There is a phenomenon taking place in the world…a convergence of technologies is driving what people commonly refer to as the “Internet of things”.It all began with the internet of information…where information was made available any time, anywhere, to anyone with a PC and an internet connection. With the growth of mobile access and social networks over the past decade, the volume of intermittently connected devices and people grew from 50 billion to 100 billion. But increasingly, as physical assets are shipped with embedded chips, sensors, RFID and other instrumentation and wireless connections, once physical assets across manufacturing, retail, healthcare, cities and virtually all industries are becoming intelligent and interconnected, to the point where these new physical assets and devices will represent the vast majority of “things” connected to the internet. It is this “internet of things” that will drive new types of interactions and business models.
The real world benefits of Visibility, Control and Automation we just saw are provided through an open and holistic approach to managing the delivery of products and service across smarter infrastructures. Unlike tradition approaches which lock clients into single vendor solutions and environments, IBM’s approach is open and interoperable, so that you can leverage a mix of multi-vendor technologies. Further, IBM’s approach is holistic, which means organizations can manage and secure entire, interconnected, service delivery infrastructures, spanning cloud, mobile, smarter physical infrastructures. And IBM’s solutions help clients leverage the explosion of big data through the application of analytics within and across those domains, and services.
Let’s take a look at how IBM is helping clients address the complexities of today’s cloud infrastructures and capitalize on the time to market, cost benefits and flexibility it provides.
Let’s talks about our efforts in extending this value while optimizing investments. We at IBM are continuing to build on these capabilities by enabling clients to bridge between traditional infrastructure and new workloads and applications.More and more companies will need to establish greater levels of simplification and standardization in their infrastructures ….….AND IBM is committed to enabling an open ecosystem that provides flexibility and choice.Our commitment to openness and interoperability gives our clients the foundation they need to manage convergence, optimize new workloads and bridge to these types of systems. And in doing so, we introduce standardization and interoperability that yields enormous productivity savings on an ongoing basis.
Lets take a look at how IBM is addressing enterprise mobility.
Bullet 1 Proof PointsCast Iron enables organizations to hook mobile apps to existing enterprise and even public cloud-based systems in just weeks. Integration between IBM Endpoint Manager and Worklight by the end of the year (2012) will ensure a smooth, automated transition of apps from the dev environment to production for faster deployment and greater confidence that the correct build is delivered. Additional integration work will provide performance data from devices back to app dev teams for troubleshooting and performance enhancements. Bullet 2 Proof PointsImproved management and security of devices, as well as employee self-service portal reduces overall calls to the help desk for locating and wiping lost devices or enrolling new devices. In addition, location mapping services will enable organizations to recover some devices that would have otherwise been lost. As an example, IBM reduced security-related help desk calls by nearly 80% by significantly improving patch management practices on desktops and laptops with IBM Endpoint Manager, saving $10M annually. While mobile devices may be a much lower call volume now, they will only continue to increase their share of the help desk team’s workload. Bullet 3 Proof PointsWith IBM Endpoint Manager, a single infrastructure requiring just one dedicated management server per 250,000 endpoints can be used to manage and secure smartphones, tablets, laptops, desktops, servers, ATMs, and kiosks. This solution is also designed to easily provide endpoint data, including detailed hardware and software inventory information on mobile devices, to service desk, asset management, CMDB, network management, and security event management systems.Bullet 4 Proof PointsAn integrated security approach ensures that not just the device is configured securely, but that security-rich apps are tested and delivered, sensitive data is protected while on that device, secure and authenticated connections are made to enterprise systems from mobile devices, and that security-related event information is correlated with security information from all other aspects of the IT environment. Bullet 5 Proof PointsData about access points, signal strength, device location, and other network access relevant properties can be fed from IBM Endpoint Manager to the Netcool / OMNIbus suite for alerting, troubleshooting, and outage prediction analysis. In many organizations, WiFi availability with sufficient signal strength for reasonable data transfer rates are used in mission-critical activities – knowing exactly which router is having problems before it fails and before employees flood IT with complaints, is vital.
