Exclusive Interview with Lata Singh, Executive Director of Partner Ecosystem at IBM India & South Asia
In the world of data, cybersecurity is a primary concern of many companies. With this, the demand for cybersecurity solutions has also increased drastically. To secure data, various trends in technology such as AI, automation are contributing to safeguarding data exchanges across diverse cloud ecosystems.
Here is an exclusive interview with Lata Singh, Executive Director of Partner Ecosystem at IBM India and South Asia to elaborate more on IBM’s cybersecurity solutions and its contributions.
Kindly brief us about IBM’s cybersecurity offerings and how is IBM contributing to the cyber/cloud security industry?
Organizations across sectors have accelerated their digital roadmaps making it challenging for enterprise security teams to respond to threats across complex hybrid IT environments. Increasingly, clients are looking for simplified security platforms and superior managed services to help them streamline their security operations and respond to threats faster. At IBM we believe that the future approach to security is through an open, connected platform that leverages open standards, AI, and automation to connect security tools and data across cloud environments.
IBM’s security portfolio is designed to help organizations strengthen their security posture by offering robust security platforms, solutions, and services. Some of our key offerings include:
Zero Trust Framework: This has been developed by IBM to help security professionals to modernize their overall security programs and adapt to the evolving risks emerging from the changing business environment. Based on the core principles of Zero Trust, these blueprints offer a roadmap on building security capabilities and integrating them within the organization.
IBM Cloud Pak for Security: It is built on an open foundation of Red Hat OpenShift and it is the only platform that provides a connected set of capabilities that cuts across all major portions of the threat management lifecycle and is the first platform in the industry to connect data-level insights and user behavior analytics with threat detection, investigation and response.
Virtual Security Operations Center: The virtual security operations center helps businesses and security teams to easily monitor and manage the security of their hybrid cloud systems, devices, networks, and applications. Enterprise security teams can easily monitor the status through a secured web-based portal that combines IBM X-Force security research with service-level data from deployed devices across enterprise networks.
Identity and Access Management: It is essential for securing the hybrid multi-cloud enterprise while delivering a smart, frictionless and secure experience based on a zero-trust strategy. For example, IBM security verify allows IT, security, and business leaders to protect their digital users, assets, and data by providing identity as-a-service for every user, including SSO, MFA, passwordless authentication, adaptive access, lifecycle management, and identity analytics.
Security Information and Event Management (SIEM): SIEM helps provide centralized visibility into enterprise data across on-prem and cloud environments from a single pane of glass and leverages AI to detect and respond to most critical security incidents. For example, IBM QRadar provides comprehensive insights to quickly detect, investigate and respond to potential threats rapidly. Recently IBM security was named as a leader for the 12th consecutive year by Gartner Magic Quadrant for SIEM 2021.
Data Security: Data security is a key concern for most organizations and hence IBM has developed solutions to help enterprises protect their data across multiple environments while meeting privacy regulations and simplifying operational complexity. For instance, IBM Security Guardium helps organizations protect their sensitive and regulated data across environments and platforms.
Rapid incident response by using automation, process standardization, and integration with existing security tools. Mature organizations are adopting a single security orchestration, automation, and response (SOAR) platform, and are working with consulting and managed services to improve their security operations centers. This proactive approach to security threats delivers the critical elements of a successful zero trust strategy. IBM security SOAR prepares and helps organizations to effectively orchestrate responses to cyber threats.
IBM is also collaborating with the ecosystem partners to create purpose-built integrations through an open ecosystem and help organizations thrive amidst uncertain times. For example, IBM has partnered with Zscaler to help organizations connect users to applications seamlessly and securely. This partnership brings together the technology of Zscaler and the expertise of IBM to help clients adopt an end-to-end secure access service edge (SASE) approach. Recently, AWS announced its competency partner program with IBM as Level 1 MSSP competency partner. The new MSSP competency partner program recognizes our deep experience to consult on AWS native controls and AWS cloud adoption framework.
Further, another key area that we are focused on is solving the challenge of a point- integrations between products and vendors to achieve a truly connected cybersecurity ecosystem and rally behind the common standards and open-source code.
We’re starting to see progress in this arena already, with the launch of the Open Cybersecurity Alliance (OCA) in 2019. This is an open-source security initiative spearheaded by IBM and McAfee and is now backed by nearly 20 other major players. The goal of the OCA is to make security technology more interoperable across all the product categories and vendors, by developing and sharing common, open-source code that any security team can adopt.
Brief us about your role and contributions to the company.
As the Director – Partner Ecosystem, IBM India and South Asia- my role entails driving business and revenue growth for IBM through an ecosystem of partners across hybrid cloud including systems and storage, AI, and security portfolios.
Over the past year, the focus has been on supporting and enabling the partners along their transformation journey by providing access to not just technical resources but also help them build robust skills to drive sustainable growth, enhance their market positions, enable innovation and provide value to the clients.
Aligned to the changing market requirements, we continue to launch digital resources, skill enablement programs, and engagement solutions. We have introduced a special set of offerings to cater to the increased demand for cloud and security solutions and some specifically to assist our ecosystem partners. In addition, to help our partners expand their service offerings and improve their capabilities we offer technical expertise through IBM Hybrid Cloud Build Team which co-creates advanced solutions with ecosystem partners; helps modernize and migrate workloads, and infuses technologies like AI, 5G, Kubernetes, and Edge.
