SlideShare a Scribd company logo

Rochester Security Event

C
calebbarlow
TechnologyBusiness
1 of 48
Download to read offline
2013 Information Security Risks Year-End Review Caleb Barlow Director – IBM Application, Data, Mobile, Critical Infrastructure Security www.facebook.com/barlow.caleb www.youtube.com/calebbarlow
2 © 2013 IBM Corporation
Threat landscape is growing fast In 2000 In 2012 361the Internet million people using 5.8% of the world’s population 3 2.67 billion people using the Internet 33% of the world’s population © 2013 IBM Corporation
…. and becoming Mobile In 2000 720 million mobile subscribers worldwide 12% of the world’s population 4 In 2012 6 billion worldwide mobile subscribers 87% population of the world’s © 2013 IBM Corporation
Innovative technology changes everything 1 trillion connected objects Social business 5 1 billion mobile workers Cloud and virtualization Bring your own IT © 2013 IBM Corporation
QR Codes §  QR Code can contain a URL to download malware §  The malware can then send SMS messages to a premium rate number (US $6 per message) •  Samsung Galaxy S3 can be reset from a QR Code wiping all data •  Google Glass vulnerability identified by Lookout Security 6 © 2013 IBM Corporation
How do Mobile Applications treat you? 7 © 2013 IBM Corporation
8 © 2013 IBM Corporation
Motivation and sophistication is evolving rapidly Nation-state actors, APTs Stuxnet, Aurora, APT-1 MOTIVATION National Security, Economic Espionage Hacktivists Lulzsec, Anonymous Notoriety, Activism, Defamation Monetary Gain Nuisance, Curiosity Organized crime Zeus, ZeroAccess, Blackhole Exploit Pack Insiders, Spammers, Script-kiddies Nigerian 419 Scams, Code Red SOPHISTICATION 9 © 2013 IBM Corporation
X-Force Trend and Risk Report Crawler •  Over 1000 CPUs scanning the Internet 24x7 Darknet and Honeypots •  Capturing information from virgin IP addresses SpamTrap •  Obtains Spam IPs and samples Managed Services •  15B security events a day across 133 countries and over 20,000 devices under contract 10 © 2013 IBM Corporation
11 Source: IBM X-Force® Research 2013 Trend and Risk Report © 2013 IBM Corporation
2012 Sampling of Security Incidents by Attack Type, Time and Impact Conjecture of relative breach impact is based on publicly disclosed information regarding leaked records and financial losses 12 Source: IBM X-Force® Research 2013 Trend and Risk Report © 2013 IBM Corporation
Security Incidents in the first half of © 2013 IBM Corporation
still reliable for breaching databases of tracked disclosed breaches Low risk / high reward §  Old CMS installations §  CMS Plugins §  Forum software §  Other popular 3rd party scripts © 2013 IBM Corporation
continue to disrupt businesses High traffic volume as much as Industries affected: §  Banks §  Governments §  DNS Providers © 2013 IBM Corporation
attacks compromise end user trust Tainting legitimate sites with zero-day exploits Targeting Savvy Users §  Tech company developers §  Government Employees §  Unsuspecting viewers of trusted sites © 2013 IBM Corporation
foreign branch or local language sites tarnish brands Global brands targeted in foreign countries outside of home office Attackers rely on §  Lower security on local language sites §  Temporary micro-sites which gather user data §  Tarnish brands with path of least resistance © 2013 IBM Corporation
countries most impacted by security incidents The United States most reported breach target location Taiwan was targeted in several foreign branch security incidents © 2013 IBM Corporation
has become a new playground for attackers Social Media top target for attacks and mobile devices are expanding those targets -  Pre-attack intelligence gathering -  Criminals selling accounts -  Campaigns enticing user to click on malicious links © 2013 IBM Corporation
20 © 2013 IBM Corporation
Products Time 21 © 2013 IBM Corporation
Cost Products Complexity Agility Effectiveness Time 22 © 2013 IBM Corporation
Your security team sees noise 23 © 2013 IBM Corporation
Security challenges are a complex, four-dimensional puzzle People Employees Outsourcers Attackers Consultants Suppliers Customers Partners Data Structured Unstructured At rest In motion Applications Systems Applications Web Applications Web 2.0 Mobile Applications Infrastructure Datacenters PCs Laptops Mobile Cloud Non-traditional …that requires a new approach © 2013 IBM Corporation
…that requires a new approach Then Now Administration Insight Data Basiccontrol Laserfocused Applications Bolt-on Built-in Infrastructure Thicker walls Smarter defenses People Collect and Analyze Everything 25 © 2013 IBM Corporation
A change in mindset is already happening 26 © 2013 IBM Corporation
Monitor Everything 27 © 2013 IBM Corporation
Consume Threat Intelligence 28 © 2013 IBM Corporation
Integrate Across Domains 29 © 2013 IBM Corporation
Security Intelligence 30 © 2013 IBM Corporation
IBM Security Framework Intelligence Integration Expertise © 2013 IBM Corporation
A comprehensive portfolio of products and services across all domains 32 © 2013 IBM Corporation
With Fiberlink, only IBM will provide the full spectrum of mobile management and security needs Requirements for Mobile Management and Security: Business Span of Control High Corporate Owned Assets Employees w/BYOD Task/Temp Workers Business Partners Low Consumer Transactions Solution Approaches: Mobile Device Management Containers – App Wrapping and SDKs Secure Transactions IBM / Fiberlink Offerings: IBM Security Access Manager for Mobile Planned Integration Points: •  SDKs will be packaged in Worklight IDE so all apps can be secured (IBM Worklight) •  Security information and events will feed into QRadar for analysis and actions will return to mobile tools (IBM QRadar) •  Code scans will be integrated into the process before apps are deployed into app store/catalog (IBM AppScan) 33 © 2013 IBM Corporation
