2012 security services clientprex


Published on

A good description for CISOs in helping their superiors to understand reason to act and invest in the necessary areas..

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • IBM has one the largest and most complex internal IT infrastructures in the world. We are providing solutions in over 2,000 major sites in our 170 countries. Our team includes 400,000-plus security specialist of which over 50 percent are mobile. IBM has security consultancy practices and dedicated security research capabilities across the globe.
  • Chief executive officers are under increasing pressure to increase demand and business value while maintaining the same or fewer resources. Organizations are facing a growing realization that our physical and IT assets, systems, and infrastructure are reaching a breaking point. As the pace of business and the world continues to accelerate, the physical and digital foundations on which progress depends are straining to keep up. Today’s businesses need to find ways to reduce operational expenses while meeting the greater demands of a highly instrumented world. You face unprecedented challenges in your ability to respond to change while enabling access to data and services around the clock. With customer and competitive pressures only increasing, it is clear that we need to address the deficiencies in infrastructure that threaten to hold us back—both at an organizational and at a societal level. In spite of these pressures to do more, IT organizations are spending roughly 70 percent of their funds on maintaining what they have today. And they are not getting any significant budget increases, so budgets are essentially flat.
  • Security leaders are under intense pressure and navigating a period of change. Information security leaders are charged with protecting some of the enterprise’s most valuable assets—money, customer data, intellectual property and, increasingly, brand. Today’s security risks are fundamentally different; instead of managing current threats, businesses have to be proactive about security. They need to anticipate the kinds of risks that expanding the business or opening up operations to more clients and partners will create. Executive attention – Nearly two-thirds of CISOs surveyed in IBM’s 2012 Chief Information Security Officer Study say that their senior executives are paying more attention to security today than they were two years ago because a series of high-profile hacking and data breach incidents have convinced them of the key role that security needs to play in the modern enterprise. Budget and spend – Nearly two-thirds of respondents expect information security spend to increase over the next two years. Of those, 87 percent expect double-digit increases and 11 percent expect increases of more than 50 percent. Threat – External threats were the top overall challenge and 69 percent of respondents ranked external threats as either their number one or number two challenge. Challenges – Securing the mobile world is a major challenge – 55 percent of respondents cited mobile security as a primary technology concern over the next two years. Aspirations – Two years from now, respondents expect to be spending more time reducing potential future risks, and spending less time mitigating current known threats or complying with government and industry mandates. Attention plus resources plus greater threat plus technical challenges plus aspiration equals a time for change.
  • The more the environment changes, the more the opportunities exist for risk. Technology is rapidly changing and the world we live in is becoming more digitized and interconnected. In order to keep up and stay competitive, chief executive officers need to be able to embrace new technology through the use of cloud, mobility and Big Data, but at the same time they need to consider the risks of potential threats and vulnerabilities in order to reduce the impact of a breach. Security risk management is a key component to consider when adopting new technology to help ensure that security is built in. From a risk perspective, new technology raises the level of a potential threat, which means that new investments needs to be made in protecting your company.
  • Today’s threats are more sophisticated. We are seeing an increase in: Advanced persistent threat Discovering new zero day threats Financially motivated and target attacks The types of threats differ depending on the type and motivation of the attacker: Insiders - employees, contractors, outsourcers – inexperienced, no funding, harm often caused by accident Worms and virus writers, script kiddies - inexperienced, limited funding, opportunistic behavior; target has know vulnerabilities “ White hat” and “black hat” hackers – inexperienced-to-higher-order skills, target usually known; they prefer denial of service attacks, which are increasing National governments, organized crime, industrial spies, terrorist cells – sophisticated trade craft, foreign intelligence, well financed and motivated by profit; these are increasingly difficult to detect and are also increasingly prevalent Source: Government Accountability Office (GAO), Department of Homeland Security's (DHS's) Role in Critical Infrastructure Protection (CIP) Cybersecurity, GAO-05-434
  • The Ponemon Institute found that 39 percent of employees lost or “misplaced” an unencrypted data-bearing device (such as Universal Serial Bus, or Universal Serial Bus (USB) drive, smart phone, laptop computer); 74 percent of those employees did not report the loss immediately, either because they were embarrassed, worried about losing their job, or thought they just misplaced the device and would find it soon.
