IBM became the latest cloud technology company to outline a new set of capabilities for hybrid cloud management with news of new and enhanced security services aimed at helping customers manage security strategy, policies and controls across hybrid clouds.
The company announced immediate availability for its expanded IBM Security Services for Cloud portfolio that leverages artificial intelligence and automation to assess cloud security posture and identify and prioritize security risks and related issues. The new capabilities will allow companies to adopt “a consistent security strategy across their hybrid cloud environments – supported by IBM specialists with expertise to manage native security controls across Amazon Web Services (AWS), Google Cloud, IBM Cloud and Microsoft Azure, amongst others,” according to an IBM Security press release.
Nokia, VMware and other technology giants also have made recent strides with new tools and capabilities intended to provide better support and management for hybrid cloud and multi-cloud environments. Also included in the recent spate of hybrid cloud moves, IBM and Lumen Technologies announced that Lumen customers would gain access to IBM Cloud Satellite services.
While increasingly common hybrid cloud environments can provide cost-savings and flexibility to the companies adopting them, they also create new challenges for achieving visibility across cloud configurations and managing security in a unified way. IBM noted in announcing its new capabilities that cloud misconfigurations were a leading cause of data breaches, accounting for nearly one in five data breaches studied in a Ponemon Institute research report sponsored by IBM Security.
"Cloud security can appear daunting, with defenders facing an expansive attack surface, shared responsibility models and rapidly evolving cloud platforms and tools," said Vikram Chhabra, Global Director, Offering Management and Strategy, IBM Security Services, in the press release. "We cannot assume that legacy approaches for security will work in this new operating model – instead, security should be modernized specifically for the hybrid cloud era, with a strategy based on zero trust principles that bring together context, collaboration and visibility across any cloud environment."
Among the new capabilities in IBM Security Services for Cloud are:
- Cloud Native Security Services: New advisory and managed security services that can provide centralized visibility, management and monitoring of native security controls across all cloud environments – helping reduce the risk of cloud misconfigurations, while providing insights into potential risks and threats.
- Cloud Security Posture Management: These capabilities can help clients design and implement a cloud security posture management solution to address governance and compliance across cloud service providers.
- Container Security: This includes security services for clients' container environments, from consulting and systems integration to threat management, vulnerability management through IBM Security X-Force Red and managed security services for the full container lifecycle. As part of this offering, IBM consultants can assess existing container environments, analyze DevSecOps processes, review application design and solution requirements, and help clients build a roadmap for future deployments. Customers also cna gain from centralized visibility, management, and monitoring of containers through a single dashboard – across images, registries, orchestrators and cloud service providers.
- Cloud Security Strategy: IBM also will provide enhanced advisory services for hybrid, multi-cloud security assessment and strategy, based on industry frameworks such as CSA Cloud Controls Matrix (CCM). Proprietary techniques also can be leveraged to create a customized strategy and security maturity roadmap for each customer, based on specific business and regulatory needs.
This announcement comes several months after IBM launched efforts to use AI and automation to beef up it hybrid cloud software portfolio.