Mobile Security Framework Personal Secure the Application Trusted Transactions Mobile Access Mgmt Identity Federation Application Level VPN Secure API Connectivity Malware & Fraud Detection Device & Location Risk Account Takeover Jailbreak w Device Rooted Security Intelligence SIEM Threat Research Enterprise Applications iOS / Android Static Scanning Worklight Mobile IDE Experience Management Tamper Proofing *partner Enterprise Container Cloud Services Secure the Device Enroll w Configurew Monitor Provision w Wipe w Fingerprint
Who is Fiberlink? §  Founded in 1991, Fiberlink has built expertise in delivering mobile management and security services as a service §  Headquartered in Blue Bell, PA §  Provides Mobile Device Management, Mobile Application Management, Enterprise Container with SDK and App-Wrapping, Secure Document Sharing and Mobile Expense Management as a Service helping enterprises connect, control and secure mobile devices to gain competitive advantage, increase employee productivity, and implement proper security measures §  Industry leading and award winning §  Cloud-based mobility management platform §  Seamless integration with existing enterprise systems §  Broad range of mobile OS support §  Robust policies for Bring Your Own Device (BYOD) security and privacy §  3500+ clients §  Marquee financial, healthcare, public sector, education, and retail customers §  Delivering value to enterprises of all sizes: small to large 35 © 2013 IBM Corporation
Industry analysts rank IBM Security as leading the market Security Analyst Report Rankings Domain Security Intelligence Market Segment / Report Security Information and Event Management (SIEM) Identity and Access Governance Gartner Magic Quadrant User Provisioning and Administration Leader 2013 2011 Challenger 2013 Strong Performer 2013 Leader 2013 Contender 2011 Leader 2013 MarketScope Leader Database Auditing and Real-Time Protection Data Leader 2013 Role Management and Access Recertification Web Access Management (WAM) IDC Market Share Leader Identity and Access Management Suites People Forrester Wave 2011 Data Masking Applications Leader Application Security Testing (dynamic and static) Leader Leader 2013 2013 Network Intrusion Prevention Systems (NIPS) Infrastructure EndPoint Protection Platforms (EPP) Managed Security Services (MSS) Services Information Security Consulting Services 2013 Challenger 2012 Visionary Strong Performer 2013 2013 Leader Leader 2012 2012 Leader 2013 No report available Note: Rankings compiled from latest available analyst reports as of September, 2013 36 © 2013 IBM Corporation
Chief Information Security Officers: 2013 IBM CISO Study Formalize your role as a CISO Establish a security strategy Focus on overall risk Develop effective business relations - build trust, share information, meet with the Csuite and board Invest in advanced technology when it meets a business need Fortify your mobile security Track risk to brand reputation and customer satisfaction Integrate metrics “Strategic vision… Global consistency… Lots of communication… speak business value, understand risk… minimize the impact… be on the bleeding edge…”© 2013 IBM Corporation IBM Confidential 37
Trusteer Advanced Fraud and Malware Protection Helping to protect against financial fraud and advanced security threats Among the capabilities Trusteer brings to IBMs security portfolio: Web Fraud Protection Leading web fraud capabilities for financial services and web commerce Secure Mobile Transactions Embedded security for mobile devices and applications helps enables secure transactions from devices to the back office Extended Advanced Threat Protection Unique endpoint solution for identifying and protecting against Advanced Persistent Threats 38 Security-as-a-Service Cloud based deployment enabling rapid and real-time updates © 2013 IBM Corporation
About  Trusteer   Global   Hundreds  of  Customers     100,000,000  Endpoints   Financial  Fraud  Preven;on   Solu;ons   Advanced  Threat   Protec;on   Intelligence   Technology   Leader   ©  Trusteer  2013   Leading  Global  Organiza;ons  Put   Their  TRUST  In  Us   7/10   Top  US  Banks     4/5   Top  Canadian  Banks   9/10   Top  UK  Banks   Major   European  Banks   Exper;se   39  
Malware  and  Phishing   Common  threat  to  online  channels  &  internal  systems   Social   Engineering   (Phishing)   Vulnerability   Exploit     Malware   Infec;on   Fraud   Scheme   Execu;on   Data   Exfiltra;on   Three Losing Battles Money   Loss   Enterprise   Breach   Two Major Impacts •  Humans will always make mistakes Widespread  Fraud   •  System and application vulnerabilities continue to emerge •  $3.4B  est  lost  to  online  fraud  in  20121   Advanced  Threats  and  Breaches   •  85%  of  breaches  go  undetected2   1JPMorgan: 2012 Online Fraud Report , 2Gartner: 2290415, •  $8.9M  average  cost  of  cyber-­‐aDacks3   3 •  Malware detection will always lag ©  Trusteer  2013   Ponemon Institute: 2012 Cost of Cybercrime Report: US
The  Specific  Problems  Trusteer  Solves   Online  Banking   Account  Takeover,   New  Account  Fraud   Phishing    and   Malware  Fraud   Mobile  Fraud  Risk   WWW   Advanced  Threats   (Employees)   Wire,  ACH,  Internal  Apps   ©  Trusteer  2013  
Trusteer  Solu;ons     Trusteer  Pinpoint   Malware  Detec;on   Phishing    and   Malware  Fraud   Trusteer   Rapport   Trusteer  Mobile  Risk   Engine   Trusteer   Mobile  SDK/ APP   Mobile  Fraud  Risk   WWW   Trusteer  Apex   Advanced  Threats   (Employees)   Wire,  ACH,  Internal  Apps   ©  Trusteer  2013   Trusteer  Pinpoint   Account  Takeover   (ATO)  Detec;on   Online  Banking   Account  Takeover,   New  Account  Fraud  
Your security team sees… © 2013 IBM Corporation
Clarity… © 2013 IBM Corporation
Insights… © 2013 IBM Corporation
Everything © 2013 IBM Corporation
Thank You www.facebook.com/barlow.caleb www.youtube.com/calebbarlow © 2013 IBM Corporation
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. © Copyright IBM Corporation 2012. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. © 2013 IBM Corporation

