IBM is rolling out new zero-trust capabilities to Cloud Pak for Security, key features include the new IBM Security zero trust blueprints designed around common zero-trust use cases.
Cloud Pak for Security is IBM’s platform for tackling cybersecurity threats across multi-cloud and hybrid environments
IBM said the new features would help its customers adopt a zero-trust approach to security by following the three core principles: least privilege access, never trust/always verify, and assume breach.
“For security professionals, zero trust is a framework for modernizing their overall security programs and helps them adapt to the risks emerging from their changing business environment. In fact, a recent ESG study found that 45 percent of organizations who were more mature in their zero trust strategies had a very smooth transition to employees working from home, as compared to only 8 percent of those that were the least mature,” IBM wrote in a press release.
Among the new features are the four new zero-trust blueprints based on common zero-trust use cases. The new IBM Security blueprints will provide a framework to help preserve customer privacy, reduce the risk of insider threats, secure hybrid, and remote workforces, and protect hybrid cloud environments. IBM also introduced a new consumption model – “as a Service” version of IBM Cloud Pak for Security. The new model lets customers choose between owned and hosted deployment models.
In addition, IBM announced a new partnership with Zscaler that will help to address remote work security and promote network security modernization. IBM Security Services will be combined with Zscaler’s network security technology to deliver an end-to-end secure access service edge (SASE) solution
Cloud Pak for Security was launched in 2019 at the inception of IBM’s open security strategy. It was designed to enable gathering threat intel and insights from various sources without having to move data. The system builds upon IBM’s investment in Red Hat and Open Shift, and is meant to unify security across primarily hybrid cloud environments.