What practices does your company offer to mitigate risks involving privacy, attacks, and threats for its clients?
Amidst rising security concerns, ‘the Zero-Trust framework’ has gained popularity and while the products and solutions are the enablers, the crux lies in the approach towards structuring the cybersecurity program based on the three principles: enabling least privilege access; never trust, always verify; and assume breach. Therefore, achieving zero trusts within an organization requires a unified and integrated approach towards security with context around every user, every device, every connection for each instance.
To help organizations tackle zero trusts and make it actionable, IBM has created zero trust blueprints to infuse security into common business initiatives. The blueprints are vendor agnostic and offer a prescriptive roadmap on security capabilities and their integration as part of a zero-trust architecture. It covers situations like preserving customer privacy, securing the hybrid and remote workforce, reducing the risk of insider trade, and protecting the hybrid cloud. These blueprints have been developed based on real customer engagements to help organizations plan their zero-trust journey and investments with a pragmatic approach and are better aligned to security and business objectives.
What makes IBM innovative? What are the key partnerships and involvements done to drive the innovation?
Our holistic approach to innovation spans developing offerings that help enterprises transition to the next era, enable robust ecosystem collaboration, and drive strategic investments in future technologies.
Over the past years, we have seen a visible shift as enterprises are embracing technology more holistically to change their business models. They are seeking to become the technology, platform, and experience companies that have ushered in the era of virtual enterprise. These enterprises embrace openness and are powered by Intelligent Workflow that connects ecosystem participants for shared value. IBM’s open, secure Hybrid Cloud platform enables enterprises to connect with its business partners and unleash the full potential of leading open technologies to drive innovation.
At IBM, an important part of our strategy is investing in dominant technologies like Hybrid Cloud and AI and also future technologies like confidential computing, quantum computing which positions us to win in the next era of computing. Ecosystem partnerships are a critical aspect and we work closely with leading GSIs, ISVs, next-gen partners to co-create new solutions to deliver differentiated benefits to their customers.
In addition, to help accelerate our innovation charter, we collaborate with academia and various research institutes across the globe. Recently, we had announced our tie-up with leading premier academic and research institutions across India like IISc Bangalore; IIT Jodhpur, Kanpur, Kharagpur, and Madras; Tata Institute of Fundamental Research (TIFR) Mumbai, and the University of Calcutta to further education and research in quantum computing and explore use-cases. In India, we are also looking at expanding the presence of our software labs in Kerala and Gujarat. These centers will leverage technologies like hybrid cloud, AI, automation, security to develop solutions that will address the needs of the market while driving skills development in the region.
The IBM research teams continue to develop new technologies and improve existing ones to ensure we stay ahead and help enterprises achieve their digital transformations across industries like financial services, retail, manufacturing, telecom automotive, consumer sector, and energy and utility.
For example, IBM is developing next-generation innovations for protecting the privacy of data as it moves through distributed, hybrid cloud environments. In 2018, IBM became the first cloud provider to offer confidential computing for use in production. Currently, IBM cloud offers industry-leading Confidential Computing capabilities – allowing companies to maintain full privacy and control over their workload – despite not having any authority over the infrastructure that the workload is hosted on.
Looking to the future, IBM is also spearheading the development of Fully Homomorphic Encryption (FHE), a next-generation technology that allows data to remain encrypted during computation – regardless of the cloud or infrastructure being used to process it.
IBM is deeply engaged with the developer ecosystem. Launched in 2018, Call for Code is IBM’s largest and most ambitious tech for a good platform that brings together the world’s developers and problem-solvers, and provides them access to technologies like open hybrid cloud, AI, automation, and quantum to solve some of the most pressing global challenges. This year the focus is on climate change and sustainability with clean water, sanitation; zero hunger; and responsible production and green consumption as the key themes.
How do you see the security industry evolving in the future ahead?
The industry is witnessing two major shifts: security market fragmentation and widespread cloud adoption by enterprises, leading to security challenges caused by disparate tools and a complex IT landscape. Thereby creating the need for simplified platforms that will help clients manage security events across tools and clouds, deployed as a service and supported by managed services to address the security skills shortage.
As the industry evolves in cloud maturity, we must rethink as to how we make security policies applicable across cloud environments. IBM believes that the future of security is an integrated platform approach:
- Leveraging open standards, AI, and automation to connect security tools and data across the hybrid cloud
- With capabilities for seamless integration with managed services.
Our technology IBM Cloud Pak for Security is a single, unified platform designed to connect all of a companies’ security tools and data – built on an open foundation of Red Hat OpenShift, in order to scale across hybrid cloud environments. Cloud Pak for Security is the only platform that provides a connected set of capabilities that cuts across all major portions of the threat management lifecycle. Cloud Pak for Security is the first platform in the industry to connect data-level insights and user behavior analytics with threat detection, investigation, and response.
We do believe that security can play an important role in accelerating business results and hence greater alignment of security programs and outcomes to business objectives would be the most effective way to transform today’s security resilience and value.
IBM is leading the charge to pave the way for this shift across our offerings, and the industry.