  • New technology and business models are generating an increase in vulnerabilities . Because of the far-reaching impact of a security breach and its increasing complexity, we are seeing the potential impact to a company increase as they try to adopt mobility, cloud and social business. This impact can be felt across the entire corporation.
  • Source: IBM X-Force® Report 2011 and IBM Center for Applied Insight Security experts at IBM X-Force predict that Botnet infections rate will continue to increase, driven by evolution to bring your own IT (BYOIT) . Botnet infection rate for corporate owned and corporate managed devices equals 4 to 8 percent Botnet infection rate for personally owned devices equals 20 to 30 percent IMPACT: Loss of Data or Productivity: A targeted, advanced attack – also known as an APT, which is designed to be undetectable Sensitive data disclosure: Loss or theft of technology (laptops, memory sticks, personal digital assistants, or PDAs) which contain sensitive data Loss of data or productivity: Inadvertent disclosure of dataMalware infection - A virus, worm, Trojan horse, or other code-based malicious entity that successfully infects a host Impact to brand: defacement - A person gains logical or physical access without permission and defaces a web application. IBM is building integrated security solutions around four domains: people, data, applications and infrastructure. If you can better secure across those domains, not just within each as a stand-alone, siloed area, you can build a more security-rich environment and foster more innovative use of technology.
  • Loss of customers: A denial of service attack that prevents or impairs the use of networks, systems, or applications by exhausting resources.
  • IBM has security consultancy practices and dedicated security research capabilities across the globe.
  • The IBM 2012 Chief Information Security Officer (CISO) assessment This IBM initiative was created to enable a broader conversation with our clients around the expanding role of information security to confront the challenges facing enterprises today. In the new report, IBM identifies three types of security leaders: influencers, protectors and responder. We welcome you to review the assessment, related whitepapers and info graphics to see where you see your organization and enable you to be better prepared to meet new threats with confidence. IBM CEO Study This is IBM’s fifth biennial Global CEO Study. The primary focus of this year’s survey “How are CEOs responding to the complexity of increasingly interconnected organizations, markets, societies and governments—what we call the connected economy?” To find out, we spoke with more than 1,700 CEOs, general managers and senior public sector leaders from around the globe. Security Intelligence and Compliance Analytics aligns with several of our key focus initiatives. Our message demonstrates IBM’s thought leadership and capabilities to take clients to the next level in security. IBM Institute for Advanced Security This link takes you to a number of useful resources including the latest security news, research, interviews and a calendar of upcoming security events.
  • For more information, visit: http://www-142.ibm.com/software/products/us/en/category/tivoli/SWI00
  • 2012 security services clientprex

    1. 1. IBM Security ServicesEnabling innovation with confidence© 2012 IBM Corporation
    2. 2. IBM Security Systems The enterprise today2 © 2012 IBM Corporation
    3. 3. IBM Security SystemsIBM is well qualified to secure the enterprise. One of the largest and most complex internal IT infrastructures in the world  2,000-plus major sites  400,000-plus employees  800,000-plus traditional  170-plus countries  About 200,000-plus endpoints contractors  About 50 percent of employees are mobile Major employee sites Customer fulfillment Manufacturing Employee Service Centers IBM Research Centers IBM Internal Data Centers © 2012 IBM Corporation
    4. 4. IBM Security SystemsChief executive officers are under increasing pressure to delivertransformative business value—with limited resources available. Increased risk Budgetary constraints 40% 71% of Fortune 500 and of the average IT popular web sites budget is dedicated to Mobile in the contain a vulnerability2 ongoing operations4 enterprise Social business 90% 74% of enterprise use of organizations will support corporate social media today apps on a personal to communicate devices by 20146 with clients7 Innovation in Exploding data the cloud growth 60% of chief information Aging Infrastructure 2.7ZB of digital content in 71% officers view cloud 2012, a 50% increase computing as critical from 20113 to their plans5 of data centers are over 7 years old1Sources: 1The Essential CIO: Insights from the Global Chief Information Officer Study, May 2011, 2IBM X-Force® Mid-year 2011 Trend and Risk Report, September 2011, 3IDC, “IDCPredictions 2012: Competing for 2020” by Frank Gens December 2011, IDC #231720, Volume:1, 4Based on IBM Research, 5McKinsey How IT is managing new demands 2011, 6Gartnerpredicts that by 2014, “90% of organizations will support corporate applications on a personal devices.”, 7Forrsights Business Decision-Makers Survey, Q4 2011 © 2012 IBM Corporation