IBM has announced the industry’s most comprehensive mobile portfolio, consisting of the broadest portfolio of mobile solutions, the deepest set of services expertise, and new industry partnerships and resources for developers. Introducing IBM MobileFirst.IBM MobileFirst, is the most comprehensive mobile solution portfolio in the industry. Based on nearly 1,000 customer engagements, 10 mobile-related acquisitions in the last four years, a team of thousands of mobile experts and 270 patents in wireless innovations, IBM MobileFirst offers an array of solutions that helps businesses connect, secure, manage and develop mobile networks, infrastructures and applications. By bringing our mobile portfolio under this new name, we're signaling IBM's unified approach to help our clients and partners to deliver best-in-class solutions, take advantage of more commercial opportunities, and provide superior customer service. We are delivering significant capabilities across a number of areas:Mobile First Platform helps our customers to develop applications across mobile device platforms without lock-in. IBM Worklight helps companies deliver Mobile applications quickly, with high quality across a wide variety of devices. Mobile First Management is focused on helping customers that want to bring BYOD into their business and deal with all the challenges that come with an un-trusted mobile environment. We want to give them the tools they need to ensure that their data is protected, devices are managed and the enterprise feels confident that they are within compliance and supporting their users in a consistent manner. Mobile First security speaks to two classes of challenges our customers are experiencing. First customers have a need for contextual security. They want be able to understand mobile context (such as GEO location) and then apply that information in the ways to regulated and manage access to corporate networks, data, etc. Second we are also seeing an increasing set of threats emerging we support vulnerability analysis both on your code base as well as looking at run time behaviors to ensure it is complaint with your corporation requirements. Mobile First Analytics speaks to the tremendous opportunity to understand end user behavior in order to improve the quality of the mobile app. The key to delivering both high quality apps quickly is to gain visibly into the end user experience and then trace that all the way to back end systems and processes. Then when there is a usability issue, you can quickly resolve.
Let’s take a look at how IBM is helping clients address smarter physical infrastructures.
Lets see how IBM is helping clients with security intelligence.
1) IBM delivers unmatched breadth and depth of security capabilities through a security architecture that covers People, Data, Applications and Infrastructure, enriched with analytics integrated across these domains.2) We have innovated in 3 key areas:In the area of Security Intelligence with Big Data – we have added capabilities to analyze greater varieties of data – including emails, social media feeds and business process data – to answer questions you could never ask before. Helps you find malicious activity hidden deep in your network and protect your organization against advanced threats, fraud, and insider threatsWe have also evolved our capabilities in Cloud Security - managing risks and providing visibility to where your data is and who can access it; to help protect your data through capabilities in the areas of identity protection, application protection and threat protection.We just explored Mobile, and our capabilities in mobile are centered around protecting devices and the data that reside on them requires a strategy around mobile device management, secure access to enterprise data and applications, secure mobile solutions/applications, and risk management from intelligence gathering providing visibility across all mobile touchpoints.
Our clients repeatedly tell us that Security is the number one concern when moving to the cloud, or embracing mobile. We just talked about physical infrastructure becoming smarter. It also needs to become more secure, since cyber attacks against physical infrastructure and other sectors has increased dramatically.While the sophistication of threats has grown, the technology to help protect organizations has also matured. From a “basic” level targeted at compliance. To an “advanced” level where we connect the dots across the enterprise. To an “optimized” level where we perform the richest analytics on the broadest set of security data.Now big data has been a key theme so far. What’s notable is that big data can not only help us increase our visibility, control, and automation. It can also help us get smarter about the security threats already lurking in our networks. Forward-leaning organizations are looking to bring structured security data together with new types of structured and unstructured enterprise data – such as email, business process data, and even social media feeds. IBM is helping clients achieve this – by integrating security intelligence with big data analytics.So today, Security Intelligence goes well beyond point solutions and reactive reporting. It helps you gain full visibility across your environment. So you can see the threats that matter, and understand your risks in context. It’s about becoming proactive with security – anticipating threats and stopping attacks fast. That’s why we added Q1 Labs to our Security portfolio, and why we’re integrating QRadar with our entire portfolio and beyond.
