IBM Security

Data Sheet

IBM Security Resilient Security

Orchestration, Automation and
Response (SOAR) Platform
Highlights
Privacy Add-On
• Orchestrate all aspects of Fast, Intelligent, Proactive Response to
the incident response
process
Privacy Breaches
• Support for 174 state,
State, global and industry-specific breach notification
global and industry specific
regulations are resulting in additional cost and complexity for
regulations
organizations worldwide as they look to meet privacy
• Coordinate response reporting requirements. Security and Privacy teams need to
process with privacy tasks align their processes in order to report privacy data breaches
and workflows
to different regulatory authorities with different reporting
• Risk Assessment tools help requirements and deadlines or risk the impact of negative
evaluate notification publicity and costly fines.
requirements
The Privacy Add-On for the IBM Security Resilient Security
Orchestration, Automation and Response (SOAR) Platform
provides organizations with support for 174 privacy incident
reporting regulations worldwide, allowing security teams to
integrate privacy reporting tasks into their overall incident
response playbooks and work together with your privacy and
legal teams to address regulatory requirements.
IBM Security
Data Sheet

The Resilient SOAR Platform Privacy Add-

on

The Resilient Privacy add-on is a key addition

to the Resilient SOAR Platform. The solution
helps to transform current manual tasks for
assessing privacy risk and reporting
requirements into an automated, efficient
process that can provide a single point for
preparation, assessment and management
of a data privacy breach.
Aligning people, process and technology
By integrating privacy reporting deadlines
into the broader Incident Response (IR) Additionally, integrations with IT operations
process, the Resilient SOAR platform helps tools , IT Service Management (ITSM) and
organizations to maintain a single, auditable ticketing systems can help to gather information
record of all aspects of their and assign tasks to team members outside of the
breach response. This single “system of core security team.
record” can help provide value to
security leaders as they conduct post- Third party integrations for the Resilient
incident reviews and create the reporting SOAR platform are available from the IBM
package for regulators. Security App Exchange. The App Exchange
offers more than 130 validated and
A single, integrated system for all aspects of community apps, with additional apps being
security incident management supports added regularly. Customers also can develop
strong alignment between your privacy, legal their own integrations for bespoke or
and security operations teams. The Resilient customized applications, leveraging fully-
SOAR platform can become a centralized hub documented APIs and supported by IBM
for all breach information, as security teams developer resources.
look to integrate information from different
security tools such as Security Information
and Event Management (SIEM), Endpoint
Detection and Response (EDR) and firewalls. Key features of the Resilient Privacy solution
include:

Global Privacy Knowledgebase

At the heart of the IBM Security Resilient

Privacy add-on is the global knowledgebase.
This database is a regularly updated
database of breach notification regulations
across US states and countries in Europe, the
Middle East and Asia. The database also
includes industry-specific regulations with a
IBM Security
Data Sheet

privacy breach reporting requirement, such requirement, these tasks detail the steps
as HIPAA. that the members of the privacy team should
take to address the reporting requirements.
An internal team of certified privacy The privacy add-on tracks data breaches that
professionals manages the global triggers multiple reporting requirements as
knowledgebase. These privacy professionals separate tasks inside the overall incident.
communicate with regulators, privacy This process gives privacy and security
professionals from the IBM customer base teams a single view of all privacy and
and the wider privacy community to keep the security related aspects of an incident.If
knowledgebase updated. required by a regulation, operators of the
add-on can assign specific users and specific
timelines for incident tasks.

Global Knowledgebase
Incident Playbook

The Resilient privacy team monitors the

regulatory landscape for upcoming and While the information varies based on the
updated regulations and tracks their process. regulation, these tasks can often include the
The team works with partners and customers following items:
on how to best implement these regulations
inside the platform. Regular release notes Document the breach - Prompts and guides
provide updates on new or upcoming the team on what documentation is required
regulations so customers can review their throughout the response process. Notify
relevance and adjust their breach response regulator/supervisory authority - Provides
plans as appropriate. guidance on who to notify, what to include in
the notification, and how to notify. If
Guided Data Breach Notification applicable, this guidance may include a
notification template. Notify affected
The Resilient Privacy Add-on allows individuals/consumers - Offers detailed
customers to integrate breach notification guidance on what information should be
into the wider cybersecurity incident included in any consumer notification and
response process, with privacy-specific tasks guidance on acceptable formats. These
integrated into the overall incident playbook. tasks can also provide a notification
Derived from the specific reporting template, if available.
IBM Security
Data Sheet

