Security: Intelligence, Integration, Expertise


Published on

●●Utilize Security Intelligence to help detect, predict and remediate
breaches that may not be detected by point products alone
●● “Plug the holes” of competitive point product approaches with an
integrated solution from the recently formed IBM Security Systems division
●● Enable today’s cutting-edge technology platforms, from mobility to
cloud to social

Published in: Technology, Business
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Security: Intelligence, Integration, Expertise

  1. 1. IBM Software IBM Security: Intelligence, Integration, Expertise One of the broadest, most advanced and integrated enterprise security product and service portfolios Highlights Utilize Security Intelligence to help detect, predict and remediate “Enterprise security is no ●● breaches that may not be detected by point products alone longer about technology ●● “Plug the holes” of competitive point product approaches with an alone. It has clearly integrated solution from the recently formed IBM Security Systems division Enable today’s cutting-edge technology platforms, from mobility to become a strategic ●● cloud to social business priority for the board of directors.” A Hyper-connected Business World The era of big data has arrived with an explosion of digital business information accessed from, and stored on, virtualized cloud and social —Brendan Hannigan, General Manager, IBM Security Systems platforms, and on mobile devices that are part consumer, part business. Everything is everywhere. The complexity is overwhelming; the possible points of attack near limitless. By traditional metrics, the IT security industry has recently shown significant improvement in the fight to secure this environment. But the attacks have recently grown in sophistication, severity and frequency— leading to 2011 being declared “The Year of the Security Breach” by the renowned IBM X-FORCE® research and development team.1 Ranging from cybercrime to apparent state-sponsored and terror-inspired motiva- tions, these attacks leave no one immune. And in an environment where business is increasingly dependent upon a company’s online presence, today’s threats are directly aimed at the business, not the technology.
  2. 2. IBM Software 2011 Sampling of Security Incidents by Attack Type, Time and Impact conjecture of relative breach impact is based on publicly disclosed information regarding leaked records and financial losses Attack Type Gaming Gaming SQL Injection Central IT Security Government URL Tampering Central Defense Government Gaming Spear Phishing Banking Entertainment Consulting Consumer 3rd Party Software Electronics Central Online Services National Entertainment Government Police Online DDos Banking Services Heavy Marketing Gaming Consulting Industry Gaming SecureID Central Central Services Government Government Trojan Software Internet Services Central Government Gaming Unknown Consumer Entertainment Agriculture Defence Gaming IT Security Electronics National Insurance Police Defense Central Government Apparel Central State Government Financial Government Police Market Gaming Consulting IT Security Consumer Central Internet Government Electronics Tele- Services communications Central Size of circle estimates relative impact of Government State breach in terms of cost to business Police Gaming Gaming Defense Consumer National Electronics Central Police Government Jan Feb March April May June July Aug Sep Oct Nov DecLabeled as “The Year of the Security Breach” by the IBM X-FORCE research and development team, 2011 was marked by a high volume of severe and variedsecurity attacks.Traditional Defenses BypassedDesigned to gain continuous access to critical businessinformation, Advanced Persistent Threats are the new reality.These attacks utilize cutting-edge methodologies, can last forlong periods of time and are specifically targeted. These meth-ods have eroded the effectiveness of traditional IT defensesincluding firewalls and antivirus solutions—even bypassingthese controls completely in some cases. A fundamentallydifferent security approach is required to help secure today’senterprise, not only with effective technology, but withrigorous processes and organization. Siloed point productsprotecting only the perimeter are no longer enough. Traditional defenses are no longer sufficient. 2
  3. 3. IBM Software Introducing the IBM Security Systems division IBM Security Framework At the beginning of 2012, IBM formed the Security Systems Governance, Risk and Compliance division to develop the integrated strategy and roadmap needed in today’s environment of ever-increasing security complexity. Security Intelligence To help address the overwhelming need for enterprise security and Analytics in today’s hyper-connected, big data, everything-is-everywhere Cloud and Managed Services business world, IBM based this division on three main tenets— Professional Services Infrastructure Applications Intelligence, Integration and Expertise. People Intelligence Data Leveraging deep IBM expertise in analytics, the first tenet is Security Intelligence: millions of events are processed in real-time to help detect, predict and remediate breaches that no Advanced Security and Threat Research other system can. Software and Appliances Integration The second tenet is the integration of the IBM portfolio of Security Intelligence, X-FORCE research and core protection assets. This helps collapse data silos for easier complianceThe IBM approach to security is multilayered. Integrated Intelligence. Integrated Research. Integrated Protection. 3rd Party Ecosystem urity Intelligence urity Intelligence urity Intelligence Sec Sec Sec Ap Ap Ap pli pli pli ple ple ple ca ca ca Peo Peo Peo tion tion tion s s s ure ure ure uc t uc t uc t Da Da Da str str str ta ta ta ra ra ra I I I nf nf nf Ad h Ad h Ad h va n c e d Re s ea rc va n c e d Re s ea rc va n c e d Re s ea rcThe integration of Security Intelligence, X-FORCE research and core protection assets is a powerful combination. 3