Control Mobile Access through a holistic approach to mobile management that secures Devices, Networks, and Applications:- Device Management: Security for endpoint device and data- Network, Data, and Access Security: Achieve visibility and adaptive security policies- Application Layer Security: Develop and test applications
1The VenueLokomotivværkstedet +100 years old listed building Danish railway history Lokomotiv maintenance 9.000 m2One of few possible places Nordic event More than 500 attendees 5 tracks Exhibition hall Dinner / Lasse Rimmer 1:1 meetings 4 User Group meetingsNew experience Virtual space division Headphones needed Leave headphones on chair
3VisibilityControlAutomationto see and understandyour business in real timeto transform and adaptwhile limiting risk & costto achieve greaterefficiency and agilityTurning Opportunities Into OutcomesBusinessIT
4What Is Driving new Opportunities and IT DemandExplosion of Mobile DevicesInfrastructure OptimizationCloud ComputingGrowth of Social MediaAdvanced Predictive AnalyticsReal-time Sensor DataCyber SecurityBusinessOptimization+Big Data
8Internet ofinformationInternet ofengagementInternet of“things”200 BILLION100 BILLION50 BILLIONINTERMITTENTLY CONNECTED DEVICES AND PEOPLE2000 20202010The convergence of technology is transformingthe world into an Internet of things…
9Fuels investments ininnovationDrives need for continuousoptimizationOptimization InnovationThe ability to balance Optimization and Innovation will becritical to success…9
1041%experiencedevelopment delays34%experiencedeployment delays45%experienceproduction delaysSource : A commissioned study conducted by Forrester Consulting on behalf of IBM, 4Q2011However, organizations are challenged in Optimizingproduct & service delivery, and in turn, driving Innovation….10Business OperationsDevelopmentCustomers
11An open, and holistic approach to managing the delivery ofproducts & services across smarter infrastructures is needed…11
12IBM provides an open, and holistic approach to managing thedelivery of products & services across smarter infrastructures…
13Cloud Computing: A Next Generation Cloud ArchitectureBuilt upon aCloud standardsarchitecturePatterns of ExpertiseWorkload OptimizationDynamicallyOrchestrated Services
15An integrated set of capabilities for enabling private/hybrid clouds andthe virtualization, automation and management of service deliveryCloud Computing: IBM SmartCloud FoundationVirtualized Standardized AutomatedInfrastructure as a Service CapabilitiesInfrastructure UsagePerformanceManagement SecurityPlatform as a Service CapabilitiesLifecycle Resources Environments Management Integration Resilient to the velocity ofchanging business needs Enables choice & flexibilityin hybrid environments Provides enterprise-class,workload-aware services Built-in analytics forimproved insight and decisionmaking15
16Cloud Computing:Flexibility in consuming & integrating hybrid clouds…Evolve existinginfrastructureto CloudAccelerate adoptionwith expertintegrated systemsImmediate accessto a managedplatformEnterpriseHosted private cloud16
17Cloud Computing: Client Case StudiesTechnical University of MunichCloud Platform, Orchestration & Monitoring• Reduced manual workload by about 40% and provisioning time forSAP systems from 3 days to less than ½ day.• Replaced 150 servers with just four IBM systems, cutting 13 fullracks to only four half-full racks.• Reduced energy consumption by 80% for the SAP applicationlandscape. Data storage reduction by 40%.AetnaCloud DevOps and Orchestration• DevOps enables better, faster product development via self-serviceautomation• Anytime, anywhere access to healthcare services for clients usingmobile & cloud• Removed siloes by creating single role of cloud engineer that spansdomains.17
18IBM provides an open, and holistic approach to managing thedelivery of products & service across smarter infrastructures….
19Enterprise Mobility: Why take an integrated approach?Speed time to deployment of enterprise mobile apps andupdates, while improving qualityImprove WiFi network management for greater reliability,employee productivity, and minimize business interruptionsEnhance end-to-end security to help prevent loss ofintellectual property and regulated dataLess total infrastructure for lower hardware, admin costsReduce help desk calls, device replacement costs19
20Enterprise Mobility: Manage and secure all your devicesEndpoint ManagementSystemsManagementSecurityManagementCommon agentUnified consoleSinglemanagementserverManaged = SecureDesktops, Laptops,& ServersSmartphones& TabletsPurpose-specificEndpointsImplement BYOD withconfidenceSecure sensitive data,regardless of deviceHandle multi-platformcomplexities with ease20
21Enterprise Mobility:The Industry’s Most Comprehensive Mobile PortfolioThe BroadestPortfolio ofMobile SolutionsThe Deepest Setof ServicesExpertiseNew IndustryPartnerships andResources forDevelopers21
2222Enterprise Mobility: Client Case StudiesCenterBeamUnified Mobile, Desktop, and Server Management• Can now support PCs, Macs, servers, and virtually every flavor ofmobile device, increasing compliance over 20% to 98%• Now manage 20,000 endpoints across 49 countries and sixcontinents, a 10x increase, with just one engineer• Mitigating client risk with strengthened endpoint securityNorth American Public UtilityMobile device and Endpoint Management• Support 20,000 mobile devices - corporate and employee owned -with mixed platform and OS versions• Add mobile devices in just days, while adhering to internal securitypolicies and external regulations.• Solution is scalable to 250,000 endpoints without addinginfrastructure
23IBM provides an open, and holistic approach to managing thedelivery of products & service across smarter infrastructures….
