The just-released 2024 IBM X-Force Threat Intelligence Index states ransomware, insider threats, data exfiltration, hardware failures, and natural disasters are some of the many risks corporations fear most.
Everyone is familiar with the potential power of artificial intelligence, but could that be turned against us in the form of an AI attack surface, empowering cybercriminals to invest heavily in new GenAI tools? Ransomware is still number one on the list of top five threats organizations fear the most. The just-released 2024 IBM X-Force Threat Intelligence Index states ransomware, insider threats, data exfiltration, hardware failures, and natural disasters are some of the many risks corporations fear most.
The report encourages enterprises to ensure the underlying infrastructure does not become the gateway to their AI models that don’t require novel tactics from attackers to target.
To assist clients with countering threats earlier and with accurate detection, IBM has announced an AI-enhanced version of IBM FlashCore Module (FCM) technology inside IBM Storage FlashSystem products. IBM announced a new version of its Storage Defender software, improving organizations’ ability to detect and respond to cyber-attacks like ransomware.
The latest FlashCore Module (FCM) technology, now available in the IBM Storage FlashSystem family, can integrate artificial intelligence capabilities. FCM works seamlessly with Storage Defender to ensure complete data resilience for primary and secondary workloads. AI-powered sensors provide earlier notifications of potential cyber threats, which helps enterprises recover faster.
Faster Threat Detection
The existing lineup of IBM FlashSystem products can scan all incoming data at the block-level granularity without affecting performance. This is achieved through inline data corruption detection software and cloud-based AI, which helps identify anomalies that may indicate the start of a cyber-attack. As a result, the system can quickly detect, respond to, and recover from potential attacks using immutable copies. With the new technology enabled by FCM4, the system is designed to continuously monitor statistics gathered from every single input/output operation using machine learning models. According to IBM, this allows for detecting anomalies such as ransomware in less than a minute.
IBM FlashSystem products can measure parameters like data compressibility and randomness, also known as entropy. This information is then relayed to IBM Storage Insights software, which can detect any anomalies in workload, such as ransomware trying to encrypt an application’s data. The new FlashSystem arrays feature FCM4 technology, which captures and summarizes detailed statistics about every I/O in real-time. Using machine learning models to diagnose ransomware and malware from normal behavior, FlashSystem enables organizations to take immediate action and keep operating in the event of an attack.
Smarter Threat Identification Across Workloads
IBM Storage Defender software offers comprehensive data resilience for modern hybrid multicloud IT environments comprising virtual machines (VMs), databases, applications, file systems, SaaS workloads, and containers. The latest version of the software comes with advanced threat-detection capabilities powered by AI-driven hardware and software sensors. The sensors assess the trustworthiness of copies, including backups and snapshots, and provide an index of their relative reliability.
Defender is equipped with advanced sensors created by IBM Research, designed to rapidly detect potential cyber threats, such as ransomware. These sensors generate high-quality alerts to security systems in real-time, decreasing the potential damage and allowing enterprises to recover more quickly from attacks.
Defender has recently been upgraded to include new features such as workload and storage inventory management capabilities. These features will help customers assess their applications and data to ensure they are correctly incorporated into a business continuity plan to recover the minimum viable company following a cyberattack. Additionally, the software has been enhanced to provide an automated orchestration for recovering VMware applications.
Customers enjoy Defender’s easy integration with other IBM Storage and Security solutions. Those include IBM QRadar, IBM Guardium, IBM FlashSystem, IBM Storage Scale, IBM Storage Ceph, and IBM Fusion. Defender also integrates with Cohesity with other third-party data platform integrations on the roadmap. This will deliver end-to-end data resilience across the enterprise data estate.
FlashSystem And Defender In Concert
When used together, FlashSystem and Defender offer increased data resilience for organizations. Storage administrators can ensure automatic backups of critical data by creating protection groups that include specific volumes and adhere to user-defined policies. Furthermore, immutable copies of data, verified to be free of any threat signatures, can be restored or recovered to multiple target locations, including new ones, during the aftermath of a cyber attack. These immutable copies can also be replicated to another IBM Storage Defender cluster, providing an extra layer of protection.
IBM has developed settings that allow administrators to create Safeguarded Copy snapshots automatically. These snapshots are cyber-resilient point-in-time copies of data that cannot be altered or deleted by user errors, malicious actions, or cyber-attacks. These backups are isolated from production data, enabling organizations to recover data more quickly after a data loss event. With the rise of AI-based cyber-attacks, we must use advanced technologies to combat these threats. IBM’s new FlashCore Module hardware and Storage Defender software utilize IBM’s AI capabilities to address the challenge of cyberattacks effectively.
IBM Storage Defender information
Engage with StorageReview
Newsletter | YouTube | Podcast iTunes/Spotify | Instagram | Twitter | TikTok | RSS Feed