1The VenueLokomotivværkstedet +100 years old listed building Danish railway history Lokomotiv maintenance 9.000 m2One of few possible places Nordic event More than 500 attendees 5 tracks Exhibition hall Dinner / Lasse Rimmer 1:1 meetings 4 User Group meetingsNew experience Virtual space division Headphones needed Leave headphones on chair
2Cloud & Smarter Infrastructure (Tivoli)Tivoli®
3VisibilityControlAutomationto see and understandyour business in real timeto transform and adaptwhile limiting risk & costto achieve greaterefficiency and agilityTurning Opportunities Into OutcomesBusinessIT
4What Is Driving new Opportunities and IT DemandExplosion of Mobile DevicesInfrastructure OptimizationCloud ComputingGrowth of Social MediaAdvanced Predictive AnalyticsReal-time Sensor DataCyber SecurityBusinessOptimization+Big Data
8Internet ofinformationInternet ofengagementInternet of“things”200 BILLION100 BILLION50 BILLIONINTERMITTENTLY CONNECTED DEVICES AND PEOPLE2000 20202010The convergence of technology is transformingthe world into an Internet of things…
9Fuels investments ininnovationDrives need for continuousoptimizationOptimization InnovationThe ability to balance Optimization and Innovation will becritical to success…9
1041%experiencedevelopment delays34%experiencedeployment delays45%experienceproduction delaysSource : A commissioned study conducted by Forrester Consulting on behalf of IBM, 4Q2011However, organizations are challenged in Optimizingproduct & service delivery, and in turn, driving Innovation….10Business OperationsDevelopmentCustomers
11An open, and holistic approach to managing the delivery ofproducts & services across smarter infrastructures is needed…11
12IBM provides an open, and holistic approach to managing thedelivery of products & services across smarter infrastructures…
13Cloud Computing: A Next Generation Cloud ArchitectureBuilt upon aCloud standardsarchitecturePatterns of ExpertiseWorkload OptimizationDynamicallyOrchestrated Services
15An integrated set of capabilities for enabling private/hybrid clouds andthe virtualization, automation and management of service deliveryCloud Computing: IBM SmartCloud FoundationVirtualized Standardized AutomatedInfrastructure as a Service CapabilitiesInfrastructure UsagePerformanceManagement SecurityPlatform as a Service CapabilitiesLifecycle Resources Environments Management Integration Resilient to the velocity ofchanging business needs Enables choice & flexibilityin hybrid environments Provides enterprise-class,workload-aware services Built-in analytics forimproved insight and decisionmaking15
16Cloud Computing:Flexibility in consuming & integrating hybrid clouds…Evolve existinginfrastructureto CloudAccelerate adoptionwith expertintegrated systemsImmediate accessto a managedplatformEnterpriseHosted private cloud16
17Cloud Computing: Client Case StudiesTechnical University of MunichCloud Platform, Orchestration & Monitoring• Reduced manual workload by about 40% and provisioning time forSAP systems from 3 days to less than ½ day.• Replaced 150 servers with just four IBM systems, cutting 13 fullracks to only four half-full racks.• Reduced energy consumption by 80% for the SAP applicationlandscape. Data storage reduction by 40%.AetnaCloud DevOps and Orchestration• DevOps enables better, faster product development via self-serviceautomation• Anytime, anywhere access to healthcare services for clients usingmobile & cloud• Removed siloes by creating single role of cloud engineer that spansdomains.17
18IBM provides an open, and holistic approach to managing thedelivery of products & service across smarter infrastructures….
