Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

DSS ITSEC 2013 Conference 07.11.2013 - IBM Security Strategy


Published on

Presentation from one of the remarkable IT Security events in the Baltic States organized by “Data Security Solutions” ( ) Event took place in Riga, on 7th of November, 2013 and was visited by more than 400 participants at event place and more than 300 via online live streaming.

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

DSS ITSEC 2013 Conference 07.11.2013 - IBM Security Strategy

  1. 1. IBM Security Systems IBM Security Strategy Intelligence, Integration and Expertise György R. Rácz Sales Executive IBM Security Systems CEE Riga, 7th of November © 1 2013 IBM Corporation © 2013 IBM Corporation
  2. 2. IBM Security Systems Agenda  Introduction: The evolving threat landscape  A new approach to security is needed  How IBM Security is positioned to help 2 © 2013 IBM Corporation
  3. 3. IBM Security Systems Motivations and sophistication are rapidly evolving Nation-state actors, APTs Stuxnet, Aurora, APT-1 MOTIVATION National Security, Economic Espionage Notoriety, Activism, Defamation Monetary Gain Nuisance, Curiosity Hacktivists Lulzsec, Anonymous Organized crime Zeus, ZeroAccess, Blackhole Exploit Pack Insiders, Spammers, Script-kiddies Nigerian 419 Scams, Code Red SOPHISTICATION 3 © 2013 IBM Corporation
  4. 4. IBM Security Systems Attack frequency increased to record in H1 2013 4 Source: IBM X-Force® Research 2013 Trend and Risk Report © 2013 IBM Corporation
  5. 5. IBM Security Systems IT Security is a board room discussion CEO CFO/COO Loss of market share and reputation Legal exposure Audit failure Fines and criminal charges CIO Loss of data confidentiality, integrity and/or availability CHRO Violation of employee privacy Financial loss CMO Loss of customer trust Loss of brand reputation Increasingly, companies are appointing CROs and CISOs with a direct line to the Audit Committee 5 Source: Discussions with more than 13,000 C-suite executives as part of the IBM C-suite Study Series © 2013 IBM Corporation
  6. 6. 6 © 2012 IBM Corporation 2013
  7. 7. IBM Security Systems Security challenges are a complex, four-dimensional puzzle… People Attackers Employees Consultants Suppliers Outsourcers Partners Customers Data Structured Unstructured At rest In motion Applications Systems Applications Web Applications Web 2.0 Mobile Applications Infrastructure Datacenters PCs Laptops Mobile Cloud Non-traditional …that requires a new approach 7 © 2013 IBM Corporation
  8. 8. IBM Security Systems IBM Security: Delivering intelligence, integration and expertise across a comprehensive framework IBM Security Framework Intelligence Integration Expertise 8 © 2013 IBM Corporation
  9. 9. IBM Security Systems Reaching security maturity Security Intelligence Predictive Analytics, Big Data Workbench, Flow Analytics SIEM and Vulnerability Management Log Management Advanced Fraud Protection People Data Applications Infrastructure Data governance Fraud detection Multi-faceted network protection Encryption key management Hybrid scanning and correlation Anomaly detection Identity governance Optimized Fine-grained entitlements Privileged user management User provisioning Proficient Access management Strong authentication Basic Database activity monitoring Virtualization security Web application protection Asset management Source code scanning Endpoint / network security management Data loss prevention Encryption Database access control Application scanning Perimeter security Host security Anti-virus 13-09-17 9 Directory management Data masking / redaction Hardened systems © 2013 IBM Corporation
  10. 10. IBM Security Systems IBM Security: Market-changing milestones Advanced Fraud Protection Security Intelligence 2011 Security Analytics Application Security Database Monitoring Compliance Management Network Intrusion Prevention 2006 SOA Management Internet and Security Security 2005 Identity Systems, Inc. DataPower Management is acquired for 2002 is acquired security Access Access360 for SOA research and Management 1999 management is acquired network Mainframe and Server Security 10 1976 Resource Access Control Facility (RACF) is created, eliminating the need for each application to imbed security Dascom is acquired for access management capabilities and security for identity management capabilities capabilities MetaMerge is acquired for directory integration capabilities protection capabilities 2008 Encentuate is acquired for enterprise single-sign-on capabilities 2007 Watchfire is acquired for security and compliance capabilities Consul is acquired for risk management capabilities Princeton Softech is acquired for data management capabilities 2009 Ounce Labs is acquired for application security capabilities Guardium is