Recommended

The ROI on Intrusion Prevention: Protecting Both Your Network & Investment
The ROI on Intrusion Prevention: Protecting Both Your Network & InvestmentThe ROI on Intrusion Prevention: Protecting Both Your Network & Investment
The ROI on Intrusion Prevention: Protecting Both Your Network & InvestmentIBM Security
 
Best practices for mobile enterprise security and the importance of endpoint ...
Best practices for mobile enterprise security and the importance of endpoint ...Best practices for mobile enterprise security and the importance of endpoint ...
Best practices for mobile enterprise security and the importance of endpoint ...Chris Pepin
 
IBM Security - 2015 - Client References Guide
IBM Security - 2015 - Client References GuideIBM Security - 2015 - Client References Guide
IBM Security - 2015 - Client References GuideFrancisco González Jiménez
 
Top 2016 Mobile Security Threats and your Employees
Top 2016 Mobile Security Threats and your EmployeesTop 2016 Mobile Security Threats and your Employees
Top 2016 Mobile Security Threats and your EmployeesNeil Kemp
 
Malware on Smartphones and Tablets: The Inconvenient Truth
Malware on Smartphones and Tablets: The Inconvenient TruthMalware on Smartphones and Tablets: The Inconvenient Truth
Malware on Smartphones and Tablets: The Inconvenient TruthIBM Security
 
WEBINAR - August 9, 2016: New Legal Requirements for Mobile Security
WEBINAR - August 9, 2016: New Legal Requirements for Mobile SecurityWEBINAR - August 9, 2016: New Legal Requirements for Mobile Security
WEBINAR - August 9, 2016: New Legal Requirements for Mobile SecurityMobileIron
 
SecurityWhitepaper 7-1-2015
SecurityWhitepaper 7-1-2015SecurityWhitepaper 7-1-2015
SecurityWhitepaper 7-1-2015Francisco Anes
 
Compliance is a pit stop – your destination lies ahead
Compliance is a pit stop – your destination lies aheadCompliance is a pit stop – your destination lies ahead
Compliance is a pit stop – your destination lies aheadIBM Security
 

Recommended

The ROI on Intrusion Prevention: Protecting Both Your Network & Investment
The ROI on Intrusion Prevention: Protecting Both Your Network & InvestmentThe ROI on Intrusion Prevention: Protecting Both Your Network & Investment
The ROI on Intrusion Prevention: Protecting Both Your Network & InvestmentIBM Security
 
Best practices for mobile enterprise security and the importance of endpoint ...
Best practices for mobile enterprise security and the importance of endpoint ...Best practices for mobile enterprise security and the importance of endpoint ...
Best practices for mobile enterprise security and the importance of endpoint ...Chris Pepin
 
IBM Security - 2015 - Client References Guide
IBM Security - 2015 - Client References GuideIBM Security - 2015 - Client References Guide
IBM Security - 2015 - Client References GuideFrancisco González Jiménez
 
Top 2016 Mobile Security Threats and your Employees
Top 2016 Mobile Security Threats and your EmployeesTop 2016 Mobile Security Threats and your Employees
Top 2016 Mobile Security Threats and your EmployeesNeil Kemp
 
Malware on Smartphones and Tablets: The Inconvenient Truth
Malware on Smartphones and Tablets: The Inconvenient TruthMalware on Smartphones and Tablets: The Inconvenient Truth
Malware on Smartphones and Tablets: The Inconvenient TruthIBM Security
 
WEBINAR - August 9, 2016: New Legal Requirements for Mobile Security
WEBINAR - August 9, 2016: New Legal Requirements for Mobile SecurityWEBINAR - August 9, 2016: New Legal Requirements for Mobile Security
WEBINAR - August 9, 2016: New Legal Requirements for Mobile SecurityMobileIron
 
SecurityWhitepaper 7-1-2015
SecurityWhitepaper 7-1-2015SecurityWhitepaper 7-1-2015
SecurityWhitepaper 7-1-2015Francisco Anes
 
Compliance is a pit stop – your destination lies ahead
Compliance is a pit stop – your destination lies aheadCompliance is a pit stop – your destination lies ahead
Compliance is a pit stop – your destination lies aheadIBM Security
 
Smarter Commerce Summit - IBM MobileFirst Services
Smarter Commerce Summit - IBM MobileFirst ServicesSmarter Commerce Summit - IBM MobileFirst Services
Smarter Commerce Summit - IBM MobileFirst ServicesChris Pepin
 
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection SuiteThe Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection SuiteIBM Security
 
IBM Security Portfolio - 2015
IBM Security Portfolio - 2015IBM Security Portfolio - 2015
IBM Security Portfolio - 2015IBM Thailand Co Ltd
 