    5. 5. IBM Security SystemsIn IBM’s recent 2012 Chief Information Security Officer Study,security leaders shared their views on how the landscape ischanging. Nearly two-thirds say Two-thirds expect senior executives are to spend more on paying more attention security over the next to security issues. two years. External threats More than one-half say are rated as a bigger mobile security is their greatest near- challenge than internal threats, new term technology technology or compliance. concern.Source: IBM 2012 CISO Assessment y http://www.ibm.com/smarterplanet/us/en/business_resilience_management/article/security_essentials.html © 2012 IBM Corporation
    6. 6. IBM Security Systems The changing dynamics of securing the enterprise6 © 2012 IBM Corporation
    7. 7. IBM Security SystemsThink like a security expert. Security risk exists when … Threat Vulnerability Impact Can exploit And cause (Actor) (Weakness) (Loss)Security Risk Management is the application of control to detectand block the threat, to detect and fix a vulnerability, or to respond toincidents (impacts) when all else fails. © 2012 IBM Corporation
    8. 8. IBM Security SystemsToday’s threats (actors) are more sophisticated. Threat Type % of Incidents Threat Profile  Sophisticated tradecraft  Foreign intelligence agencies, organized crime groups  National  Well financed and often acting for profit Advanced, governments Equals less  Target technology as well as information Persistent  Organized crime than 10  Target and exploit valuable data Threat /  Industrial spies percent  Establish covert presence on sensitive networks Mercenary  Terrorist cells  Difficult to detect  Increasing in prevalence  “White hat” and  Inexperienced-to-higher-order skills “black hat”  Target known vulnerabilities Equals less  Prefer denial of service attacks BUT use malware as hackers Hacktivist than 10 means to introduce more sophisticated tools  “Protectors of percent  Detectable, but hard to attribute “Internet freedoms”  Increasing in prevalence  Inexperienced or opportunistic behavior t ca p ml a t ne o P  Acting for thrills, bragging rights  Worm and virus  Limited funding Opportunist writers 20 percent t  Target known vulnerabilities  Script Kiddie  Use viruses, worms, rudimentary Trojans, bots  Easily detected I i  No funding  Insiders -  Causes harm inadvertently by unwittingly carrying Inadvertent employees, viruses, or posting, sending or losing sensitive data Actor 60 percent contractors,  Increasing in prevalence with new forms of mobile outsourcers access and social businessSource: Government Accountability Office (GAO), Department of Homeland Securitys (DHSs) Role in Critical Infrastructure Protection (CIP) Cybersecurity, GAO-05-434 © 2012 IBM Corporation
    9. 9. IBM Security SystemsHere are the top reasons why compromises occur. End users and endpoints Infrastructure  Double-clicking “on anything”  Connecting systems and virtual images to the  Disabling endpoint security settings Internet before hardening them  Using vulnerable, legacy software and  Connecting test systems to the Internet with hardware default accounts or passwords  Failing to update or patch systems/applications  Failing to install security patches on a timely basis.  Failing to install anti-virus  Failing to implement or update virus detection  Failing to report lost or stolen device software  Connecting endpoint to a network from an  Using legacy or end-of-life software and hardware insecure access point (such as Starbucks)  Running unnecessary services  Using a second access point (such as  Using insecure back-end management software AirCard), creating a bypass  Failing to remove old/unused user accounts  Using weak or default passwords, or using  Implementing firewalls with rules that dont stop business passwords for personal use malicious or dangerous incoming or outgoing traffic  Revealing passwords over the phone  Failing to segment network and/or adequately monitor/block malicious traffic with IDS/IPS 1 Up to 80-90 percent of all security incidents can be easily avoided!21 Intrusion detection system and intrusion protection system’ 2Based on IBM X-Force® Trend Report, 2011 © 2012 IBM Corporation