19Enterprise Mobility: Why take an integrated approach?Speed time to deployment of enterprise mobile apps andupdates, while improving qualityImprove WiFi network management for greater reliability,employee productivity, and minimize business interruptionsEnhance end-to-end security to help prevent loss ofintellectual property and regulated dataLess total infrastructure for lower hardware, admin costsReduce help desk calls, device replacement costs19
20Enterprise Mobility: Manage and secure all your devicesEndpoint ManagementSystemsManagementSecurityManagementCommon agentUnified consoleSinglemanagementserverManaged = SecureDesktops, Laptops,& ServersSmartphones& TabletsPurpose-specificEndpointsImplement BYOD withconfidenceSecure sensitive data,regardless of deviceHandle multi-platformcomplexities with ease20
21Enterprise Mobility:The Industry’s Most Comprehensive Mobile PortfolioThe BroadestPortfolio ofMobile SolutionsThe Deepest Setof ServicesExpertiseNew IndustryPartnerships andResources forDevelopers21
2222Enterprise Mobility: Client Case StudiesCenterBeamUnified Mobile, Desktop, and Server Management• Can now support PCs, Macs, servers, and virtually every flavor ofmobile device, increasing compliance over 20% to 98%• Now manage 20,000 endpoints across 49 countries and sixcontinents, a 10x increase, with just one engineer• Mitigating client risk with strengthened endpoint securityNorth American Public UtilityMobile device and Endpoint Management• Support 20,000 mobile devices - corporate and employee owned -with mixed platform and OS versions• Add mobile devices in just days, while adhering to internal securitypolicies and external regulations.• Solution is scalable to 250,000 endpoints without addinginfrastructure
23IBM provides an open, and holistic approach to managing thedelivery of products & service across smarter infrastructures….
24Smarter Physical Infrastructure:Instrumented, Interconnected, IntelligentA comprehensive set of integrated enterprise capabilities that help organizations to keepplants, facilities, data centers, or cities operating effectively.• Dashboard views of service health• Predictive analytics & reporting• Mobile workforce support• Asset, work and inventory management• Complex & embedded systems• IT & Enterprise assets• Facilities & real estate• Event filtering and correlation• Process & workflow automation,and rules management• Enterprise content managementProcess AutomationFacilities andReal EstateEnterpriseAssetsComplex andEmbedded SystemsAnalytics Mobility24
2626Smarter Physical Infrastructure: Client Case StudiesHalifax International Airport AuthorityPreventative Asset Monitoring, Management & Reporting• Corrective maintenance on assets reduced from 80 percent to only10 percent• Number of work orders the service department can handle increasedfrom 450 to 1,000, a 55 percent increase• Airport is better prepared for weather events and track costs moreeffectively; Improved regulatory reporting.Akita CityPredictive Facilities & Energy Management• Real-time sensors, & 3D color-coded views allow city to predictenergy use, and immediately reduce consumption to meet targets.• Expected 6 percent reduction in energy consumption through bettervisibility and control over city facilities’ energy usage• Improve preventive maintenance, and compliance with RevisedEnergy Saving Law.INSERTLOGO
27IBM provides an open, and holistic approach to managing thedelivery of products & service across smarter infrastructures….
28Security Intelligence,Analytics and GRCApplicationsPeopleDataInfrastructureMobileSecurityCloudSecuritySecurityIntelligence withBig DataSecurity Intelligence: Across big data, mobile & cloud
32Security Intelligence: Client Case StudiesBlueCross BlueShield of North CarolinaSecuring Big Data• Directly supports HIPAA compliance by controlling accessto client member data• Saves 5,000 hours of staff time by removing manual stepsand automating security processesFlemish GovernmentSecuring Digital services• Authentication flexibility ensures compatibility with futureaccess requirements including cloud and mobile services• Significantly reduces the time and cost to introduce newapplications across100 government sites• Provides six million citizens with seamless access to allAuthorities’ services with context-aware digital identitiesINSERTLOGO32
33AUTOMATIONVISIBILITYCONTROLReportingRegistrySecurityDashboardingAdministrationOpenInteroperabilityServicesOnly IBM provides a holistic approach that enables Visibility,Control & Automation across smarter infrastructures…unnecessaryrisk and costoutcomes fromlimited investmentswith agility tochanging landscapesReduceAchieveReact33
35AgendaWhat is BYOD?GrowthThreatscapeIssues and ProblemsSolutionsConslusions
36What is BYOD an Why Should You Care?“BYOD is a phrase that has become widely adopted to refer toemployees who bring their own computing devices – suchas smartphones, laptops and PDAs – to the workplace for useand connectivity on the corporate network.”- Source: http://www.webopedia.com/TERM/B/BYOD.htmlSource: Intel (1. Gartner, 2. ReadWrite.com Survey)
