How IBM's security command centre in India helps fight global cyberattacks

The unit helps train cybersecurity response techniques through highly realistic and simulated cyberattack - designed to prepare everyone from C-Suite through technical staff

Located in the small township in the eastern part of Bengaluru and surrounded by offices of multinational tech companies is the new IBM Security Command Centre. The facility is the centrepiece of IBM’s multi-million dollar investment in its resources to help businesses prepare for and manage the growing threat of cyberattacks to organisations across the Asia Pacific (APAC) region. 

The facility is the first of its kind in the region. It helps train cybersecurity response techniques through highly realistic and simulated cyberattack – designed to prepare everyone from C-Suite through technical staff. The investment also includes a new Security Operation Centre (SOC) which is part of IBM’s vast network of existing global SOCs - providing 24X7 security response services to clients around the world.  

“Cybersecurity is a global challenge, felt locally and this requires a broad set of capability across the globe, and within India,” says Chris Hockings, chief technology officer, IBM Security Asia Pacific. “India is a strong and emerging technology powerhouse with a growing talent pool and with almost every major business unit of IBM Corporation present here, the launch of these new capabilities will further strengthen our presence.”

The highly realistic, immersive training simulations offered in the new IBM Security Command Centre in Bengaluru leverage industry-leading audio and visual effects as well as live malware, ransomware and other real-world hacker tools. IBM designed the simulations after emergency and disaster response training models. This is done in consultation with dozens of experts from different industries including emergency medical responders, active-duty military officers and incident response experts. IBM said the centre in Bengaluru can deliver customised experiences and workshops - including virtually.

“We expect the facility will help to raise the cybersecurity skills of the nation,” says Hockings. “With only 26 per cent of organisations globally having an incident response plan, IBM has developed the IBM Security Command Centre, the jewel in the crown of this (overall cybersecurity) facility.”

The IBM Security facilitators, which includes the company’s team in India, will also share best practices and real-world examples. These are based on their collective years in security and through the expertise of over 13,000 clients globally. They have already participated in a cyber range experience over the years.

“In India, we have worked with one of the leading FMCG multinationals to help them to identify gaps in their incident response plans while enabling them to understand how quick, practised decisions can help mitigate risk and cost,” says Hockings. “The IBM Security Command Centre experience helped them to revalidate and revamp the best practices in their cybersecurity policies.”

The need for such facilities has increased more than ever. As per the 2022 IBM Security X-Force Threat Intelligence Index, Asia is now the most targeted region for cyberattacks – representing 26 per cent of attacks analysed in 2021. This is a significant regional shift compared to the past decade of the report, where North America and Europe have historically ranked as most targeted. 

“This trend signals a growing need for security investments amongst Asian organisations,” says Hockings of IBM.

The report showed that attackers were looking for leverage through 2021. With supply chains under pressure and people feeling vulnerable because of the pandemic, attackers focused on two key industries – Financial and Manufacturing, which together at nearly 60 per cent, were the most-targeted industries in the region. When combined with an increased number of vulnerabilities, attackers not only had pressure points but new ways to expose them. Events such as the Summer Olympics almost certainly drove a focus on Japan – which ended up being the most attacked country in the Asia Pacific.

“India was among the top three most attacked countries in the region, with Japan and Australia being the others,” says Hockings.  “Ransomware was the dominant attack type against organisations in India, with the Sodinokibi and BitLocker ransomware groups accounting for most of these attacks. A common pathway for many of the attacks on Indian organisations was phishing attacks.”

Furthermore, as per the 2021 IBM Security Cost of a Data Breach Report, security incidents globally became more costly and harder to contain due to drastic operational shifts during the pandemic, including employees working from home. The study suggests that security may have lagged behind these rapid IT changes, hindering organisations’ ability to respond to data breaches. In fact, the rapid shift to remote operations during the pandemic appeared to have led to more expensive data breaches. Breaches globally cost over $1 million more on average when remote work was indicated as a factor in the event, compared to those in the group without the factor.

As part of the new investment, Bengaluru now has the first IBM Security Command Centre in Asia Pacific. 

“With Asia Pacific (including India) now the most targeted region for cyberattacks, it signals a growing need for security investments amongst Asian organisations,” says Hockings.

Also, IBM’s new Security Operations Center (SOC) will provide Managed Security Services (MSS) to clients across the globe. With a capacity for 600 security response operators, it is the second IBM SOC in Bengaluru, with the other SOC continuing to specifically serve regional Indian clients. The new facility is part of IBM’s vast global network of SOCs, which serve more than 2,000 clients around the world - managing more than 2 million endpoints and 150 billion potential security events per day. IBM’s global SOC network now includes 9 locations such as Atlanta (U.S.,) Australia, Costa Rica, Japan, Poland and Saudi Arabia.