IBM doubles down on hybrid cloud security

12 April 2021

An IBM “smarter cloud” advertisement. (Photo by JOHANNES EISELE / AFP)

A couple of weeks back, IBM revealed the launch of new and improved security services for the hybrid cloud. The newly-unveiled services will not only help businesses manage their cloud security strategy, but other policies and controls as well that bring IBM systems together with cloud-native and third-party technologies to create a unified security approach for hybrid cloud ecosystems.

At this point, a goodly number of organizations still rely on a combination of cloud and on-premise resources to give companies a good balance of operational agility, improved security posture, and cost savings. The hybrid cloud adds flexibility to the mix, but makes the entire ecosystem even more distributed.

Hence many firms are finding it challenging to maintain visibility of their spread-out environment while still managing expansive security controls throughout the IT environment. Data from the 2020 Cost of a Data Breach Report showed that nearly one in five data breaches studied was the result of cloud misconfigurations – the leading contributor to data breach incidents, according to the report.

Instead, the expanded suite of IBM Security Services for Cloud promises to help simplify security management in a hybrid setting – helping create consistent security strategies across hybrid cloud environments, with the support of IBM specialists who manage native security controls across Amazon Web Services, Google Cloud, IBM Cloud and Microsoft Azure, amongst others.

The new IBM Security Services for Cloud offerings will make use of artificial intelligence (AI) and automation to sort through and identify potential risks, scheduling responses to emerging threats, as well as linking dispersed data across broader security operations as well as on-premises systems.

The suite is also designed to help companies evaluate their current cloud security posture, and build and manage access, policies, and technical controls to safeguard new and existing cloud resources. “Cloud security can appear daunting, with defenders facing an expansive attack surface, shared responsibility models, and rapidly evolving cloud platforms and tools,” said Vikram Chhabra, global director, offering management and strategy, IBM Security Services, in a press release.

“We cannot assume that legacy approaches for security will work in this new operating model – instead, security should be modernized specifically for the hybrid cloud era, with a strategy based on zero trust principles that bring together context, collaboration and visibility across any cloud environment.”

The new services will bring together “cloud-agnostic security expertise with an integrated set of cloud, proprietary and third-party technology solutions,” as stated in the IBM press release. It will also support clients in any stage of a cloud security journey, which can mean advising organizations on how to move data, users, and workloads to the cloud, and providing continual risk monitoring and threat management of their existing hybrid cloud architecture.

The suite includes cloud-native security services, cloud security posture management, container security, and cloud security strategy.