acquired for enterprise database monitoring and protection capabilities 2012 2010 Big Fix is acquired for endpoint security management capabilities NISC is acquired for information and analytics management capabilities Q1 Labs is acquired for security intelligence capabilities 2013 Intent to acquire Trusteer for mobile and application security, counter-fraud and malware detection IBM Security Systems division is created IBM Security Investment IBM Security Investment • • 6,000+ IBM Security experts worldwide 6,000+ IBM Security experts worldwide • • 3,000+ IBM security patents 3,000+ IBM security patents • • 4,000+ IBM managed security 4,000+ IBM managed security services clients worldwide services clients worldwide • • 25 IBM Security labs worldwide 25 IBM Security labs worldwide © 2013 IBM Corporation
  11. 11. IBM Security Systems Industry analysts rank IBM Security as leading the market 11 IBM Confidential: For internal use only © 2013 IBM Corporation
  12. 12. IBM Security Systems At IBM, the world is our security lab Security Operations Centers Security Research and Development Labs Institute for Advanced Security Branches More than 6,000 12 IBM researchers, developers, and subject matter experts ALL focused on security 3,000 IBM security patents v13-01 © 2013 IBM Corporation
  13. 13. 13 © 2012 IBM Corporation 2013
  14. 14. IBM Security Systems IBM Security Systems Strategy 1 Support the CISO agenda BUYERS CISO CIO Line-of-Business HELP! Deliver a broad portfolio of solutions differentiated through their integration and innovation to address the latest trends 2 Innovate around key trends MEGATRENDS Advanced Threats 3 Cloud Lead in selected segments Mobile Compliance CAPABILITIES Security Intelligence and Analytics Advanced Fraud Protection People Data Applications Infrastructure Advanced Security and Threat Research 14 © 2013 IBM Corporation
  15. 15. IBM Security Systems IBM offers a comprehensive portfolio of security products IBM Security Systems Portfolio IBM Security Systems Portfolio Security Intelligence and Analytics QRadar Log Manager QRadar SIEM QRadar Risk Manager QRadar Vulnerability Manager Advanced Fraud Protection Trusteer Rapport Trusteer Pinpoint Malware Detection Trusteer Pinpoint ATO Detection Trusteer Mobile Risk Engine People Data Applications Identity Management Guardium Data Security and Compliance AppScan Source Network Intrusion Prevention Trusteer Apex Access Management Guardium DB Vulnerability Management AppScan Dynamic Next Generation Network Protection Mobile and Endpoint Management Privileged Identity Manager Guardium / Optim Data Masking DataPower Web Security Gateway SiteProtector Threat Management Virtualization and Server Security Federated Access and SSO Key Lifecycle Manager Security Policy Manager Network Anomaly Detection Mainframe Security Network Infrastructure Endpoint IBM X-Force Research 15 © 2013 IBM Corporation
  16. 16. IBM Security Systems IBM’s 2012 Chief Information Security Officer Study revealed the changing role of the CISO How they differ Influencers • Confident / prepared • Strategic focus Protectors • Less confident • Somewhat strategic • Lack necessary structural elements Responders • Least confident • Focus on protection and compliance 16 have a dedicated CISO have a security/risk committee have information security as a board topic use a standard set of security metrics to track their progress focused on improving enterprise communication/ collaboration focused on providing education and awareness Source: IBM Center for Applied Insights, Finding a Strategic Voice: Insights from the 2012 IBM Chief Information Security Officer Assessment , May 2012 © 2013 IBM Corporation
  17. 17. IBM Security Systems A New Vision for Integrated Advanced Threat Protection Cross-domain awareness of threat activity Integrated platform for distribution of threat intelligence Cross-domain awareness of targeted assets 17 © 2013 IBM Corporation
  18. 18. IBM Security Systems Intelligent Security for the Cloud Security Intelligence Provide visibility, auditability and control for the cloud 13-04-02 Identity Protection Threat Protection Administer, secure, and extend identity and access to and from the cloud 18 Data and Application Protection Secure enterprise databases Build, test and maintain secure cloud applications Prevent advanced threats with layered protection and analytics © 2013 IBM Corporation
  19. 19. IBM Security Systems Securing the Mobile Enterprise Device Management Application Layer Security Security for endpoint device and data 19 Network, Data, and Access Security Achieve visibility and adaptive security policies Develop and test applications © 2013 IBM Corporation
