IT Brief Australia - Technology news for CIOs & IT decision-makers
Story image
IBM harnessing augmented intelligence for context-specific endpoint management
Thu, 23rd Nov 2017
FYI, this story is more than a year old

Hackers are constantly unleashing creative new phishing attacks to get credentials to gain access to a PC, tablet or smartphone.

Zero-day attacks and the use of tools that find vulnerable systems require new defences to protect organisations.

In just a few short years, we have seen the shift from mobile device management to endpoint mobility management to unified endpoint management (UEM), which provides a higher level of management functionality and far more effective security capabilities.

Among the most important advances in UEM is the integration of augmented intelligence and cognitive technology, as IBM has done with IBM MaaS360 with Watson.

The integration with Watson changes the game on several fronts.

First, it reduces the number and scope of manual tasks and mobile minutiae that systems managers and admins spend time on by discovering key insights and alerts and delivering them right to the MaaS360 console.

Second, it speeds changes to security policies and rules.

And third, the use of cognitive technology enables further refinement of policies and standards so they are contextual to the specific needs of the organisation rather than more general rules.

How augmented intelligence and cognitive technologies reduce endpoint vulnerability

In many cases, the problem with endpoint security is not a lack of input information from logs, threat intelligence, behaviour tracking and other data.

Rather, it's the difficulty of building a meaningful understanding of what is occurring and how to respond.

Cognitive technologies use augmented intelligence to sort through all of the information and activity to provide security analysts and IT admins with actionable intelligence and more useful dashboards focused on endpoint devices.

UEM tools with augmented intelligence will change management and security processes by delivering more context about threats, customised for the unique needs and infrastructure of a specific organisation.

As such, actions are driven by prioritisation based on the organisation, not a general perspective.

As the number of vulnerabilities and threats increases each month, being able to prioritise them accurately is critical.

Cognitive technologies enable both IT and security teams to take a far more proactive approach to cyberdefense, determining the following:

  • What happened: Teams can identify and understand a security event or endpoint management problem more quickly. While many existing solutions can identify most of these events, they often take longer to do so, don't find them consistently or provide only partial information. This forces staff to spend additional time identifying the details of the issue and how the information applies to their environment. Many legacy products provide only reactive—rather than proactive—support after the problem or breach has occurred.  
  • What can happen: With augmented intelligence, it becomes possible to forecast what may happen to endpoints prior to an event occurring so SecOps can prepare for the impact. This is a game changer. Not every organisation has the same vulnerabilities or endpoint management capabilities, and these unique elements have a substantial bearing on future risks or issues. Cognitive technologies allow organisations to match future threats against their current cyberdefenses.  
  • What should be done: Once there is a more accurate understanding of future risks, it becomes possible to 3 Augmented Intelligence Slashes Mobile and Endpoint Vulnerabilities define the options for action. However, using cognitive technologies and intelligence, organisations can evaluate more options and gain a better understanding of the outcome for each. Using consistent data for each permutation, and reducing the amount of subjective input, it becomes far simpler to compare options and pick the best alternative. Actions can then be delivered to an administrator with just a click.

Legacy approaches to managing endpoint vulnerabilities can't keep up or provide the kind of true insight organisations require to make informed and optimal decisions.

Improving endpoint management tools with augmented intelligence and cognitive technologies is the answer.