    10. 10. IBM Security SystemsNumber of vulnerabilities increase radically with emergence of newbusiness models and technologies. Adopting new business models and Exponentially growing and interconnected embracing new technologies digital universe Bring your Employees, own IT customers, 30 billion RFID1 1 billion contractors, tags (products, workers will outsourcers passports, be remote buildings and or mobile animals)  1 billion mobile Mobility 1 trillion connected Internet users Social business objects (cars,  30 percent appliances, cameras) growth of 3G devices 33 percent of all new business software spending will be Cloud and virtualization Software as a ServiceSource: IBM X-Force® Trend Report, 2011 © 2012 IBM Corporation
    11. 11. IBM Security SystemsHere is the anatomy of a targeted attack. Adversary compromises endpoint used by a  With credentials and command and control systems administrator with undetectable malware. malware, adversary impersonates the Sys Admin – The malware has two components: to gain privileged access to systems and data. 1) A keystroke logger to capture credentials  Data is stolen, and production systems are further 2) Command and control capability compromised. APT1 and hacker, Privileged user Contractors Suppliers or activist People Employees Consultants Customers Endpoints Applications Web applications System applications Mobile apps Infrastructure Customer environment Data Structured Unstructured At rest In motion1 Advanced persistent threat (APT) © 2012 IBM Corporation
    12. 12. IBM Security SystemsHere is the anatomy of a denial-of-service attack. Hacktivist or other adversary launches concurrent attacks from multiple worldwide locations Attacks intended to saturate network connections and disable web presence Results in lost business opportunities and brand impact DDoS1 Master Zombies flooding Data center1 Distributed denial of service (DDoS) © 2012 IBM Corporation
    13. 13. IBM Security Systems Security essentials for chief information officers (CIOs)13 © 2012 IBM Corporation
    14. 14. IBM Security SystemsIBM developed ten essential practices required to achieve bettersecurity intelligence. 1. 2. Bu Ma cu ild Essential practices inc nag ma lture a ris int ide e na an k-a ell nts sec ge d wa 3. ige w ur me re De nc ith ity nt so fen e gr sy cia d t ea ste l w he te r m or mo kp 4. lac bile 6. Co Se e an b y cu r d ac ntro de ity- as ces l ne Mat sig ric ted su s a tw oma re nd or n hs Aut urit re k er vic M anu a sil hel y es l ie n p ba s , Ba ce Rea ed a si c Pro 5. ctiv Au 7. fic ppr Ad O “h tom e ien ptim of dre d yg a oac t intell urity ien te vir clou ss n Sec ize Pro e” sec igen h tua d e ur liz and w co acti ce ity a ti mp ve 8. on lex Ma i ty se nag cu e 10 rity th .M 9. co ird-p an Be mp a life a ge an tter lia rty cy d p se nc cle th r o cu e ei tec re de t p da nti riv ta ty ac y © 2012 IBM Corporation
    15. 15. IBM Security SystemsEssential practice 1:Build a risk-aware culture and management system. Actions to help get you there: Does your company culture enforce  Expand the mission of enterprise security from IT shop to and track the right risk adverse managing IT risk across the company, driven by a leader with behaviors? a strategic, enterprise-wide purview .  Design an organization structure and governance model that In using technology, everyone within a enables more proactive identification and management of company has the potential to infect the risks. enterprise, whether it’s from clicking a  Communicate and educate to raise awareness of potential dubious attachment or failing to install cyber risks. a security patch on a smart phone.  Build a management system enabled by digestible policies, measurements and appropriate tools. Building a risk-aware culture involves setting out the risks and goals, and IBM Offerings spreading the word about them.  Governance and organizational design Management needs to push this  Risk management assessment and program development change relentlessly from the top down,  Security metrics assessment and definition while also implementing tools to track  Policy development progress.  Security awareness program  Chief information security officer (CISO) on demand  Enterprise security architecture design © 2012 IBM Corporation
