- Attack code released for new DNS attack
- Parts of SF network still locked out
- Basic to-do apps for iPhone, iPod touch
- Spam King pulls prison vanishing act
- SCO Group: Its future is all used up
News | Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
At IBM Internet Security System's, the company's primary security research organization is called X-Force. Kris Lamb, director of X-Force, says his group is charged with knowing where potential threats will arise and deliver product, services and education to customers about how to stay ahead of the risk. Recently Lamb discussed with Network World Senior Editor Denise Dubie what he sees as the most critical challenges and opportunities facing enterprise IT security managers today.
Tell me a bit about your role as director of X-Force at IBM Internet Security Systems.
We are the thought leaders for our customers and the company around applied security technology, the security landscape, threat forecasting, creation of new technology solutions that we may bring to market in the form of new products or new service offerings. We also provide the content delivery services for all of our products that we currently sell, such as antivirus updates or IPS updates or content filtering updates are delivered out of the X-Force organization. We also have a consulting portion of X-Force that delivers security consulting services to our clients. All told X-Force is a sizeable organization made up of a lot of research and development disciplines that are centered on security expertise.
What are some major trends or changes in the security industry X-Force is currently tracking?
Over the last 12 to 18 months or so, we've seen the hard right turn of the criminal underground shifting from a notoriety-driven motivation to a very highly-organized financially-driven motivation. Money is really driving what they do. All of the security vulnerabilities or exploits or computers they control represent real dollars to them given the activities they are using these resources for. Before it was about notoriety, it was about being seen or noticed, or getting a lot of press coverage by Web site defacements and denial of service attacks that were very public. Now the criminals don't want to be detected because when they are detected they lose control of the computing resources and they are not able to engage in the criminal activities such as computer bot exploitation or malware spreading or phishing recruitment runs. They lose those assets or the ability to conduct those activities and that means they are losing money. The criminal underground is now engaging in very shrewd, very guarded sets of activities.
Rss FeedRss Feed
In all of these letters that you have posted, Chuck, I have yet to see one that apologizes to PZ Myers...- bullet
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask to prospective vendors to get the right endpoint solution.
Download the white paper.
Unauthorized applications: Taking back control
Employees installing and using unauthorized applications like IM, VoIP, games and peer-to-peer file-sharing applications cause many businesses serious concern. How do you control these applications?
Download the white paper.
Comments (1)
RE: Organized, financially driven online criminals a main corporate threat, IBM security exec saysBy meatpieandtatters on July 10, 2007, 11:15 amEverything he says has merit. I also think that people way over-pay for IBM's services. IBM GMS has been going through some serious restructuring and cost-cutting...
Reply | Read entire comment
View all comments