IBM is rolling out a new platform aimed at giving organizes the tools needed to protect their data against the cyberthreats that are emerging with the expansion of generative AI as well as the impending dangers from quantum computing.
Big Blue’s Guardian Data Security Center comes at a time when the two advanced technologies combined with the ongoing expansion of hybrid cloud computing continues to change the dynamics of how data is managed and protected. The unveiling of Guardian Data Security Center comes a week after the World Economic Forum (WEF) said such emerging technologies as AI and quantum – along with more than 200 others, like blockchain, the Internet of Things (IoT), and autonomous systems – require a “paradigm shift” in how cybersecurity systems are developed and deployed.
Among the factors driving the need for a new way to look at security is the rapid innovation around such technologies that is outpacing the development of security measures and regulatory frameworks, the organization wrote in a report.
The enterprise use of generative AI opens up new avenues for models and data to be compromised, particularly as cybercriminals adopt the technology for their own use and develop new lines of attack, from prompt injection to data poisoning. There also are issues around “shadow AI” – the use of unapproved AI tools that are not sanctioned by a company – data compromise, compliance, and governance.
Meanwhile, ongoing development of quantum computing by IBM as well as other IT giants like Google and Microsoft means that the security threats the technology presents is not far off. Some workloads are already being run in hybrid classical-quantum cloud environments and there is the ongoing worry about quantum’s eventual ability to crack modern encryption techniques.
That was illustrated by a report released this year by Chinese researchers who say they used a quantum system to break RSA cryptography, though there were numerous caveats attached to the research. A concern in the cybersecurity community is that bad actors are stealing encrypted data now and holding it until the time comes that quantum will enable them to decrypt it.
Work is already underway to guard against the quantum worries, with the National Institute of Standards and Technology (NIST) in August releasing three post-quantum cryptography standards – ML-KEM (formerly known as Kyber), ML-DSA (Dilithium), and SLH-DSA (SPHINCS+) – designed to address potential threats.
In announcing Guardian Data Security Center, IBM is hoping to address the worries that come with the new technologies.
“Generative AI and quantum computing provide immense opportunities, but they also bring new risks,” Akiba Saeedi, vice president of security product management at IBM, said in a statement. “During this transformative time, organizations need to improve their crypto-agility and carefully monitor their AI models, training data, and usage.”
The goal of the new platform is to give organizations a comprehensive view of the risks they face, Saeedi said.
The platform includes Guardian AI Security software to enable organizations to manage the security risk and data government requirements for AI data and models by discovering AI deployments, detailing compliance, mitigating vulnerabilities, and providing a common view of data to protect data in AI models. The software also integrates with IBM’s watsonx generative AI platform and similar offerings from software-as-a-service (SaaS) provides.
Guardian Quantum Safe is aimed at protecting encrypted data from future cyberattacks from threat actors who in the future can leverage quantum systems to break encryption techniques. Organizations can create and enforce policies based on regulations via a single dashboard that includes cryptographic algorithms, vulnerabilities detected in code, and network use data that security analysts can tap into.
It’s part of IBM’s larger Quantum Safe portfolio from IBM Consulting and Research, including IBM’s Research’s post-quantum cryptography algorithms adopted by NIST. In addition, IBM Consulting’s Quantum Safe Transformation Services use such technologies to help enterprises define and prioritize quantum security risks and to scale their efforts.
Recent Articles By Author