    16. 16. IBM Security SystemsEssential practice 2:Manage security incidents with greater intelligence Actions to help get you there: How can you use security intelligence  Build a skilled incident management and response team to benefit your business? with sufficient resources to conduct the forensics required. Imagine that two similar security  Develop a unified incident handling policy and process. incidents take place, one in Brazil and  Leverage consistent tools and security intelligence for the other in Pittsburgh. They may be incident management and investigative forensics. related. But without the security intelligence to link them, an important IBM Offerings pattern could go unnoticed.  Incident response program development A company-wide effort to implement  Emergency response services intelligent analytics and automated  Forensics solution implementation response capabilities is essential.  Security Information and event management (SIEM) Creating an automated and unified  IBM X-Force® Threat Analysis Service system enables an enterprise to better monitor its operations — and respond more quickly. © 2012 IBM Corporation
    17. 17. IBM Security SystemsEssential practice 3:Defend the mobile and social workplace. Actions to help get you there: What should you consider when  Enable employees to bring their own devices and securing your workplace? leverage use of social media while providing them the capabilities to segment business and personal data and Employees bring growing numbers of protect the enterprise’s data assets. their own devices to work and  Secure end-user computing platform to fit a risk profile increasingly leverage social media in based on an employee’s role. their communications. Each work  Automate endpoint security settings enforcement across station, laptop, or smart phone provides workstations, mobile devices and desktop cloud images. a potential opening for malicious attacks.  Isolate business, client and personal data and protect it. Settings on devices cannot be left to individuals or autonomous groups, but IBM Offerings instead must be subject to centralized  Mobile and endpoint assessment and strategy management and enforcement.  Endpoint and server solution implementation Securing the workforce means finding  Mobile device security management the right balance between openness and risk management. © 2012 IBM Corporation
    18. 18. IBM Security SystemsEssential practice 4:Security-rich services, by design. Actions to help get you there: What does “secure by design”  Assess where your optimal points of quality inspection mean to my business? should be.  Reduce the cost of delivering secure solutions by Imagine if automobile companies embedding security in the design process. manufactured their cars without seat  Use tools to scale adoption and to track compliance. belts or airbags, and then added them  Proactively uncover vulnerabilities and weaknesses later. It would be both senseless and through ethical hacking and penetration testing. outrageously expensive. In much the same way, one of the IBM Offerings biggest vulnerabilities in information systems comes from implementing  Security-rich engineering design and development services first, then adding on security  Penetration testing as an afterthought.  Application source code assessment  Hosted application security management The best solution is to build in security from the beginning, and carry out  Hosted vulnerability management regular automated tests to track compliance. © 2012 IBM Corporation
    19. 19. IBM Security SystemsEssential practice 5:Automate security “hygiene.” Actions to help get you there: What are the risks of continuous  Register all IT infrastructure components in a patching and the use of legacy centralize inventory and aggressively retire legacy software? components.  Integrate compliance data for end-to-end visibility. People stick with old software programs  Automate patch management and encourage a culture because they know them, and they are of diligence to help ensure that the infrastructure will comfortable with them. But managing protect against the current threats. updates on a variety of software can be  Identify opportunities to outsource routine monitoring next to impossible. functions. With a hygienic, security-rich system, IBM Offerings administrators can keep track of every  Infrastructure health assessment and outsourcing program that is running and be confident that it is current, and can have a  Endpoint and server solution implementation comprehensive system in place to install  Hosted vulnerability management updates and patches as they are released. This “hygiene” process should be routine and embedded in the foundation of systems administration. © 2012 IBM Corporation