Breach risk assessment Practicing in this way can help security and
privacy teams become more aligned and
Many regulations require completing a better able to respond to real incidents.
breach risk assessment as part of the breach Organization leaders also can iterate on the
response process, these include GDPR, process to help improve their incident
PIPEDA and HIPAA. The Resilient Privacy response plans and processes. This activity
Add-On includes a breach risk assessment is a key part of becoming cyber resilient.
tool to help guide privacy teams through
evaluating the risk of harm associated with a Dashboards and reporting
security incident. This tool provides
examples and guidance from the regulation Senior security and privacy executives, as
as appropriate. well as the wider executive team, often need
help to understand the security posture of
their organization. The Resilient SOAR
Platform provides extensive dashboards and
reporting that is available to privacy
customers. Users can take any data tracked
by the Resilient platform to generate
dashboards and reports, including incident-
specific reports. Customers can review these
dashboards and reports to understand how
effective their overall response process is for
Risk Assessment engine data breach reporting and related issues.

This feature also can generate a clean report

to share with regulators which demonstrate
work has been done to ascertain the level of
risk, which is a specific requirement under
GDPR.

Incident simulation
Incident reports and dashboards
The Resilient platform allows customers to
create realistic simulations of real-world
incidents. By simulating privacy incidents,
security and privacy teams of organizations
can practice and prepare for a data breach The IR dashboards allow security and
incident and exercising the responsible management leaders to identify potential
parties. This process can help leaders of gaps in their processes and areas where they
organizations understand whether they have need additional resources. These reports can
the right processes in place and if the right also help to identify if particular countries or
people have a clear understanding of their business units have specific data breach
roles when a data breach occurs. issues for an organization.
IBM Security
Data Sheet

leaders should have an IR process that

is codified, consistent and orchestrated
Conclusion across their organizations. This requires a
combination of people, process and
To help to meet evolving breach notification
requirements, security teams should align
technology to enable a consistent,
with their privacy and legal colleagues. repeatable process for breach response.
Security orchestration and automation
technology is an important tool in helping to
The IBM Security Resilient SOAR Platform
enable this alignment. Many current and Privacy Add-On provides security and privacy
upcoming regulations require security teams teams with intelligence and insights to help
to have a fully documented incident them respond to rapidly-evolving security
response plan and be able to execute the incidents. This tool can help security and
plan effectively and consistently. To help privacy teams understand and address
achieve these goals, privacy and security complex regulatory requirements.
IBM Security
Data Sheet

Why IBM? For more information

IBM Security offers one of the most To learn more about the IBM Security
advanced and integrated portfolios of Resilient SOAR platform Privacy add-on,
enterprise security products and services. please contact your IBM representative or
The portfolio, supported by world-renowned IBM Business Partner, or visit the following
IBM X-Force® research, provides security website(s): https://www.ibm.com/security/in
solutions to help organizations stop threats, telligent-orchestration/resilient/privacy-
prove compliance, and grow securely. breach-preparation-response

IBM operates one of the broadest and

deepest security research, development and
delivery organizations. It monitors more than
two trillion events per month in more than
130 countries, and holds over 3,000 security
patents. To learn more, visit
https://www.ibm.com/security

Next steps
IBM Security Resilient product page

IBM Security Resilient Privacy add-on

IBM Security
Data Sheet

© Copyright IBM Corporation 2019.

IBM, the IBM logo, and ibm.com are trademarks of

International Business Machines Corp., registered in
many jurisdictions worldwide. Other product and
service names might be trademarks of IBM or other
companies. A current list of IBM trademarks is
available on the Web at
https://www.ibm.com/legal/us/en/copytrade.shtml,
and select third party trademarks that might be
referenced in this document is available at
https://www.ibm.com/legal/us/en/copytrade.shtml#se
ction_4.

This document contains information pertaining to the

following IBM products which are trademarks and/or
registered trademarks of IBM Corporation:
IBM Security Resilient

All statements regarding IBM's future direction and

intent are subject to change or withdrawal without
notice, and represent goals and objectives only.