  4. 4. IBM Softwarereporting and improved Security Intelligence, reduce complex- and delivery organizations. This powerful combination ofity and lower the cost of maintaining a strong security posture. expertise is made up of the award-winning X-FORCE researchIn addition, integration: and development team—with one of the largest vulnerability databases in the industry—and includes nine security operations●● Provides external and internal contextual information to help centers, nine IBM Research centers, 14 software security breach detection, prediction and remediation development labs and the IBM Institute for Advanced Security●● Automates updates for devices and software for researched with chapters in the United States, Europe and the Asia Pacific vulnerabilities region.●● Can link authentication and authorization with suspicious database activity IBM currently monitors more than 13 billion security events●● Automates compliance and risk assessment activities per day for its clients in more than 130 countries. IBM has the consultants and expertise to help any organization moveExpertise toward optimized, integrated security controls with SecurityWith more than 6,000 researchers, developers and subject mat- Intelligence.ter experts engaged in security initiatives, IBM operates one ofthe world’s broadest enterprise security research, development Zurich, CH Waltham, US Fredericton, CA Belfast, N IR Delft, NL IAS, Europe IAS, Americas Toronto, CA Ottawa, CA Boulder, US TJ Watson, US Herzliya, IL Alamden, US Tokyo, JP Bangalore, IN Detroit, US Brussels, BE Costa Mesa, US Tokyo, JP Raleigh, US Austin, US Atlanta, US Haifa, IL Pune, IN Taipei, TW Atlanta, US Atlanta, US Bangalore, IN Singapore, SG Brisbane, AU Security Operations Centers New Delhi, IN Security Research Centers Gold Coast, AU Security Solution Development Centers Hortolândia, BR Perth, AU IAS, Asia Pacific Institute for Advanced Security BranchesIBM operates one of the world’s broadest security research and development and delivery organizations. 4
  5. 5. IBM SoftwareFrom Mobility to Cloud to Social: For more informationa framework of capabilities for To learn more about IBM Security, please contact yourany environment IBM representative or IBM Business Partner, or visit:Today’s cutting-edge environments can bring tremendous as well as risk. The IBM integrated and compre-hensive approach to security—reaching across People, Data, To join the Institute for Advanced Security, please visit:Applications and Infrastructure—provides the core structure www.instituteforadvancedsecurity.comfor an adaptive approach when implementing new technologies,now or with unknown futures. IBM. Security Intelligence. Think Integrated. Security Intelligence: Information and event management Advanced correlation and deep analytics Security External threat research Intelligence Optimized Advanced network Role based analytics Secure app monitoring Identity governance Data flow analytics engineering processes Forensics / data Privileged used Data governance mining controls Fraud detection Security rich systems Database vulnerability Virtualization security User provisioning Application firewall monitoring Asset management Proficient Access management Access monitoring Source code scanning Endpoint / network Strong authentication Data loss prevention security management Encryption Perimeter security Basic Centralized directory Application scanning Access control Anti-virus People Data Applications InfrastructureIBM Security products have many leading capabilities in every segment. 5
  6. 6. About IBM SecurityThe IBM security portfolio provides security intelligence tohelp organizations holistically protect their people, infrastruc-ture, data and applications, offering solutions for identity andaccess management, database security, application development,risk management, endpoint management, network security andmore. IBM Security products, services and expertise enableorganizations to more effectively manage risk and implementintegrated security solutions for mobile, cloud, social media andother enterprise business architectures. IBM operates one ofthe world’s broadest security research and development anddelivery organizations. This comprises nine security operationscenters, nine IBM Research centers, 11 software securitydevelopment labs and an Institute for Advanced Securitywith chapters in the United States, Europe and Asia Pacific.IBM monitors 13 billion security events per day in more than130 countries and holds more than 3,000 security patents.Additionally, IBM Global Financing can help you acquire thesoftware capabilities that your business needs in the mostcost-effective and strategic way possible. We’ll partner withcredit-qualified clients to customize a financing solution to suityour business and development goals, enable effective cashmanagement, and improve your total cost of ownership. Fundyour critical IT investment and propel your business forwardwith IBM Global Financing. For more information, Please Recycle WGE03018-USEN-00