Threats in the digital age   cyber security - 2012
Upcoming SlideShare
Loading in...5
×
 

Threats in the digital age cyber security - 2012

on

  • 533 views

 

Statistics

Views

Total Views
533
Views on SlideShare
533
Embed Views
0

Actions

Likes
0
Downloads
4
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Threats in the digital age   cyber security - 2012 Threats in the digital age cyber security - 2012 Presentation Transcript

    • Threats in the digital age –Cyber SecurityMartin Borrett, Director of the IBM Institute for Advanced Security, Europe © 2012 IBM Corporation
    • IBM’s Definition of Cyber Security Cyber Security /–n 1. the protection of an organisation and its assets from electronic attack to minimise the risk of business disruption.2 © 2012 IBM Corporation
    • The planet is getting more instrumented, interconnected, and intelligent creating new Cyber Security challenges Smart Smart Smart Smart Water Smart Smart Supply Chains Countries Retail Management Weather Energy Grids INSTRUMENTED INTERCONNECTED INTELLIGENT Smart Oil Field Smart Smart Smart Traffic Smart Smart Technologies Regions Healthcare Systems Cities Food Systems3 © 2012 IBM Corporation
    • Threats becoming increasingly sophisticated Recent Cyber Security Attacks Implications Given the sophistication of the attacks, all 5 phases of APT are relevant from a defence Stuxnet perspective and offer opportunities Aurora to detect an attack; the earlier an APT is detected, the better Persistence of APT requires continuous monitoring of critical assets in order to detect deviations Advanced Persistent Threat (APT) Lifecycle from normal behaviour 1. Reconnaissance Fine-grained, multi-tier containment (“defence in depth”) is key; network 2. Initial Infection boundaries as well as critical 3. Lateral Expansion assets within the network have to 4. Subversion of Mission Critical Assets, be protected Exfiltration of Very Sensitive Data 5. Clean up4 © 2012 IBM Corporation
    • By managing security for customers across the world, IBM has aclear and current picture of threats and attacks 9 Security 9 Security 11 Security Solution 3 Branches of 133 Operations Centres + Research Centres + Development Centres + the Institute for Advanced Security (“IAS”) + Monitored Countries IAS IAS Americas Europe 20,000 devices under contract 4,000 MSS clients worldwide 13 billion events managed per day IAS Asia Pacific IBM has the unmatched global and local expertise to deliver complete solutions – and manage the cost and complexity of security5 © 2012 IBM Corporation
    • IBM X-Force Gathers evidence of threats that affect Internet security to help customers and the public understand the changing nature of the threat landscape and what might be done to mitigate it New Attack Activity – Rise in Shell Command Injection attacks – Rise in phishing based malware distribution and click fraud Progress in Internet Security – Fewer exploit releases and web application vulnerabilities – Better patching The Challenge of Mobile and the Cloud – Mobile exploit disclosures up – Cloud requires new thinking – Social Networking no longer fringe pastime6 Source: IBM Full Year X-Force 2011 Trend and Risk Report © 2012 IBM Corporation
    • Use the IBM Cyber Security Lifecycle to detect and respond at afaster pace than attackers Layers Risk Understand and baseline • Balance threat and the IT and security response landscape Service management • Process Technology • Security, network, systems Threat Tempo Response Tempo Maturity7 © 2012 IBM Corporation
    • IBM Success Stories88 © 2012 IBM Corporation
    • IBM Security: Delivering intelligence, integration and expertise across acomprehensive framework Only vendor in the market with end-to- end coverage of the security foundation 6K+ security engineers and consultants Award-winning X-Force® research Largest vulnerability database in the industry Intelligence ● Integration ● Expertise9 © 2012 IBM Corporation
    • IBM Institute for Advanced Securityhttp://www.instituteforadvancedsecurity.com/ © 2012 IBM Corporation