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...IBM Security
 
Recent ECB/ EBA regulations how they will impact European banks in 2016
Recent ECB/ EBA regulations how they will impact European banks in 2016Recent ECB/ EBA regulations how they will impact European banks in 2016
Recent ECB/ EBA regulations how they will impact European banks in 2016IBM Security
 
Bring Your Own Device (BYOD)
Bring Your Own Device (BYOD)Bring Your Own Device (BYOD)
Bring Your Own Device (BYOD)Murray Security Services
 
Top 12 Cybersecurity Predictions for 2017
Top 12 Cybersecurity Predictions for 2017Top 12 Cybersecurity Predictions for 2017
Top 12 Cybersecurity Predictions for 2017IBM Security
 
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow itCloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow itIBM Security
 
DSS @CERT.LV_ISACA_2013_Conference - IBM X Force Report 2013
DSS @CERT.LV_ISACA_2013_Conference - IBM X Force Report 2013DSS @CERT.LV_ISACA_2013_Conference - IBM X Force Report 2013
DSS @CERT.LV_ISACA_2013_Conference - IBM X Force Report 2013Andris Soroka
 
Pulse 2013 - How to run a successful BYOD initiative
Pulse 2013 - How to run a successful BYOD initiativePulse 2013 - How to run a successful BYOD initiative
Pulse 2013 - How to run a successful BYOD initiativeChris Pepin
 
QRadar & XGS: Stopping Attacks with a Click of the Mouse
QRadar & XGS: Stopping Attacks with a Click of the MouseQRadar & XGS: Stopping Attacks with a Click of the Mouse
QRadar & XGS: Stopping Attacks with a Click of the MouseIBM Security
 
IBM Mobile Analyzer Saves the Day
IBM Mobile Analyzer Saves the DayIBM Mobile Analyzer Saves the Day
IBM Mobile Analyzer Saves the DayIBM Security
 
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest LinkSecuring Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest LinkIBM Security
 
MaaS360 with Watson
MaaS360 with WatsonMaaS360 with Watson
MaaS360 with WatsonSylvia Low
 
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...IBM Security
 
The 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach StudyThe 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach StudyIBM Security
 
2015 Mobile Security Trends: Are You Ready?
2015 Mobile Security Trends: Are You Ready?2015 Mobile Security Trends: Are You Ready?
2015 Mobile Security Trends: Are You Ready?IBM Security
 
Mobile Security for Smartphones and Tablets
Mobile Security for Smartphones and TabletsMobile Security for Smartphones and Tablets
Mobile Security for Smartphones and TabletsVince Verbeke
 
See How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile MetricsSee How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile MetricsIBM Security
 
Segurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSegurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSantiago Cavanna
 
Mitigate attacks with IBM BigFix and Q-Radar
Mitigate attacks with IBM BigFix and Q-RadarMitigate attacks with IBM BigFix and Q-Radar
Mitigate attacks with IBM BigFix and Q-RadarFrancisco González Jiménez
 
Groupon: 1,000 Contracts a Day on Adobe EchoSign
Groupon: 1,000 Contracts a Day on Adobe EchoSignGroupon: 1,000 Contracts a Day on Adobe EchoSign
Groupon: 1,000 Contracts a Day on Adobe EchoSignJason M. Lemkin
 

More Related Content

What's hot

Smarter Commerce Summit - IBM MobileFirst Services
Smarter Commerce Summit - IBM MobileFirst ServicesSmarter Commerce Summit - IBM MobileFirst Services
Smarter Commerce Summit - IBM MobileFirst ServicesChris Pepin
 
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection SuiteThe Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection SuiteIBM Security
 
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...IBM Security
 
Recent ECB/ EBA regulations how they will impact European banks in 2016
Recent ECB/ EBA regulations how they will impact European banks in 2016Recent ECB/ EBA regulations how they will impact European banks in 2016
Recent ECB/ EBA regulations how they will impact European banks in 2016IBM Security
 
Top 12 Cybersecurity Predictions for 2017
Top 12 Cybersecurity Predictions for 2017Top 12 Cybersecurity Predictions for 2017
Top 12 Cybersecurity Predictions for 2017IBM Security
 
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow itCloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow itIBM Security
 
DSS @CERT.LV_ISACA_2013_Conference - IBM X Force Report 2013
DSS @CERT.LV_ISACA_2013_Conference - IBM X Force Report 2013DSS @CERT.LV_ISACA_2013_Conference - IBM X Force Report 2013
DSS @CERT.LV_ISACA_2013_Conference - IBM X Force Report 2013Andris Soroka
 
Pulse 2013 - How to run a successful BYOD initiative
Pulse 2013 - How to run a successful BYOD initiativePulse 2013 - How to run a successful BYOD initiative
Pulse 2013 - How to run a successful BYOD initiativeChris Pepin
 
QRadar & XGS: Stopping Attacks with a Click of the Mouse
QRadar & XGS: Stopping Attacks with a Click of the MouseQRadar & XGS: Stopping Attacks with a Click of the Mouse
QRadar & XGS: Stopping Attacks with a Click of the MouseIBM Security
 
IBM Mobile Analyzer Saves the Day
IBM Mobile Analyzer Saves the DayIBM Mobile Analyzer Saves the Day
IBM Mobile Analyzer Saves the DayIBM Security
 
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest LinkSecuring Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest LinkIBM Security
 
MaaS360 with Watson
MaaS360 with WatsonMaaS360 with Watson
MaaS360 with WatsonSylvia Low
 
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...IBM Security
 
The 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach StudyThe 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach StudyIBM Security
 
2015 Mobile Security Trends: Are You Ready?
2015 Mobile Security Trends: Are You Ready?2015 Mobile Security Trends: Are You Ready?
2015 Mobile Security Trends: Are You Ready?IBM Security
 