24Smarter Physical Infrastructure:Instrumented, Interconnected, IntelligentA comprehensive set of integrated enterprise capabilities that help organizations to keepplants, facilities, data centers, or cities operating effectively.• Dashboard views of service health• Predictive analytics & reporting• Mobile workforce support• Asset, work and inventory management• Complex & embedded systems• IT & Enterprise assets• Facilities & real estate• Event filtering and correlation• Process & workflow automation,and rules management• Enterprise content managementProcess AutomationFacilities andReal EstateEnterpriseAssetsComplex andEmbedded SystemsAnalytics Mobility24
2626Smarter Physical Infrastructure: Client Case StudiesHalifax International Airport AuthorityPreventative Asset Monitoring, Management & Reporting• Corrective maintenance on assets reduced from 80 percent to only10 percent• Number of work orders the service department can handle increasedfrom 450 to 1,000, a 55 percent increase• Airport is better prepared for weather events and track costs moreeffectively; Improved regulatory reporting.Akita CityPredictive Facilities & Energy Management• Real-time sensors, & 3D color-coded views allow city to predictenergy use, and immediately reduce consumption to meet targets.• Expected 6 percent reduction in energy consumption through bettervisibility and control over city facilities’ energy usage• Improve preventive maintenance, and compliance with RevisedEnergy Saving Law.INSERTLOGO
27IBM provides an open, and holistic approach to managing thedelivery of products & service across smarter infrastructures….
28Security Intelligence,Analytics and GRCApplicationsPeopleDataInfrastructureMobileSecurityCloudSecuritySecurityIntelligence withBig DataSecurity Intelligence: Across big data, mobile & cloud
32Security Intelligence: Client Case StudiesBlueCross BlueShield of North CarolinaSecuring Big Data• Directly supports HIPAA compliance by controlling accessto client member data• Saves 5,000 hours of staff time by removing manual stepsand automating security processesFlemish GovernmentSecuring Digital services• Authentication flexibility ensures compatibility with futureaccess requirements including cloud and mobile services• Significantly reduces the time and cost to introduce newapplications across100 government sites• Provides six million citizens with seamless access to allAuthorities’ services with context-aware digital identitiesINSERTLOGO32
33AUTOMATIONVISIBILITYCONTROLReportingRegistrySecurityDashboardingAdministrationOpenInteroperabilityServicesOnly IBM provides a holistic approach that enables Visibility,Control & Automation across smarter infrastructures…unnecessaryrisk and costoutcomes fromlimited investmentswith agility tochanging landscapesReduceAchieveReact33
35AgendaWhat is BYOD?GrowthThreatscapeIssues and ProblemsSolutionsConslusions
36What is BYOD an Why Should You Care?“BYOD is a phrase that has become widely adopted to refer toemployees who bring their own computing devices – suchas smartphones, laptops and PDAs – to the workplace for useand connectivity on the corporate network.”- Source: http://www.webopedia.com/TERM/B/BYOD.htmlSource: Intel (1. Gartner, 2. ReadWrite.com Survey)
372,641,350The Average Company Faces Per WeekSecurity Attacks1. Health & Social Services2. Transportation3. Hospitality4. Finance & Insurance5. Manufacturing6. Real Estate7. Mining, Oil & GasTop 7 Most ATTACKED Industries62Security IncidentsThe Average CompanyExperiences Per Week1. End user didn’t think before clicking2. Weak password / default password in use3. Insecure configuration4. Use of legacy hardware or software5. Lack of basic network security protection orsegmentationTop 5 reasons WHY attacks were possibleDid you know...Malicious CodeSustained Probe or ScanUnauthorized AccessLow-and-Slow AttackAccess/Credentials AbuseDenial of ServiceWhat IBM SeesCategories of Attack
