[ISN] IBM offers companies monthly security report

From: InfoSec News (isn@private)
Date: Mon Oct 25 2004 - 23:42:57 PDT


http://www.computerworld.com/securitytopics/security/story/0,10801,96925,00.html

By Scarlet Pruitt
OCTOBER 25, 2004
IDG NEWS SERVICE

IBM today introduced a security service that offers a concise, monthly
global-network threat report designed to help organizations assess
security needs and vulnerabilities from a business perspective.

The IBM Global Business Security Index will compile threat information
from some 2,700 IBM security professionals and half a million
monitored devices, the company said. The data will then be analyzed by
IBM security intelligence and consulting experts to rate the potential
severity of IT threats.

IBM is selling the report to businesses as an IBM Security
Intelligence Services offering. The report can be customized by
industry and starts at a base price of around $10,000 to $15,000 a
year, according to a company spokeswoman. Additionally, a portion of
the report will be available every month for free on the company's Web
site, the spokeswoman said.

The Global Business Security Index was introduced on the same day that
the company named Stuart McIrvine as the new director of its Global
Security Strategy division.

McIrvine said that the Global Business Security Index is the kind of
new service customers can expect to see more of under his reign.

"We are getting a lot of feedback from customers that they need help
with a companywide security strategy," McIrvine said. The index is
aimed at the "boardroom" rather than IT departments because it helps
companies assess their security vulnerabilities from a business
perspective, he said.

The monthly report is about a page and a half long, with a threat
level score and a few lines about how to resolve critical issues. Its
advantage over security warnings issued by various antivirus companies
is that it is concise and avoids "information overload," McIrvine
said.

IBM's introduction of a new security offering comes amid warnings from
the company that network attacks have surged in recent months. Attacks
against critical infrastructure providers such as telecommunications
companies, utilities and government agencies increased 55% from July
to August of this year, IBM said. Meanwhile, overall attacks against
enterprises and businesses IBM monitors have increased 27% since July,
the company said.

The most prevalent attacks came from worms such as Sasser and Korgo
and attackers seeking to exploit vulnerabilities in Web server
software, IBM said.



_________________________________________
Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - http://www.osvdb.org/



This archive was generated by hypermail 2.1.3 : Tue Oct 26 2004 - 06:53:29 PDT