Mobile Security for Smartphones and Tablets
Mobile Security for Smartphones and TabletsMobile Security for Smartphones and Tablets
Mobile Security for Smartphones and TabletsVince Verbeke
 
See How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile MetricsSee How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile MetricsIBM Security
 
Segurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSegurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSantiago Cavanna
 

What's hot (20)

Smarter Commerce Summit - IBM MobileFirst Services
Smarter Commerce Summit - IBM MobileFirst ServicesSmarter Commerce Summit - IBM MobileFirst Services
Smarter Commerce Summit - IBM MobileFirst Services
 
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection SuiteThe Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
 
IBM Security Portfolio - 2015
IBM Security Portfolio - 2015IBM Security Portfolio - 2015
IBM Security Portfolio - 2015
 
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
 
Recent ECB/ EBA regulations how they will impact European banks in 2016
Recent ECB/ EBA regulations how they will impact European banks in 2016Recent ECB/ EBA regulations how they will impact European banks in 2016
Recent ECB/ EBA regulations how they will impact European banks in 2016
 
Bring Your Own Device (BYOD)
Bring Your Own Device (BYOD)Bring Your Own Device (BYOD)
Bring Your Own Device (BYOD)
 
Top 12 Cybersecurity Predictions for 2017
Top 12 Cybersecurity Predictions for 2017Top 12 Cybersecurity Predictions for 2017
Top 12 Cybersecurity Predictions for 2017
 
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow itCloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
 
DSS @CERT.LV_ISACA_2013_Conference - IBM X Force Report 2013
DSS @CERT.LV_ISACA_2013_Conference - IBM X Force Report 2013DSS @CERT.LV_ISACA_2013_Conference - IBM X Force Report 2013
DSS @CERT.LV_ISACA_2013_Conference - IBM X Force Report 2013
 
Pulse 2013 - How to run a successful BYOD initiative
Pulse 2013 - How to run a successful BYOD initiativePulse 2013 - How to run a successful BYOD initiative
Pulse 2013 - How to run a successful BYOD initiative
 
QRadar & XGS: Stopping Attacks with a Click of the Mouse
QRadar & XGS: Stopping Attacks with a Click of the MouseQRadar & XGS: Stopping Attacks with a Click of the Mouse
QRadar & XGS: Stopping Attacks with a Click of the Mouse
 
IBM Mobile Analyzer Saves the Day
IBM Mobile Analyzer Saves the DayIBM Mobile Analyzer Saves the Day
IBM Mobile Analyzer Saves the Day
 
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest LinkSecuring Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
Securing Mobile Banking Apps - You Are Only as Strong as Your Weakest Link
 
MaaS360 with Watson
MaaS360 with WatsonMaaS360 with Watson
MaaS360 with Watson
 
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
 
The 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach StudyThe 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach Study
 
2015 Mobile Security Trends: Are You Ready?
2015 Mobile Security Trends: Are You Ready?2015 Mobile Security Trends: Are You Ready?
2015 Mobile Security Trends: Are You Ready?
 
Mobile Security for Smartphones and Tablets
Mobile Security for Smartphones and TabletsMobile Security for Smartphones and Tablets
Mobile Security for Smartphones and Tablets
 
See How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile MetricsSee How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile Metrics
 
Segurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSegurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago Cavanna
 

Viewers also liked

Groupon: 1,000 Contracts a Day on Adobe EchoSign
Groupon: 1,000 Contracts a Day on Adobe EchoSignGroupon: 1,000 Contracts a Day on Adobe EchoSign
Groupon: 1,000 Contracts a Day on Adobe EchoSignJason M. Lemkin
 
E-Signatures: The Who, The When, The Where, The Why, The How
E-Signatures: The Who, The When, The Where, The Why, The HowE-Signatures: The Who, The When, The Where, The Why, The How
E-Signatures: The Who, The When, The Where, The Why, The HowJason M. Lemkin
 
Groupon E-Signing in the Cloud with EchoSign from Adobe
Groupon E-Signing in the Cloud with EchoSign from AdobeGroupon E-Signing in the Cloud with EchoSign from Adobe
Groupon E-Signing in the Cloud with EchoSign from AdobeJason M. Lemkin
 
EchoSign E-Signature Winter '11 Release and New Features
EchoSign E-Signature Winter '11 Release and New FeaturesEchoSign E-Signature Winter '11 Release and New Features
EchoSign E-Signature Winter '11 Release and New FeaturesJason M. Lemkin
 
RSA: CSA GRC Stack Update for the CSA Atlanta Chapter
RSA: CSA GRC Stack Update for the CSA Atlanta ChapterRSA: CSA GRC Stack Update for the CSA Atlanta Chapter
RSA: CSA GRC Stack Update for the CSA Atlanta ChapterPhil Agcaoili
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM
 

Viewers also liked (7)

Mitigate attacks with IBM BigFix and Q-Radar
Mitigate attacks with IBM BigFix and Q-RadarMitigate attacks with IBM BigFix and Q-Radar
Mitigate attacks with IBM BigFix and Q-Radar
 
Groupon: 1,000 Contracts a Day on Adobe EchoSign
Groupon: 1,000 Contracts a Day on Adobe EchoSignGroupon: 1,000 Contracts a Day on Adobe EchoSign
Groupon: 1,000 Contracts a Day on Adobe EchoSign
 
E-Signatures: The Who, The When, The Where, The Why, The How
E-Signatures: The Who, The When, The Where, The Why, The HowE-Signatures: The Who, The When, The Where, The Why, The How
E-Signatures: The Who, The When, The Where, The Why, The How
 