372,641,350The Average Company Faces Per WeekSecurity Attacks1. Health & Social Services2. Transportation3. Hospitality4. Finance & Insurance5. Manufacturing6. Real Estate7. Mining, Oil & GasTop 7 Most ATTACKED Industries62Security IncidentsThe Average CompanyExperiences Per Week1. End user didn’t think before clicking2. Weak password / default password in use3. Insecure configuration4. Use of legacy hardware or software5. Lack of basic network security protection orsegmentationTop 5 reasons WHY attacks were possibleDid you know...Malicious CodeSustained Probe or ScanUnauthorized AccessLow-and-Slow AttackAccess/Credentials AbuseDenial of ServiceWhat IBM SeesCategories of Attack
38Number of vulnerabilities increase radically with emergence ofnew business models and technologies.MobilityEmployees,customers,contractors,outsourcersBring yourown ITSocial businessCloud and virtualization1 trillion connectedobjects (cars,appliances, cameras)30 billion RFID1tags (products,passports,buildings andanimals)1 billionworkers willbe remote ormobile1 billion mobileInternet users30 percentgrowth of 3Gdevices33 percent of all new businesssoftware spending will beSoftware as a ServiceSource: IBM X-Force® Trend Report, 2011Exponentially growing and interconnecteddigital universeAdopting new business models andembracing new technologies
39To stay ahead focus on disrupting the attackers capability,timeline and impactSecurity Risk Management is the application of control to detect and block thethreat, to detect and fix a vulnerability, or to respond to incidents (impacts) whenall else fails.ThreatCan exploitVulnerability Impact(Weakness)(Actor) (Loss)And causeSecurity risk exists when …“The more the environment changes,the more the opportunities exist for risk.”
40In IBM’s recent 2012 Chief Information Security Officer Study,security leaders shared their views on how the landscape is changing.Source: IBM 2012 CISO Assessment http://www.ibm.com/smarterplanet/us/en/business_resilience_management/article/security_essentials.htmlNearly two-thirds say seniorexecutives are payingmore attention tosecurity issues.Two-thirds expectto spend more onsecurity over the nexttwo years.External threatsare rated as a biggerchallenge thaninternal threats, newtechnology or compliance.More than one-half saymobile securityis their greatest near-term technologyconcern.
41Motivation and Sophistication is Evolving Rapidly Attackershave moreresources Off-the-shelf toolsare available forsale They will keeptrying untilthey get in
42The new security landscape - Sophisticated attackers are a primary concernThreat Profile TypeShareof IncidentsAttack TypeAdvancedthreat /mercenaryNationalgovernmentsTerrorist cellsCrime Cartels23% Espionage Intellectual property theft Systems disruption Financial CrimeMaliciousInsidersEmployeesContractorsOutsourcers15% Financial Crime Intellectual Property Theft Unauthorized Access/Hacktivist Social Activists 7% Systems disruption Web defacement Information DisclosureOpportunistWorm and viruswriters“Script Kiddies”49% Malware propagation Unauthorized Access Web defacementPotentialImpactSource: Government Accountability Office, Department of Homeland Securitys Role in Critical Infrastructure Protection Cybersecurity, GAO-05-434; IBM CyberSecurity Intelligence & Response Team, Sep 2012
43Threat Convergence Replacing Threat Evolution Threat Evolution:– A flat world has brought aboutan unprecedented amount ofcriminals and cons– Attackers keep ROI in mindas well, and constantly evolvetheir wares in order to re-purpose it for the next flood ofattacks– High profile vulnerabilities willstill be the vehicles for newattacks, however, the low andslow attack vectors cannot beignored– The economics of exploitationmust be taken intoconsideration to betterprioritize risk
44 Adversary compromises endpoint used by asystems administrator with undetectablemalware.– The malware has two components:1) A keystroke logger to capture credentials2) Command and control capabilityHere is the anatomy of a targeted attack. With credentials and command and controlmalware, adversary impersonates the SysAdmin to gain privileged access to systemsand data. Data is stolen, and production systems arefurther compromised.1Advanced persistent threat (APT)PeopleEndpointsApplicationsInfrastructureDataPrivileged userEmployeesContractorsConsultantsSuppliersCustomersWeb applications Mobile appsUnstructured At rest In motionStructuredCustomer environmentSystem applicationsAPT1 and hacker, oractivist
46BYOD Problems Organisation Level Issues:– Un-trusted devices on your network.– No idea if the device has been hacked or infected.– Who owns the data? The device owner or you?– How can you stop an (ex-)employee leaving with your intellectual property orcustomer data?– What happens when a security breach occurs?– Are you going to insist on Whole Disk Encryption?– Patches, security software, so many different vendors, Operating Systems andversions to contend with… Personal Issues (Device Owner):– Your device may get seized (confiscated) as part of an investigation.– Privacy issues; your personal data on your personal device may be reviewed.– What happens when the device fails or gets stolen? Who’s responsible for fixing orreplacing it?
