IoT a focus for IBM's new security taskforce

The Internet of Things will be a key focus for IBM’s newly formed security testing team, X-Force Red.

Comprising security professionals and ethical hackers based in dozens of locations around the world including the United States, the United Kingdom, Australia and Japan, the group will help businesses discover vulnerabilities in their computer networks, hardware, and software applications before cybercriminals do.

The team will form part of IBM’s Security Services division, and will be spearheaded by Charles Henderson, a renowned penetration-testing expert and IBM’s global head of security testing and threats.

The members of X-Force Red bring together expertise from multiple industries, including healthcare, financial services, retail, manufacturing and the public sector.

Technology will not be the only focus of the group, with human factors in processes and procedures also set to be examined.

IBM X-Force Red’s four focus areas are:

Application – penetration testing and source code reviewing to identify security vulnerabilities in web, mobile, terminal, mainframe and middleware platforms
Network – penetration testing of internal, external, wireless and other radio frequencies
Hardware – verifying the security between the digital and physical realms by testing IoT, wearable devices, point-of-sale systems, ATMs, automotive systems and self-checkout kiosks
Human – performing simulations of phishing campaigns, social engineering, ransomware, and physical security violations to determine risks of human behaviour

IBM X-Force Red will provide its services based on three models: individual projects, subscription-based testing and managed testing programs.

All of these options include vulnerability analytics designed to improve the efficiency and impact of security testing programs.

"Having a machine scan your servers and source code is a great step to help prevent data breaches, but the human element of security testing cannot be overlooked," Henderson said in a statement.

"Elite human testers can learn how an environment works and create unique attacks using techniques even more sophisticated than what the criminals have."