38Number of vulnerabilities increase radically with emergence ofnew business models and technologies.MobilityEmployees,customers,contractors,outsourcersBring yourown ITSocial businessCloud and virtualization1 trillion connectedobjects (cars,appliances, cameras)30 billion RFID1tags (products,passports,buildings andanimals)1 billionworkers willbe remote ormobile1 billion mobileInternet users30 percentgrowth of 3Gdevices33 percent of all new businesssoftware spending will beSoftware as a ServiceSource: IBM X-Force® Trend Report, 2011Exponentially growing and interconnecteddigital universeAdopting new business models andembracing new technologies
39To stay ahead focus on disrupting the attackers capability,timeline and impactSecurity Risk Management is the application of control to detect and block thethreat, to detect and fix a vulnerability, or to respond to incidents (impacts) whenall else fails.ThreatCan exploitVulnerability Impact(Weakness)(Actor) (Loss)And causeSecurity risk exists when …“The more the environment changes,the more the opportunities exist for risk.”
40In IBM’s recent 2012 Chief Information Security Officer Study,security leaders shared their views on how the landscape is changing.Source: IBM 2012 CISO Assessment http://www.ibm.com/smarterplanet/us/en/business_resilience_management/article/security_essentials.htmlNearly two-thirds say seniorexecutives are payingmore attention tosecurity issues.Two-thirds expectto spend more onsecurity over the nexttwo years.External threatsare rated as a biggerchallenge thaninternal threats, newtechnology or compliance.More than one-half saymobile securityis their greatest near-term technologyconcern.
41Motivation and Sophistication is Evolving Rapidly Attackershave moreresources Off-the-shelf toolsare available forsale They will keeptrying untilthey get in
42The new security landscape - Sophisticated attackers are a primary concernThreat Profile TypeShareof IncidentsAttack TypeAdvancedthreat /mercenaryNationalgovernmentsTerrorist cellsCrime Cartels23% Espionage Intellectual property theft Systems disruption Financial CrimeMaliciousInsidersEmployeesContractorsOutsourcers15% Financial Crime Intellectual Property Theft Unauthorized Access/Hacktivist Social Activists 7% Systems disruption Web defacement Information DisclosureOpportunistWorm and viruswriters“Script Kiddies”49% Malware propagation Unauthorized Access Web defacementPotentialImpactSource: Government Accountability Office, Department of Homeland Securitys Role in Critical Infrastructure Protection Cybersecurity, GAO-05-434; IBM CyberSecurity Intelligence & Response Team, Sep 2012
43Threat Convergence Replacing Threat Evolution Threat Evolution:– A flat world has brought aboutan unprecedented amount ofcriminals and cons– Attackers keep ROI in mindas well, and constantly evolvetheir wares in order to re-purpose it for the next flood ofattacks– High profile vulnerabilities willstill be the vehicles for newattacks, however, the low andslow attack vectors cannot beignored– The economics of exploitationmust be taken intoconsideration to betterprioritize risk
44 Adversary compromises endpoint used by asystems administrator with undetectablemalware.– The malware has two components:1) A keystroke logger to capture credentials2) Command and control capabilityHere is the anatomy of a targeted attack. With credentials and command and controlmalware, adversary impersonates the SysAdmin to gain privileged access to systemsand data. Data is stolen, and production systems arefurther compromised.1Advanced persistent threat (APT)PeopleEndpointsApplicationsInfrastructureDataPrivileged userEmployeesContractorsConsultantsSuppliersCustomersWeb applications Mobile appsUnstructured At rest In motionStructuredCustomer environmentSystem applicationsAPT1 and hacker, oractivist
46BYOD Problems Organisation Level Issues:– Un-trusted devices on your network.– No idea if the device has been hacked or infected.– Who owns the data? The device owner or you?– How can you stop an (ex-)employee leaving with your intellectual property orcustomer data?– What happens when a security breach occurs?– Are you going to insist on Whole Disk Encryption?– Patches, security software, so many different vendors, Operating Systems andversions to contend with… Personal Issues (Device Owner):– Your device may get seized (confiscated) as part of an investigation.– Privacy issues; your personal data on your personal device may be reviewed.– What happens when the device fails or gets stolen? Who’s responsible for fixing orreplacing it?