47IBM is well qualified to secure the enterprise.Major employee sitesCustomer fulfillmentManufacturingEmployee Service CentersIBM Research CentersIBM Internal Data Centers 2,000-plus major sites 170-plus countries 400,000-plus employees About 200,000-pluscontractorsOne of the largest and most complex internal IT infrastructures in the world 800,000-plus traditional endpoints About 50 percent of employeesare mobile
48Suggestions and Solutions Ensure that security best practices are followed Use Whole-Disk-Encryption to protect data Ensure staff understand their responsibilities and the risks of BYOD Enforce security controls as well as patching Enforce the use of strong passwords/passphrases Educate staff about social engineering (phishing, scams, etc.) Partner with a vendor that can ensure end to end security of yourinfrastructure as a whole, not just BYOD Use the IBM 10 point guide (next slide) to assist you Remember that security is, and always will be, a journey and not adestination…..Their is NO silver bullet and no 100% security
49Manage incidentswith intelligence2IBM uses a ten essential practice approach to bettermanage IT Risk and protect client reputationsRisk-aware cultureand management1Defend mobile andsocial space3Security-richservices, by design4Automatic security“hygiene”5Control networkaccess 6Address cloudand complexity 7Manage third-partycompliance 8Secure data,protect privacy 9Manage theidentity lifecycle 10Maturity-basedapproachProactiveAutomatedManualReactiveLearn more about IBM’s Ten Security Essential Practicesibm.com/smarter/cai/security
50Expertise: Unmatched global coverage and security awareness 20,000+ devices under contract 4,000+ MSS clients worldwide 13B+ events managed per day 3,000+ security patents 133 monitored countries (MSS)World Wide ManagedSecurity Services CoverageSecurity Operations CentersSecurity Research CentersSecurity Solution Development CentersInstitute for Advanced Security BranchesIBM Research
51Conclusions… BYOD is a double-edged sword…– Brings great cost savings and power to organisations– However, this quote covers the issues well “With great power comes greatresponsibility”*– That responsibility is shared between the device owner and the organisation; bothhave to have security in mind at all times…– Failure to do so will lead to loss of confidential data or intellectual property (orboth) BYOD is a real game changer…– The owner of the device is more likely to treat is with more care if it is their own…– The cost savings could be immense, just on the hardware side alone BYOD is here and it isn’t going away…– So deal with it, don’t dismiss it as a passing fad…– Secure all devices, stop unsecured devices from accessing your network untilthey are secured and match your security policy and standards…* Who is this quote attributed to?
60IT Optimization and Service ManagementBusinessPartners&IBMExhibitionStands
61Mobility in the EnterpriseBusinessPartners&IBMExhibitionStands
63Planed events – go to registrationSmarter Business 2013 Denmark• Join the largest IBM event this year• Mark your calendar Oct 8th - Bella Center Copenhagen• SW business solutions from IBM and Business Partners• Keynote: Bruce Dickinson, Lead singer in Iron MaidenEntrepreneur, Author and inspiring speakerC&SI (Tivoli) Austin & Silicon Valley Study tour• Visit IBM Briefing centers in Austin TX & San Jose CA• IT Managers and IT decision makers• Mark your calendar Nov 5th - 10th• Service Management, Storage Management and Mobility - SW solutions• Pure Systems and Storage - HW Solutions• Hotel and flight expected to be DKK 15.000
64User Group meetings at Pulse Comes to YouCheck the agenda for tomorrowTivoliUser Group meetingHost: Hans Peder ThomsenEuropean IBM SecurityUser Group meetingHost: Sven-Erik VestergaardMaximo & SmartCloud Control DeskUser Group meetingHost: Jens Cajus PetersenTSMUser Group meetingHost: Marianne Husted LarsenUser Groups – May 29th
65Evaluation Special Danish Licorice by Johan Bülowfor filling the evaluation form Networking by scanning CR codeNameCompanyTitlePhone numbere-mail
66The virtual space divisionExhibition area – Lunch - refreshmentsExhibition area – Lunch - Refreshments1:1 Meetings Dinner tonight