IBM Brings 'Watson' Supercomputer to Cybersecurity Fight

IBM is deploying its Watson supercomputer to help organizations answer this essential question: In the face of nonstop security events, potential intrusions, suspected breaches and critical patches, what's the next, best action that an organization's security analyst should take?

"It's all very well understanding you've got a problem; it's then, well, how do I triage, how do I take an informed decision about that, and how do I then remediate? So what are the processes that I go through," says Peter Jopling, an executive security adviser with IBM Security who's based in the United Kingdom.

While deploying Watson to tackle information security challenges is still in its early stages, Jopling says that going forward, organizations will clearly need more help, not less. "The challenge with pretty much every organization I talk to is that security isn't their core business. They don't want to stand up a large security operations center with lots of people and lots of process around that," he says.

In this interview with Information Security Media Group at the Infosec Europe conference in London, Jopling also discusses:

Organizations' need for a security intelligence framework. Challenges related to assimilating security-related data and triaging the security team's response. How IBM anticipates Watson will provide security-related upsides.

Jopling is the deputy program director of IBM Security's tiger team. He's previously served as the chief technology officer and software security executive for IBM's U.K. business unit; identity, risk and governance strategy manager for IBM Tivoli in the United Kingdom and Ireland; and as a security and mainframe account manager for Platinum Technology, prior to its acquisition by Computer Associates.