  20. 20. IBM Security Systems Security Intelligence: Integrating across IT silos Security Intelligence and Analytics Security devices Correlation Servers and mainframes True offense • Logs/events • Flows • IP reputation • Geographic location Data activity Application activity Offense identification Activity baselining and anomaly detection Network and virtual activity • Credibility • Severity • Relevance • User activity • Database activity • Application activity • Network activity Configuration information Vulnerabilities and threats Suspected incidents Users and identities Extensive data sources + Deep intelligence = Exceptionally accurate and actionable insight V13-03 Key Themes Increased Data Sources 20 Integrated Vulnerability Management Enhanced Identity Context Data from 450+ security collectors and Integration with X-Force intelligence and other external feeds to use in analysis for determining relevant vulnerabilities and potential threats Comprehensive understanding of the configuration and exposure of systems in the environment, enabling contextual analysis to determine vulnerabilities against particular threats Integrated understanding of users, their roles, level of privilege, geographical location and their typical behaviors to enable enterprises to identify abnormal activity that might indicate insider threat © 2013 IBM Corporation
  21. 21. IBM Security Systems Trusteer Advanced Fraud and Malware Protection Advanced Fraud Protection Helping to protect against financial fraud and advanced security threats Among the capabilities Trusteer brings to IBMs security portfolio:  Web Fraud Protection Leading web fraud capabilities for financial services and web commerce  Secure Mobile Transactions Embedded security for mobile devices and applications helps enables secure transactions from devices to the back office  Advanced Malware Protection Unique endpoint solution for identifying and protecting against Advanced Persistent Threats  Security-as-a-Service Cloud based deployment enabling rapid and real-time updates 21 © 2013 IBM Corporation
  22. 22. IBM Security Systems Identity and Access Management: Helping to extend secure user access across the enterprise People Key Themes Standardized IAM and Compliance Management Insider Threat and IAM Governance Expand IAM vertically to provide identity and access intelligence to the business; Integrate horizontally to enforce user access to data, app, and infrastructure 22 Secure Cloud, Mobile, Social Interaction Enhance context-based access control for cloud, mobile and SaaS access, as well as integration with proofing, validation and authentication solutions Continue to develop Privileged Identity Management (PIM) capabilities and enhanced Identity and Role management © 2013 IBM Corporation
  23. 23. IBM Security Systems Data Security: Helping to secure structured, unstructured, online and offline data across the enterprise Data Governance, Security Intelligence, Analytics Governance, Security Intelligence, Analytics Audit, Reporting, and Monitoring Audit, Reporting, and Monitoring • Reduce operational costs around data protection integrate integrate • Streamline regulation compliance process Data Discovery and Classification Data Discovery and Classification Security Solutions Security Solutions • Protect data in any form, anywhere, from internal or external threats Stored over Network (Databases, File Servers, Big Data, Data Warehouses, Application Servers, Cloud/Virtual ..) (SQL, HTTP, SSH, FTP, email,. …) IT & Business Process IT & Business Process Policy-based Access and Entitlements Policy-based Access and Entitlements at Endpoint (workstations, laptops, mobile,…) Key Themes Expand to new platforms Expand beyond supporting databases to all relevant data sources, including data warehouses, file shares, file systems, enterprise content managers, and Big Data (Hadoop, NoSQL, in-memory DB), wherever data is stored 23 Introduce new data protection capabilities Lead on scalability and lower TCO Complement discovery, classification, monitoring, auditing, and blocking with though leadership capabilities like cloud encryption/tokenization, dynamic data masking, and fraud detection Continue to improve on solution deployability with improvements to scalability, performance, simplification, automation, serviceability, and ease of use © 2013 IBM Corporation
  24. 24. IBM Security Systems Infrastructure Protection: Endpoint Infrastructure Provides in-depth security across your network, servers, virtual servers, mainframes and endpoints Key Themes Security for Mobile Devices Provide security for and manage traditional endpoints alongside mobile devices such as Apple iOS, Google Android, Symbian, and Microsoft Windows Phone - using a single platform 24 Expansion of Security Content Continued expansion of security configuration and vulnerability content to increase coverage for applications, operating systems, and industry best practices Security Intelligence Integration Improved usage of analytics - providing valuable insights to meet compliance and IT security objectives, as well as further integration with SiteProtector and the QRadar Security Intelligence Platform © 2013 IBM Corporation
