To meet the security challenges of the AI era, hybrid cloud infrastructures, and yes, even ‘quantum computing,’ IBM is launching the Guardium Data Security Center. This solution unites the offerings of an observability platform with automated security management. It creates a total package that should be a serious line of defense against the bulk of existing and emerging threats that enterprise organisations will face.
According to IBM, ‘traditional’ data security solutions are insufficient. Unlike more conventional security tools that often focus on a single aspect of data protection, IBM’s new platform provides a unified view of all of a company’s data assets, integrating monitoring, governance, AI-driven risk analysis and security as well as cryptography management into a single dashboard.
Centralised solution
What further distinguishes Guardium Data Security Center from legacy systems is its focus on protecting data in dynamic environments. Think of running all kinds of AI workloads and managing agile data sets that belong together. These may be spread across various environments—on-prem, in public, and private clouds—making security more difficult. The solution IBM has now developed addresses this complexity by centralising controls and workflows. This gives security teams a more comprehensive and, more importantly, less fragmented view of their assets and potential vulnerabilities.
A new feature that does not yet exist in similar or earlier solutions is Guardium AI Security. This functionality is expressly designed to cover the risks associated with generative AI. While AI models are becoming more commonplace and in use in business operations, there is still plenty of so-called ‘shadow AI’. This involves unauthorized use of digital resources, such as the chat functions of well-known LLMs in this case.
Because their use is not approved and aligned with a company’s compliance and security requirements, it poses risks of data breaches, the use of incorrect information or disinformation, privacy blunders, or the accidental disclosure of company secrets. Guardium AI Security can discover unapproved models in use within an enterprise environment, assess the vulnerabilities, and then integrate them into a formal governance framework.
Giving Shadow AI a place
After all, employees use the tools for a reason. So, instead of simply banning them altogether, deliberate integration is preferable in such cases. The watsonx.governance solution enables management, monitoring and governance around models. These can be IBM’s own models as well as those from the open-source community and other vendors.
Tip: IBM watsonx.governance should promote trust in generative AI
In cryptography, IBM’s Guardium Quantum Safe addresses the (potential) threat of quantum computing. For years, it has been feared that traditional encryption will become totally inadequate for protecting sensitive data once quantum computers really become a reality. They would be able to crack such encryption in no time. We’re not there yet, but Guardium Quantum Safe offers post-quantum cryptography algorithms developed by IBM Research to protect encrypted data against precisely that kind of future quantum attacks.
This seems a bit like future-proofing and using fear as a selling point (“Purchase this, or you will be at risk from quantum attacks!”), but the algorithms developed by IBM Research were recently standardized by the U.S. National Institute of Standards and Technology. That makes it clear that this is at least a serious effort to prepare for an unknown future.
Finally, the enhanced Verify Digital Credentials feature allows users to digitize physical credentials, such as driver’s licenses and insurance cards, for secure storage and privacy control in hybrid cloud environments.
Also read: How do you roll out GenAI in enterprise environments?