ARMONK, N.Y., Sept. 6, 2023 /PRNewswire/ -- Today, IBM (NYSE:IBM) announced the expansion of the IBM Cloud Security and Compliance Center, a suite of modernized cloud security and compliance solutions designed to help enterprises mitigate risk and protect data across their hybrid, multicloud environments and workloads. As clients look for ways to address new threats across the supply chain and manage evolving global regulations, the solution suite helps to support their resiliency, performance, security, and compliance needs while helping to minimize operational costs.
"IBM Cloud has a long history of working with clients in financial services and other highly regulated industries, especially when it comes to helping them to drive innovation while protecting their sensitive data," said Rohit Badlaney, General Manager, IBM Cloud Product and Industry Platform. "The expansion of the IBM Cloud Security and Compliance Center demonstrates our continued focus on industry-specific capabilities that help address real world business challenges for our clients. For example, clients have the ability to utilize the IBM Cloud Framework for Financial Services, which can help them address evolving rules, laws and regulations surrounding cloud risk. The new capabilities showcase our commitment to supporting clients on their hybrid cloud modernization journeys, designed for security, compliance, privacy, and trust at the forefront of our product roadmap."
Research from IBM revealed that more than 77 percent of global business leaders have adopted a hybrid cloud approach, yet more than half of respondents are still concerned about security, and believe compliance in the cloud is too difficult to maintain. To help clients overcome these challenges, the next evolution of the IBM Cloud Security and Compliance Center aims to help clients continuously monitor and manage their security and compliance from a central dashboard across their hybrid and public cloud environments – not just IBM Cloud. With the new addition of IBM Cloud Security and Compliance Center Data Security Broker, developed in collaboration with Baffle, Inc., the capabilities of the solution suite extend beyond compliance posture management and workload protection capabilities to include application-level security.
"As more enterprises adopt a hybrid, multicloud approach to managing applications of all sorts across SaaS, PaaS, IaaS and on-premises, centrally automated and managed technologies that can implement security and compliance capabilities at scale are required. The IBM Security and Compliance Center addresses this need for holistic protection – which is especially critical for organizations in highly regulated industries that manage sensitive data, such as financial services – regardless of the application within which data may live," said Frank Dickson, VP of Security & Trust at IDC. "IBM Cloud Security and Compliance Center Data Security Broker will support more scalable data protection, furthering IBM's commitment to building technology that creates enhanced outcomes."
The new IBM Cloud Security and Compliance Center Data Security Broker solution provides a transparent layer of data encryption with format preserving encryption and anonymization technology to protect sensitive data used in business applications and AI workloads.
"IBM Cloud Security and Compliance Center Data Security Broker is a year-long effort to produce a streamlined data protection solution for IBM customers. Enterprises want to operate with greater agility and scale to modernize the complexities of the shared responsibility model with a cloud provider," said Ameesh Divatia, CEO of Baffle, Inc. "By combining the powerful IBM Cloud platform and Baffle's unique data-centric security approach, enterprises can confidently protect their highly sensitive, valuable data as it enters the cloud and is shared across the entire analytics pipeline."
In addition to IBM Cloud Security and Compliance Center Data Security Broker, the expanded IBM Cloud Security and Compliance Center suite will include several new capabilities to support clients, especially those in regulated industries, address industry security, compliance, and data residency requirements:
- Enhanced cloud security posture management (CSPM), workload protection (CWPP), and infrastructure entitlement management (CIEM) to help protect hybrid, multicloud environments and workloads. The workload protection capabilities are designed to prioritize vulnerability management to support quick identification and remediation of critical vulnerabilities. This includes container threat detection, built on open-source Falco, which uses advanced machine learning and behavioral analysis to help identify and block threats in near real-time.
- Intelligent automation technology with deployable architectures, which has the potential to accelerate secured cloud adoption, without requiring developers to have extensive compliance knowledge, nor engage in complex post deployment detection and mitigation.
- Visibility into third- and fourth-party risk posture through integrations to risk management solutions. This type of visibility can help organizations examine their own risk as well their supply chain threats to address their critical security and compliance requirements.
- Expanded compliance capabilities will be available in Q42023 and will include the automation of implementation and management of compliance controls and centralized data collection to help clients support new regulatory compliance standards.
Expanding the IBM Cloud Security and Compliance Center furthers IBM's mission of helping clients to protect their workloads in hybrid, multicloud environments, as well as the sensitive data within. The IBM Cloud Security and Compliance Center is generally available and includes additional partner integrations.
To learn more about the solution, see:
- Security and Compliance Center (https://www.ibm.com/cloud/security-and-compliance-center)
- Data Security Broker ( https://www.ibm.com/cloud/data-security-broker)
Statements regarding IBM's future direction and intent are subject to change or withdrawal without notice and represent goals and objectives only.