    20. 20. IBM Security SystemsEssential practice 6:Control network access and help assure resilience. Actions to help get you there: How can managed services help  Optimize existing investments and leverage new technologies me strengthen controls for network to monitor and protect against threats. access?  Detect and block malicious network activity using a combination of logging, monitoring and advanced analytics solutions. Imagine the IT infrastructure of a  Prioritize what you need to control and what you do not need company as a giant hotel with over to control.  Optimize network infrastructure to improve both performance 65,000 doors and windows. While the and risk management. public is allowed to enter through the lobby, guest room access would be IBM Offerings controlled by registration and guest keys.  Network security assessment  Managed intrusion detection system and intrusion The same is true of data. Network protection system (IDP and IPS) security tools provide organizations  Managed firewall with a way to control access to the  Managed secure web gateway “rooms” where confidential data and  Managed unified threat management (UTM) critical systems are stored..  Hosted email and web security  Security Information and event management (SIEM)  Secure log management  Managed Distributed Denial of Service (DDoS) protection  Managed network access control © 2012 IBM Corporation
    21. 21. IBM Security SystemsEssential practice 7:Address new complexity of cloud and virtualization. Actions to help get you there: How can you embrace cloud  Develop a strategy for better securing your own cloud technology while reducing risk? services.  Assess the security controls of other cloud providers Cloud computing promises enormous to protect your data. efficiencies. But it can come with some  Understand the strengths and vulnerabilities of your risk. If an enterprise is migrating certain cloud architecture, programs, policies and practices. IT services to a cloud computing, it will  Build cloud services that employ a higher level of be in close quarters with lots of others— control and confidence. possibly including individuals who may have malicious intent. IBM Offerings To thrive in this environment,  Cloud security strategy and assessment organizations must have the tools and procedures to isolate and protect  Hosted vulnerability management themselves, and to monitor potential  Hosted application security management threats.  Managed firewall  Managed intrusion prevention and detection systems (IPDS)  Security information and event management (SIEM)  Secure log management © 2012 IBM Corporation
    22. 22. IBM Security SystemsEssential practice 8:Manage third-party security compliance. Actions to help get you there: Are your security policies and  Integrate security as a part of mergers and acquisitions. safeguards compliant today?  Assess vendors’ security and risk policies and practices, and educate them on compliance. An enterprise’s culture of security  Assess conformance with process and data protection must extend beyond company walls, requirements of industry requirements and regulations and establish best practices among such as PCI1, GLBA2, HIPAA3, SOX4, NERC-CIP5. its contractors and suppliers.  Manage the vendor risk lifecycle. Security, like excellence, should be infused in the entire partner IBM Offerings ecosystem. Numerous cases have shown how the carelessness of one  Third-party compliance assessment company can have a deleterious  PCI1, GLBA2, HIPAA3, SOX4, NERC-CIP5 effect on many.1 Payment card industry (PCI), 2Gramm-Leach-Bliley Act (GLBA), 3Health Insurance Portability and Accountability Act (HIPAA), 4Sarbanes-Oxley (SOX),5 North American Electric Reliability Corporation-Critical Infrastructure Protection (N ERC-CIP) © 2012 IBM Corporation
    23. 23. IBM Security SystemsEssential practice 9:Better secure data and protect privacy. Actions to help get you there: How can you improve the protection Identify the value of your confidential data and the of your critical data? Assess gaps and define a data protection strategy that Every company has critical information, Perhaps its scientific and technical data, Design a robust data management architecture that or maybe its documents regarding possible mergers and acquisitions, or Deploy and manage leading data protection technologies. clients’ non-public financial information. Each enterprise should carry out an IBM Offerings inventory, with the critical data getting special treatment. Each priority item  Data security and privacy strategy and assessment should be guarded, tracked and  Data loss prevention encrypted as if the company’s survival  Data encryption hinged on it. In some cases, that may be  Database security assessment and architecture the case.  Big Data security architecture  Database auditing and monitoring  Data masking © 2012 IBM Corporation