Groupon E-Signing in the Cloud with EchoSign from Adobe
Groupon E-Signing in the Cloud with EchoSign from AdobeGroupon E-Signing in the Cloud with EchoSign from Adobe
Groupon E-Signing in the Cloud with EchoSign from Adobe
 
EchoSign E-Signature Winter '11 Release and New Features
EchoSign E-Signature Winter '11 Release and New FeaturesEchoSign E-Signature Winter '11 Release and New Features
EchoSign E-Signature Winter '11 Release and New Features
 
RSA: CSA GRC Stack Update for the CSA Atlanta Chapter
RSA: CSA GRC Stack Update for the CSA Atlanta ChapterRSA: CSA GRC Stack Update for the CSA Atlanta Chapter
RSA: CSA GRC Stack Update for the CSA Atlanta Chapter
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future
 

Similar to Rochester Security Event

Security Trends and Risk Mitigation for the Public Sector
Security Trends and Risk Mitigation for the Public SectorSecurity Trends and Risk Mitigation for the Public Sector
Security Trends and Risk Mitigation for the Public SectorIBMGovernmentCA
 
MDM is not Enough - Parmelee
MDM is not Enough - Parmelee MDM is not Enough - Parmelee
MDM is not Enough - Parmelee Prolifics
 
IT Security Bedrohungen optimal abwehren_Tom Turner und Andreas Wespi
IT Security Bedrohungen optimal abwehren_Tom Turner und Andreas WespiIT Security Bedrohungen optimal abwehren_Tom Turner und Andreas Wespi
IT Security Bedrohungen optimal abwehren_Tom Turner und Andreas WespiIBM Switzerland
 
Ibm fiberlink analyst presentation nov 13 final
Ibm fiberlink analyst presentation nov 13 finalIbm fiberlink analyst presentation nov 13 final
Ibm fiberlink analyst presentation nov 13 finalCleophas Kipruto
 
IBM - IAM Security and Trends
IBM - IAM Security and TrendsIBM - IAM Security and Trends
IBM - IAM Security and TrendsIBM Sverige
 
IBM security systems overview v1.0 - rohit nagarajan
IBM security systems overview v1.0 - rohit nagarajanIBM security systems overview v1.0 - rohit nagarajan
IBM security systems overview v1.0 - rohit nagarajanShwetank Jayaswal
 
Cloud Security: What you need to know about IBM SmartCloud Security
Cloud Security: What you need to know about IBM SmartCloud SecurityCloud Security: What you need to know about IBM SmartCloud Security
Cloud Security: What you need to know about IBM SmartCloud SecurityIBM Security
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec
 
IBM Announce Intent to Acquire Fiberlink Analyst Presentation
IBM Announce Intent to Acquire Fiberlink Analyst PresentationIBM Announce Intent to Acquire Fiberlink Analyst Presentation
IBM Announce Intent to Acquire Fiberlink Analyst PresentationRon Favali
 
5 reasons your iam solution will fail
5 reasons your iam solution will fail5 reasons your iam solution will fail
5 reasons your iam solution will failIBM Security
 
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9UISGCON
 
Zimperium - Technology Briefing
Zimperium - Technology BriefingZimperium - Technology Briefing
Zimperium - Technology BriefingJake Leonard
 
IBM Partner Jam - 10th April 2013
IBM Partner Jam - 10th April 2013IBM Partner Jam - 10th April 2013
IBM Partner Jam - 10th April 2013Arrow ECS UK
 
Mobile trends and academic opportunities presented at Strathmore and JKUAT Un...
Mobile trends and academic opportunities presented at Strathmore and JKUAT Un...Mobile trends and academic opportunities presented at Strathmore and JKUAT Un...
Mobile trends and academic opportunities presented at Strathmore and JKUAT Un...Jeremy Siewert
 
Pulse 2014.mobile first.security
Pulse 2014.mobile first.securityPulse 2014.mobile first.security
Pulse 2014.mobile first.securitySreeni Pamidala
 
In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...
In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...
In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...IBM Security
 
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...Minh Le
 
Améliorer la productivité des employés et se protéger contre les menaces ...
Améliorer la productivité des employés et se protéger contre les menaces ...Améliorer la productivité des employés et se protéger contre les menaces ...
Améliorer la productivité des employés et se protéger contre les menaces ...AGILLY
 

Similar to Rochester Security Event (20)

Security Trends and Risk Mitigation for the Public Sector
Security Trends and Risk Mitigation for the Public SectorSecurity Trends and Risk Mitigation for the Public Sector
Security Trends and Risk Mitigation for the Public Sector
 
MDM is not Enough - Parmelee
MDM is not Enough - Parmelee MDM is not Enough - Parmelee
MDM is not Enough - Parmelee
 
IT Security Bedrohungen optimal abwehren_Tom Turner und Andreas Wespi
IT Security Bedrohungen optimal abwehren_Tom Turner und Andreas WespiIT Security Bedrohungen optimal abwehren_Tom Turner und Andreas Wespi
IT Security Bedrohungen optimal abwehren_Tom Turner und Andreas Wespi
 
Ibm fiberlink analyst presentation nov 13 final
Ibm fiberlink analyst presentation nov 13 finalIbm fiberlink analyst presentation nov 13 final
Ibm fiberlink analyst presentation nov 13 final
 
IBM - IAM Security and Trends
IBM - IAM Security and TrendsIBM - IAM Security and Trends
IBM - IAM Security and Trends
 
