your architecture,” he says in the podcast.

Datt adds that end-to-end integration and visibility are important in any organisation.

He explains that IBM and Check Point are working together, particularly in the area of Security Information and Event Monitoring (SIEM) tools.

“So if an endpoint detects something malicious, a ticket is generated and manually escalated to SIEM. The SIEM looks at it and may take time to act upon it. Then the incident response platform needs to be manually activated for remediation. The entire process could take a lot of time and has manual intervention. Does the organization have this much time?” IBM asks in the blog.

Datt comments that automation has a major effect on how effective any solution is.

Dumas explains that Check Point uses advanced evasion technology to catch attacks. This information flows into QRadar and Watson to find a practical remediation strategy. Datt concludes that countries such as Indonesia and Malaysia are in great need for those kinds of technologies.

“The enterprises there literally work in siloes to be able to have endpoint monitoring, SIEM event monitoring and looking at what the execution plan is.”

He believes that the partnership will be able to bring strong security solutions to these enterprises.

Story image
Zerto launches security solutions for containerised applications
The company has launched its beta program of Zerto for Kubernetes (Z4K), an extension of its Zerto Platform, to support next-generation, cloud native applications.More
Story image
NetMotion and Netpoleon partner to deliver security platform
Netpoleon will sell, supply and support the NetMotion platform across all states and territories across Australia, and in New Zealand.More
Story image
NCSC prevents $70m harm against NZ's nationally significant organisations
New Zealand’s nationally significant organisations have faced at least 352 cyber incidents in the 2019/2020 year, but the dangers are far from over.More
Story image
Palo Alto Networks launches enterprise data loss prevention service
"As a single centralised cloud service, Palo Alto Networks Enterprise DLP can be deployed across an entire large enterprise in minutes with no need for additional infrastructure."More
Story image
Video: 10 Minute IT Jams - SonicWall VP on the benefits of Boundless Cybersecurity
Today's interviewee will discuss the ins and outs of the company's Boundless Cybersecurity solution and how it can help APAC organisations adjust to the new normal, as well as explaining the 'cybersecurity business gap'.More
Story image
Claroty and CrowdStrike form partnership to protect industrial control system environements
The integration will deliver visibility into industrial control system (ICS) networks and endpoints, with a one-stop-shop for information technology (IT) and OT asset information directly within The Claroty Platform.More