    24. 24. IBM Security SystemsEssential practice 10:Manage the identity lifecycle. Actions to help get you there: What value does managing the identity  Develop an optimized identity and access and access of users bring to my management strategy. business?  Implement standard, policy based control mechanisms and more intelligent monitoring. Managing who has access to critical data  Centralize and automate separation of duties is essential element of security. For management. example, imagine that a contractor gets  Adopt a desktop and web single-sign-on solution. hired full time. Six months pass and he or she gets a promotion. A year later, a competitor hires him or her. How does IBM Offerings the system treat that person over time?  Identity management assessment and strategy It must first give limited access to data,  Identity solution Implementation then open more doors before finally  Role analytics denying access to him or her.  Two-factor authentication This is managing the identity life cycle.  Public key infrastructure (PKI) deployment It’s vital. Companies that mismanage it are operating without enough information, and could be vulnerable to intrusions. © 2012 IBM Corporation
    25. 25. Option 1 IBM Security Systems Enterprise Governance, Risk and Compliance Management GRC Platform (OpenPages) Risk Analytics (Algorithmics) Investigation Management (i2) IBM Security Portfolio Security Intelligence, Analytics, and Governance, Risk, and Compliance QRadar SIEM QRadar Log Manager QRadar Risk Manager Risk and Compliance Services Privacy and Audit Services Managed and Cloud-based SIEM Security Operational IT Security Domains and Capabilities Consulting People Data Applications Infrastructure Network Endpoint Identity and Access Guardium AppScan Enterprise, Network Endpoint Management Suite Database Security Standard and Source Intrusion Prevention Manager (BigFix) Managed and Cloud Federated InfoSphere Optim DataPower SiteProtector Virtualization and Services Identity Manager Data Masking Security Gateway Management System Server Security Enterprise Key Lifecycle Security QRadar Network Mainframe Security Single Sign-On Manager Policy Manager Anomaly Detection (zSecure, RACF) X-Force and IBM Dynamic and Static Managed Firewall, Infrastructure Research Authentication and Encryption and DLP Application Security Intrusion Prevention, Testing and Incident Deployment Services Deployment Services Assessments UTM Services Response Mobile Device Identity Hosting Hosted Web and Application Security Vulnerability v12-12 Security Services Email Security Management - SaaS Management ManagementProducts Services © 2012 IBM Corporation
    26. 26. Option 2 IBM Security Systems Enterprise Governance, Risk and Compliance Management GRC Platform (OpenPages) Risk Analytics (Algorithmics) Investigation Management (i2) IBM Security Portfolio Security Intelligence, Analytics, and Governance, Risk, and Compliance QRadar SIEM QRadar Log Manager QRadar Risk Manager Risk and Compliance Services Privacy and Audit Services Managed and Cloud-based SIEM Security Operational IT Security Domains and Capabilities Consulting People Data Applications Network Infrastructure Endpoint Identity and Access Guardium AppScan Enterprise, Network Endpoint Management Suite Database Security Standard and Source Intrusion Prevention Manager (BigFix) Managed and Cloud Federated InfoSphere Optim DataPower SiteProtector Virtualization and Services Identity Manager Data Masking Security Gateway Management System Server Security Enterprise Key Lifecycle Security QRadar Network Mainframe Security Single Sign-On Manager Policy Manager Anomaly Detection (zSecure, RACF) X-Force and IBM Dynamic and Static Managed Firewall, Infrastructure Research Authentication and Encryption and DLP Application Security Intrusion Prevention, Testing and Incident Deployment Services Deployment Services Assessments UTM Services Response Mobile Device Identity Hosting Hosted Web and Application Security Vulnerability v12-12 Security Services Email Security Management - SaaS Management ManagementProducts Services © 2012 IBM Corporation