IBM security systems overview v1.0 - rohit nagarajan
IBM security systems overview v1.0 - rohit nagarajanIBM security systems overview v1.0 - rohit nagarajan
IBM security systems overview v1.0 - rohit nagarajan
 
Cloud Security: What you need to know about IBM SmartCloud Security
Cloud Security: What you need to know about IBM SmartCloud SecurityCloud Security: What you need to know about IBM SmartCloud Security
Cloud Security: What you need to know about IBM SmartCloud Security
 
IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security Webinar
 
IBM Announce Intent to Acquire Fiberlink Analyst Presentation
IBM Announce Intent to Acquire Fiberlink Analyst PresentationIBM Announce Intent to Acquire Fiberlink Analyst Presentation
IBM Announce Intent to Acquire Fiberlink Analyst Presentation
 
5 reasons your iam solution will fail
5 reasons your iam solution will fail5 reasons your iam solution will fail
5 reasons your iam solution will fail
 
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
 
Protecting the "Crown Jewels" by Henrik Bodskov, IBM
Protecting the "Crown Jewels" by Henrik Bodskov, IBMProtecting the "Crown Jewels" by Henrik Bodskov, IBM
Protecting the "Crown Jewels" by Henrik Bodskov, IBM
 
Zimperium - Technology Briefing
Zimperium - Technology BriefingZimperium - Technology Briefing
Zimperium - Technology Briefing
 
IBM Partner Jam - 10th April 2013
IBM Partner Jam - 10th April 2013IBM Partner Jam - 10th April 2013
IBM Partner Jam - 10th April 2013
 
Mobile trends and academic opportunities presented at Strathmore and JKUAT Un...
Mobile trends and academic opportunities presented at Strathmore and JKUAT Un...Mobile trends and academic opportunities presented at Strathmore and JKUAT Un...
Mobile trends and academic opportunities presented at Strathmore and JKUAT Un...
 
Pulse 2014.mobile first.security
Pulse 2014.mobile first.securityPulse 2014.mobile first.security
Pulse 2014.mobile first.security
 
In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...
In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...
In Today's Complex Multi Perimeter World, Are You Doing Enough to Secure Acce...
 
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
 
Améliorer la productivité des employés et se protéger contre les menaces ...
Améliorer la productivité des employés et se protéger contre les menaces ...Améliorer la productivité des employés et se protéger contre les menaces ...
Améliorer la productivité des employés et se protéger contre les menaces ...
 

Recently uploaded

A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Principled Technologies
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024SynarionITSolutions
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024The Digital Insurer
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 

Recently uploaded (20)

