Web applications have become the Achilles heel in the way IT systems are being attacked, says Dan Powers, vice-president of IBM brand strategy, marketing and business development.
Speaking at the IBM X-Force road show, held at The Venue in Melrose Arch earlier this week, Powers said the modern security landscape is becoming more complex. He added that a security breach, on average, can cost a company around $6.6 million (R55.4 million).
Powers says IBM acquired Internet Security systems two years ago to act as the driving force in its global security strategy. As part of the acquisition, IBM took control of security stalwart X-Force, which is now the heart of IBM's security research.
Leading the way
“The way people access corporate resources has changed dramatically. Supply chains are spread across the world today which introduces potentially new risks that companies haven't thought about in the past,” said Powers.
“There are different ways of accessing information through mobile devices and a proliferation of devices that might not be as secure, such as cellphones. Emerging technologies such as Web 2.0, virtualisation and cloud computing are introducing new risks.”
He says X-Force does research on vulnerability analysis, malware analysis, threat landscape forecasting and protection technology. “A secure environment is essential for organisations to deliver products and services to customers and to take advantage of growth opportunities.”
Vulnerable applications
Powers points out that a lot of recent hacks have involved applications such as Adobe, Internet Explorer and Windows Media Player, because of their popularity as well as their vulnerabilities being exploited by cyber criminals.
According to an X-Force threat report, last year saw a 15.3% increase in severe vulnerabilities. In addition, 46% of vulnerabilities from 2006 and 44% from 2007 were still left with no available patch by the end of 2008. The two largest categories of vulnerabilities in 2008 were Web application vulnerabilities, sitting at 55%, and vulnerabilities affecting PC software, at around 20%.
The report reveals that Apple-based operating systems and Linux kernel dominated the top spots for vulnerability disclosures over the past three years.
Powers says IBM has been working closely with its recently acquired application scanning business, Watchfire, as well as its latest virtual server security product, Phantom, within its X-Force team.
Related stories:
Sun kicks off super-computing project
Information warfare rages
Cyber crime takes off
Fighting fire with fire
Share