    27. 27. Option 3 IBM Security SystemsPutting it all together – The Security Framework Enterprise governance, risk and compliance management Open pages Algorithmics i2 Corporation Security Portfolio IT security and compliance analytics & reporting Security information and event Advanced analytics (Streams, SPSS, Penetration management etc.) Testing & red team exercise Security IT infrastructure – operational security domains consulting People Data Applications Infrastructure AppScan Anti-malware Identity and access Guardium source code Network IDS and gateway Implemen- management suite database security scanning host based IPS tation services Federated AppScan application zSecure Optim data masking Mainframe Securtiy identity manager security assessment Network firewall Server security Enterprise Key Lifecycle Worklight mobile (Tivoli Endpoint Single Sign-On Management application security Manager) Managed services Web application DDOS protection Encryption Role based firewall Mobile endpoint analytics/SOD management ((Tivoli checking Endpoint Manager) Data loss prevention AppScan on demand Content filtering (network & endpoint) software as a service © 2012 IBM Corporation
    28. 28. IBM Security SystemsIBM is helping to solve essential security challenges—worldwide.Better secure data and Control network access and Defend mobile and socialprotect privacy help assure resilience workplaceA large Canadian pharmaceutical A Danish dairy company protects A leading manufacturer in Indiacompany improves its ability to users and its infrastructure from identifies potential securityprotect against internal and malicious content and limits threats, strengthens its securityexternal threats with an IBM administration levels and improves customerInformation Security Assessment confidence Address new complexity of Manage third-party security cloud and virtualization compliance An urban services organization in A US Retailer identifies gaps to achieve Portugal, improves employee Payment Card Industry (PCI) compliance productivity through e-mail filtering and cloud/managed security services Security-rich services by design A bank in Kuwait gains a better Build a risk-aware culture view of its security posture and An Austrian bank network vulnerabilities by conglomerate establishes a conducting real-world security consistent security policy with testing IBM Security Services © 2012 IBM Corporation
    29. 29. IBM Security Systems Why IBM ?29 © 2012 IBM Corporation
    30. 30. IBM Security SystemsIBM can provide unmatched global coverage and security awareness. Security Operations Centers Security Research Centers Security Solution Development Centers Institute for Advanced Security Branches 10B analyzed web pages and Worldwide managed IBM Research images security services coverage  20,000-plus devices under contract 150M intrusion attempts daily  3,300 GTS1 service delivery experts 40M span and phishing attacks  3,700-plus MSS2 clients worldwide 46K documented vulnerabilities  15B-plus events managed per day and millions of unique malware  1,000-plus security patents samples  133 monitored countries (MSS)1 IBM Global Technology Services (GTS); 2Managed Security Services (MSS) © 2012 IBM Corporation
    31. 31. IBM Security SystemsWe continue to research, test and publish focused approaches toIT security that align with both executive and technical needs. Finding a Strategic Voice IBM Institute for Advanced Security IBM 2012 CISO Global Security Leaders Share intelligence Assessment and collaborateIBM 2012 Global Chief Executive Officer StudySecurity Intelligence and Compliance Analytics © 2012 IBM Corporation
    32. 32. IBM Security SystemsThank you for your time today.For more information: IBM SecurityContact: [Insert presenter name] [Insert presenter work phone] [Insert presenter e-mail address] © 2012 IBM Corporation
    33. 33. IBM Security SystemsTrademarks and notesIBM Corporation 2012 IBM, the IBM logo, ibm.com and X-Force are trademark Web site], are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both. If these and other IBM trademarked terms are marked on their first occurrence in this information with the appropriate symbol (® or ™), these symbols indicate US registered or common law trademarks owned by IBM at the time this information was published. Such trademarks may also be registered or common law trademarks in other countries. A current list of IBM trademarks is available on the Web at “Copyright and trademark information” at: www.ibm.com/legal/copytrade.shtml. Other company, product and service names may be trademarks or service marks of others. The performance data discussed herein is presented as derived under specific operating conditions. Actual results may vary. References in this publication to IBM products or services do not imply that IBM intends to make them available in all countries in which IBM operates. THE INFORMATION IN THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING WITHOUT ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OR CONDITION OF NON- INFRINGEMENT. IBM products are warranted according to the terms and conditions of the agreements under which they are provided. © 2012 IBM Corporation