I recently had the chance to speak with Chris Hockings, Chief Technology Officer (Cyber Security) at IBM Asia Pacific, and we had a conversation on the ever-changing cybersecurity landscape, as well as the significance of the Zero Trust Framework on a hybrid, multi-cloud environment.
With more than 25 years of experience, Hockings discussed IBM’s commitment to Zero Trust and how it extends across various elements, including network, applications, data, and identity. Zero Trust is a cybersecurity framework that challenges the traditional security model, which assumes that everything inside a corporate network is trustworthy. In a Zero Trust model, trust is never assumed, and strict access controls are enforced regardless of whether a user or system is inside or outside the corporate network.
The IBM APAC CTO highlighted specific use cases, such as remote access, ransomware protection, continuous verification for consumer identity, and securing hybrid cloud and data. By applying Zero Trust principles to these scenarios, the technology company aims to provide clients with enhanced speed, scale, and accuracy in their cybersecurity efforts.
The Zero Trust Framework is a concept gaining traction in global cybersecurity discussions. At its core, the framework focuses on protection, continuous verification, and adopting an agile, risk-based approach. Hockings noted that IBM’s strategy aligns with this model, aiming to deliver cybersecurity across hybrid multi-cloud environments.
During the course of our discussion, Hockings delved into the crucial role of Artificial Intelligence (AI), particularly Machine Learning (ML), in bolstering cybersecurity. He outlined how AI, embedded in IBM’s security products, detects anomalous activities within large datasets, enabling quicker identification of potential threats. Emphasizing the need to reduce response times, the IBM executive highlighted how AI and automation contribute to enhancing overall cybersecurity resilience.
“It’s quite difficult for inexperienced people to enter the cybersecurity industry because you need quite a lot of technical experience in security teams to do that job. AI will start to deliver the ability to write complex rules for systems where humans need a high level of technical ability,” Hockings said on what role AI will have in the future.
Looking ahead, he outlined key trends organizations should address in preparation for the evolving cybersecurity landscape. He stressed the importance of understanding the attack surface, applying a risk-based approach, and embracing AI and automation. Hockings highlighted the role of AI in threat hunting, emphasizing its potential to proactively identify and address vulnerabilities before exploitation occurs.
He also tackled the misconception surrounding AI’s impact on jobs, asserting that AI should be viewed as an assistant rather than a replacement for human roles. According to him, AI aids analysts in decision-making, especially in scenarios like threat hunting, ultimately reducing the time and cost associated with cybersecurity incidents. Addressing the challenges in AI adoption, Hockings emphasized the need for organizations to prioritize transparency and explainability in AI systems. He underscored the importance of involving cybersecurity teams from the outset to mitigate potential risks associated with AI applications.
As for the perception of Filipinos to AI, Hockings acknowledged the challenges in dispelling fears and misinformation, highlighting the role of trust, transparency, and real-world use cases in fostering a positive understanding of AI. The CTO emphasized the importance of building trust in AI, showcasing real-world benefits, and actively involving the public in the discourse. He stressed the need for organizations to adopt open standards and avoid vendor lock-in, promoting an ecosystem that prioritizes agility and scalability.