47IBM is well qualified to secure the enterprise.Major employee sitesCustomer fulfillmentManufacturingEmployee Service CentersIBM Research CentersIBM Internal Data Centers 2,000-plus major sites 170-plus countries 400,000-plus employees About 200,000-pluscontractorsOne of the largest and most complex internal IT infrastructures in the world 800,000-plus traditional endpoints About 50 percent of employeesare mobile
48Suggestions and Solutions Ensure that security best practices are followed Use Whole-Disk-Encryption to protect data Ensure staff understand their responsibilities and the risks of BYOD Enforce security controls as well as patching Enforce the use of strong passwords/passphrases Educate staff about social engineering (phishing, scams, etc.) Partner with a vendor that can ensure end to end security of yourinfrastructure as a whole, not just BYOD Use the IBM 10 point guide (next slide) to assist you Remember that security is, and always will be, a journey and not adestination…..Their is NO silver bullet and no 100% security
49Manage incidentswith intelligence2IBM uses a ten essential practice approach to bettermanage IT Risk and protect client reputationsRisk-aware cultureand management1Defend mobile andsocial space3Security-richservices, by design4Automatic security“hygiene”5Control networkaccess 6Address cloudand complexity 7Manage third-partycompliance 8Secure data,protect privacy 9Manage theidentity lifecycle 10Maturity-basedapproachProactiveAutomatedManualReactiveLearn more about IBM’s Ten Security Essential Practicesibm.com/smarter/cai/security
50Expertise: Unmatched global coverage and security awareness 20,000+ devices under contract 4,000+ MSS clients worldwide 13B+ events managed per day 3,000+ security patents 133 monitored countries (MSS)World Wide ManagedSecurity Services CoverageSecurity Operations CentersSecurity Research CentersSecurity Solution Development CentersInstitute for Advanced Security BranchesIBM Research
51Conclusions… BYOD is a double-edged sword…– Brings great cost savings and power to organisations– However, this quote covers the issues well “With great power comes greatresponsibility”*– That responsibility is shared between the device owner and the organisation; bothhave to have security in mind at all times…– Failure to do so will lead to loss of confidential data or intellectual property (orboth) BYOD is a real game changer…– The owner of the device is more likely to treat is with more care if it is their own…– The cost savings could be immense, just on the hardware side alone BYOD is here and it isn’t going away…– So deal with it, don’t dismiss it as a passing fad…– Secure all devices, stop unsecured devices from accessing your network untilthey are secured and match your security policy and standards…* Who is this quote attributed to?
63Planed events – go to registrationSmarter Business 2013 Denmark• Join the largest IBM event this year• Mark your calendar Oct 8th - Bella Center Copenhagen• SW business solutions from IBM and Business Partners• Keynote: Bruce Dickinson, Lead singer in Iron MaidenEntrepreneur, Author and inspiring speakerC&SI (Tivoli) Austin & Silicon Valley Study tour• Visit IBM Briefing centers in Austin TX & San Jose CA• IT Managers and IT decision makers• Mark your calendar Nov 5th - 10th• Service Management, Storage Management and Mobility - SW solutions• Pure Systems and Storage - HW Solutions• Hotel and flight expected to be DKK 15.000
64User Group meetings at Pulse Comes to YouCheck the agenda for tomorrowTivoliUser Group meetingHost: Hans Peder ThomsenEuropean IBM SecurityUser Group meetingHost: Sven-Erik VestergaardMaximo & SmartCloud Control DeskUser Group meetingHost: Jens Cajus PetersenTSMUser Group meetingHost: Marianne Husted LarsenUser Groups – May 29th
65Evaluation Special Danish Licorice by Johan Bülowfor filling the evaluation form Networking by scanning CR codeNameCompanyTitlePhone numbere-mail
66The virtual space divisionExhibition area – Lunch - refreshmentsExhibition area – Lunch - Refreshments1:1 Meetings Dinner tonight