I joined a number of security professionals at the IBM Security Summit in London last month during the “Innovating With Cloud Security” breakout session, which was hosted by Martin Borrett, chief technology officer (CTO) of IBM Security Europe. The audience took part in discussions about typical cloud transformation journeys, security for and from the cloud,…

Privilege escalation is one of the key components of any attack that involves penetrating a system. If threat actors have limited access due to a current user’s privilege levels, they will naturally aim to escalate their privileges before expanding the scope of the attack. How can security professionals detect malicious escalation techniques before adversaries get…

There have been countless cyberbreaches over the past few years in which personal data, such as user IDs and passwords, have been compromised. These range from attacks against government agencies, such as two recent incidents affecting the national identity systems in Spain and Estonia, to corporate breaches exposing data belonging to millions of customers. In…

Accelerated identity and access management (IAM) is the mantra of many identity-as-a-service (IDaaS) providers, and IBM is no exception. Cloud Identity Service, a market-leading full-stack IDaaS solution, provides speedy deployment, lightning-fast onboarding of software-as-a-service (SaaS) applications, increased time to value and on-demand scalability to IBM’s largest enterprise clients. IBM’s enterprise clients are looking at the…

There seems to be continuing confusion about what access management means. In layman’s terms, accessing an application implies the process of authentication — i.e., opening a browser or accessing a link — where you may be prompted to enter your credentials. If the user provides the right set of credentials, he or she gains access…

Mainframe security is simple to understand and extremely intuitive to apply. Some might find it hard to believe that the mainframe security model can be easily integrated with other platforms and applications. As everyone in the IT industry knows, a system’s security level depends strictly on the possibility of attacks from unknown and unplanned access….