  25. 25. IBM Security Systems Customer successes across domains Security Intelligence and Analytics Global office products supplier achieved greater visibility to potential security threats and PCI compliance with $0 cost increase Advanced Fraud Protection Protect against financial fraud and advanced security threats Banking clients reduced online banking fraud to near zero while complying with regulatory compliance mandates for layered security People Manage user access securely and cost-effectively Major South American bank health reduced the number of help desk calls by 30%, resulting in annual savings of $450,000+ Data Ensure privacy and integrity of data Major global bank saved $1.5 USD / year on storage costs and reduced compliance costs by $20M USD Applications Automate security testing on web-based applications Client added 225 new applications per year to handle US$1 quadrillion in securities transactions per year Infrastructure 25 Improve overall security and compliance Proactively alert, simplify monitoring and management Client monitored all devices and networks across all sites with zero false positives without blocking revenue-based traffic © 2013 IBM Corporation
  26. 26. IBM Security Systems Case Study: CEE based Insurance company gains actionable information in minutes to strengthen security and compliance Optimize staff resources 99% reduction in time to respond to security and IT incidents 99% reduction in compliance reporting time Uncovers threats and prioritizes risk for efficient and effective remediation “We can now find and address the source of a problem in minutes instead of tens of hours.” — Chief Information Security Officer, Insurance Company The transformation: By replacing manual processes with an advanced security solution from IBM, Client’s IT staff can quickly uncover threats, prioritize response based on risk level, and take action before the business is affected. The new solution integrates and analyzes data from disparate data sources and provides a unified view of potential security events, operational anomalies and vulnerabilities • IBM® QRadar® Security Intelligence 26 © 2013 IBM Corporation
  27. 27. IBM Security Systems Case Study: CEE based Bank gains 360-degree visibility into the enterprise Optimize security ROI 99% decrease in investigation time Immediate detection and notification of anomalies “With the IBM security platform, I now have a tool that gives me visibility across my enterprise and helps me find the source of the problem quickly.” - Chief Security Officer of the Bank 27 The transformation: Replacing an out-of-date security monitoring solution with an advanced security platform from IBM, Client’s security staff gained superior threat detection and a much richer view of enterprise activities. The new solution integrates and analyzes data from disparate sources to help staff more quickly uncover and respond to threats. • IBM® QRadar® Security Intelligence © 2013 IBM Corporation
  28. 28. IBM Security Systems IBM Security: Helping clients optimize IT security Integrated Portfolio Managed and Professional Services Extensive Partner Ecosystem IBM Research 28 © 2013 IBM Corporation
  29. 29. IBM Security Systems Thank you for your time today! Get engaged with IBM Security Follow us at @ibmsecurity and @ibmxforce Download X-Force security trend & risk reports / Attend in-person events Join the Institute for Advanced Security Subscribe to X-Force alerts at or Frequency X at Subscribe to the security channel for latest security videos 29 © 2013 IBM Corporation
  30. 30. IBM Security Systems Disclaimer Please Note: IBM’s statements regarding its plans, directions, and intent are subject to change or withdrawal without notice at IBM’s sole discretion. Information regarding potential future products is intended to outline our general product direction and it should not be relied on in making a purchasing decision. The information mentioned regarding potential future products is not a commitment, promise, or legal obligation to deliver any material, code or functionality. Information about potential future products may not be incorporated into any contract. The development, release, and timing of any future features or functionality described for our products remains at our sole discretion. 30 © 2013 IBM Corporation
  31. 31. IBM Security Systems Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. © Copyright IBM Corporation 2013. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. 31 © 2013 IBM Corporation