Illumio collaborates with IBM Security to bolster cyber resilience for modern organisations

Illumio, Inc., the Zero Trust Segmentation company, has announced an expanded relationship with IBM Security and a new integration between the companies’ technologies for advanced end-to-end threat detection and response.

The integration combines IBM Security’s QRadar XDR with Segmentation from Illumio, to provide pre-attack protections for accelerated detection and automated containment and remediation capabilities, in order to help defend against the impacts of aggressive cyber-attacks, including ransomware.  

Protection against ransomware

“In 2021, over half of organisations globally reported suffering a ransomware attack that blocked access to critical systems or data,” said Frank Dickson, Program Vice President at IDC, adding “As ransomware and the attackers behind it, continues to plague every industry, organisations must act now to bolster cyber and business resiliency.”

Frank Dickson adds, “The best way firms can safeguard their organisations is to address the five core elements of a ransomware attack: initial compromise, lateral movement, privilege escalation, data exfiltration and the encryption. Given the complexity and difficulty of the task, security tools should be adaptable, scalable and emphasize real-time visibility, to enable real-time action.”

Illumio - IBM Security partnership

The integration provides customers with enhanced visibility into network traffic and can help limit the potential spread of attacks, by segmenting application networks. When an intrusion takes place, an attacker’s external communication and movement throughout an organisation’s network can be quickly detected, denied, and analysed with the help of Illumio and QRadar SIEM.

This centralised visibility and analysis can help with the detection of threats and ransomware that moves, often undetected, throughout organisations.

Acceleration of ransomware eradication and recovery process

The onslaught of ransomware attacks demands end-to-end visibility, advanced analytics and automated actions"

Beyond detection, Illumio’s integration with QRadar SOAR enables incident responders to activate Illumio’s emergency ransomware containment controls in near real-time, thereby helping them to reduce the impact of ransomware and accelerate the eradication and recovery process.

“The onslaught of ransomware attacks demands end-to-end visibility, advanced analytics and automated actions, based on an open platform – which are the foundational elements on which QRadar XDR was designed,” said Chris Meenan, the Vice President (VP) of Product Management at IBM Security.

QRadar XDR – Segmentation integration

Chris Meenan adds, “By leveraging its open architecture and segmentation platforms, like Illumio, QRadar XDR helps customers achieve early detection, orchestration, and rapid, automated response to ransomware and other fast-moving attacks.”

John Skinner, the Vice President (VP) of Business Development at Illumio, said “In February 2022, the Cyber Security and Infrastructure Security Agency reported ransomware incidents against 14 of the 16 U.S. critical infrastructure sectors, which signals the urgent business resilience risk it poses.”

Successful detection and quick response

John Skinner adds, “Not only is ransomware today becoming more sophisticated and targeted, but incident rates are climbing. Successful detection and response depend on segmentation aligned with Zero Trust principles, to isolate and stop ransomware before it spreads. Together, Illumio and IBM Security are empowering organisations to minimise the business impact of devastating attacks, by combatting known risks at every phase.”