Security attacks reach 2.5 billion per day

IBM is reacting to 'startling developments' in the security field

IBM has announced a number of new initiatives which it claims will improve enterprise security and help clients save costs, in response to a massive rise in web-based threats.

The company said that its Internet Security Systems (ISS) business had sprung into action after its X-Force division identified two "startling" developments: a 30 per cent increase in network and web-based security incidents over the past 120 days; and a 40 per cent increase in the number of its clients accessing IBM virtual security operations centres.

IBM said that based on data from its 3,700 managed security services customers worldwide, the number of security events had risen from 1.8 billion to 2.5 billion per day over the past four months, and noted that a significant proportion of clients logging in to the security centre had not done so in the previous six months.

In response to these incidents, IBM's ISS division plans to introduce new identity and access management services which will help companies govern access to sensitive data and applications. IBM said that 42 per cent of systems vulnerabilities are caused by weaknesses in this area.

IBM is also offering a complementary financial assessment of a company's infrastructure management costs to provide an example of the savings that could be made by a move to its own security services.

"We are currently in a perfect storm of security threats as businesses are cutting costs, insider threats are rising and cyber criminals are using the ensuing confusion to create opportunities for themselves," said Val Rahmani, general manager of IBM ISS.

"These services, in conjunction with our new and evolving security products, are unique in helping our clients successfully navigate this storm by reducing costs while improving their overall security and compliance posture."

IBM said that security incidents are only likely to continue, but added that its customers would be notified as soon as potential network and web-based vulnerabilities are discovered.