IBM's global director and CTO of IT risk Koos Lodewijkx shared the company's guiding cybersecurity principles at SC Congress Toronto on Wednesday.
In order to fend off the barrage of threats targeting organizations, he offered that IT leaders and enterprise management define a set of guiding principles that can help them thwart evolving attacks.
IBM has done so by increasing the security IQ of every employee through training, preparing its IT and security team members to respond faster to attacks and compromise, and by putting measures in place to safeguard BYOD (inclusive of personal mobile devices that often impact enterprises' risk profiles), Lodewijkx said during the afternoon keynote. Lastly, Lodewijkx shared IBM's mission to protect its “crown jewels,” meaning intellectual property or other sensitive enterprise data flagged as a top priority, as well as its steps to leverage security intelligence to mitigate risk.
Along with sharing the five security principles, Lodewijkx told attendees that the main thing that keeps him up at night as a security leader for the tech giant, is the threat of malware, particularly threats that could target employees with privileged access to internal of external (client) data. Also, “destructive” malware, like the kind used against Sony during its breach, presently represents a small percentage of malware attacks he sees in the industry, but he believes it may be used increasingly in the near future, he said.
“It's so incredibly cheap to buy it,” Lodewijkx said, adding that the skill level required to access sophisticated destructive malware is “pretty low.”
During the keynote, he also shared one step that IBM has taken to tackle malware threats – replacing system admins or privileged users' Windows machines with computers running Linux.
While it was initially a “very unpopular move due to usability [concerns]” among staff, senior leadership at the company supported the decision which “significantly decreased malware infection rates” at IBM, he explained.
Lodewijkx noted that, when privileged users are permitted to use Microsoft Windows, they must do so in a virtual machine environment to reduce and segregate network risks.