A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 

Rochester Security Event

  • 1. 2013 Information Security Risks Year-End Review Caleb Barlow Director – IBM Application, Data, Mobile, Critical Infrastructure Security www.facebook.com/barlow.caleb www.youtube.com/calebbarlow
  • 2. 2 © 2013 IBM Corporation
  • 3. Threat landscape is growing fast In 2000 In 2012 361the Internet million people using 5.8% of the world’s population 3 2.67 billion people using the Internet 33% of the world’s population © 2013 IBM Corporation
  • 4. …. and becoming Mobile In 2000 720 million mobile subscribers worldwide 12% of the world’s population 4 In 2012 6 billion worldwide mobile subscribers 87% population of the world’s © 2013 IBM Corporation
  • 5. Innovative technology changes everything 1 trillion connected objects Social business 5 1 billion mobile workers Cloud and virtualization Bring your own IT © 2013 IBM Corporation
  • 6. QR Codes §  QR Code can contain a URL to download malware §  The malware can then send SMS messages to a premium rate number (US $6 per message) •  Samsung Galaxy S3 can be reset from a QR Code wiping all data •  Google Glass vulnerability identified by Lookout Security 6 © 2013 IBM Corporation
  • 7. How do Mobile Applications treat you? 7 © 2013 IBM Corporation
  • 8. 8 © 2013 IBM Corporation
  • 9. Motivation and sophistication is evolving rapidly Nation-state actors, APTs Stuxnet, Aurora, APT-1 MOTIVATION National Security, Economic Espionage Hacktivists Lulzsec, Anonymous Notoriety, Activism, Defamation Monetary Gain Nuisance, Curiosity Organized crime Zeus, ZeroAccess, Blackhole Exploit Pack Insiders, Spammers, Script-kiddies Nigerian 419 Scams, Code Red SOPHISTICATION 9 © 2013 IBM Corporation
  • 10. X-Force Trend and Risk Report Crawler •  Over 1000 CPUs scanning the Internet 24x7 Darknet and Honeypots •  Capturing information from virgin IP addresses SpamTrap •  Obtains Spam IPs and samples Managed Services •  15B security events a day across 133 countries and over 20,000 devices under contract 10 © 2013 IBM Corporation
  • 11. 11 Source: IBM X-Force® Research 2013 Trend and Risk Report © 2013 IBM Corporation
  • 12. 2012 Sampling of Security Incidents by Attack Type, Time and Impact Conjecture of relative breach impact is based on publicly disclosed information regarding leaked records and financial losses 12 Source: IBM X-Force® Research 2013 Trend and Risk Report © 2013 IBM Corporation
  • 13. Security Incidents in the first half of © 2013 IBM Corporation
  • 14. still reliable for breaching databases of tracked disclosed breaches Low risk / high reward §  Old CMS installations §  CMS Plugins §  Forum software §  Other popular 3rd party scripts © 2013 IBM Corporation
  • 15. continue to disrupt businesses High traffic volume as much as Industries affected: §  Banks §  Governments §  DNS Providers © 2013 IBM Corporation
  • 16. attacks compromise end user trust Tainting legitimate sites with zero-day exploits Targeting Savvy Users §  Tech company developers §  Government Employees §  Unsuspecting viewers of trusted sites © 2013 IBM Corporation
  • 17. foreign branch or local language sites tarnish brands Global brands targeted in foreign countries outside of home office Attackers rely on §  Lower security on local language sites §  Temporary micro-sites which gather user data §  Tarnish brands with path of least resistance © 2013 IBM Corporation
  • 18. countries most impacted by security incidents The United States most reported breach target location Taiwan was targeted in several foreign branch security incidents © 2013 IBM Corporation
  • 19. has become a new playground for attackers Social Media top target for attacks and mobile devices are expanding those targets -  Pre-attack intelligence gathering -  Criminals selling accounts -  Campaigns enticing user to click on malicious links © 2013 IBM Corporation
  • 20. 20 © 2013 IBM Corporation
  • 23. Your security team sees noise 23 © 2013 IBM Corporation
  • 24. Security challenges are a complex, four-dimensional puzzle People Employees Outsourcers Attackers Consultants Suppliers Customers Partners Data Structured Unstructured At rest In motion Applications Systems Applications Web Applications Web 2.0 Mobile Applications Infrastructure Datacenters PCs Laptops Mobile Cloud Non-traditional …that requires a new approach © 2013 IBM Corporation
  • 25. …that requires a new approach Then Now Administration Insight Data Basiccontrol Laserfocused Applications Bolt-on Built-in Infrastructure Thicker walls Smarter defenses People Collect and Analyze Everything 25 © 2013 IBM Corporation
  • 26. A change in mindset is already happening 26 © 2013 IBM Corporation
  • 27. Monitor Everything 27 © 2013 IBM Corporation
  • 28. Consume Threat Intelligence 28 © 2013 IBM Corporation
  • 29. Integrate Across Domains 29 © 2013 IBM Corporation
  • 32. A comprehensive portfolio of products and services across all domains 32 © 2013 IBM Corporation
  • 33. With Fiberlink, only IBM will provide the full spectrum of mobile management and security needs Requirements for Mobile Management and Security: Business Span of Control High Corporate Owned Assets Employees w/BYOD Task/Temp Workers Business Partners Low Consumer Transactions Solution Approaches: Mobile Device Management Containers – App Wrapping and SDKs Secure Transactions IBM / Fiberlink Offerings: IBM Security Access Manager for Mobile Planned Integration Points: •  SDKs will be packaged in Worklight IDE so all apps can be secured (IBM Worklight) •  Security information and events will feed into QRadar for analysis and actions will return to mobile tools (IBM QRadar) •  Code scans will be integrated into the process before apps are deployed into app store/catalog (IBM AppScan) 33 © 2013 IBM Corporation
  • 34. Mobile Security Framework Personal Secure the Application Trusted Transactions Mobile Access Mgmt Identity Federation Application Level VPN Secure API Connectivity Malware & Fraud Detection Device & Location Risk Account Takeover Jailbreak w Device Rooted Security Intelligence SIEM Threat Research Enterprise Applications iOS / Android Static Scanning Worklight Mobile IDE Experience Management Tamper Proofing *partner Enterprise Container Cloud Services Secure the Device Enroll w Configurew Monitor Provision w Wipe w Fingerprint
  • 35. Who is Fiberlink? §  Founded in 1991, Fiberlink has built expertise in delivering mobile management and security services as a service §  Headquartered in Blue Bell, PA §  Provides Mobile Device Management, Mobile Application Management, Enterprise Container with SDK and App-Wrapping, Secure Document Sharing and Mobile Expense Management as a Service helping enterprises connect, control and secure mobile devices to gain competitive advantage, increase employee productivity, and implement proper security measures §  Industry leading and award winning §  Cloud-based mobility management platform §  Seamless integration with existing enterprise systems §  Broad range of mobile OS support §  Robust policies for Bring Your Own Device (BYOD) security and privacy §  3500+ clients §  Marquee financial, healthcare, public sector, education, and retail customers §  Delivering value to enterprises of all sizes: small to large 35 © 2013 IBM Corporation
  • 36. Industry analysts rank IBM Security as leading the market Security Analyst Report Rankings Domain Security Intelligence Market Segment / Report Security Information and Event Management (SIEM) Identity and Access Governance Gartner Magic Quadrant User Provisioning and Administration Leader 2013 2011 Challenger 2013 Strong Performer 2013 Leader 2013 Contender 2011 Leader 2013 MarketScope Leader Database Auditing and Real-Time Protection Data Leader 2013 Role Management and Access Recertification Web Access Management (WAM) IDC Market Share Leader Identity and Access Management Suites People Forrester Wave 2011 Data Masking Applications Leader Application Security Testing (dynamic and static) Leader Leader 2013 2013 Network Intrusion Prevention Systems (NIPS) Infrastructure EndPoint Protection Platforms (EPP) Managed Security Services (MSS) Services Information Security Consulting Services 2013 Challenger 2012 Visionary Strong Performer 2013 2013 Leader Leader 2012 2012 Leader 2013 No report available Note: Rankings compiled from latest available analyst reports as of September, 2013 36 © 2013 IBM Corporation
  • 37. Chief Information Security Officers: 2013 IBM CISO Study Formalize your role as a CISO Establish a security strategy Focus on overall risk Develop effective business relations - build trust, share information, meet with the Csuite and board Invest in advanced technology when it meets a business need Fortify your mobile security Track risk to brand reputation and customer satisfaction Integrate metrics “Strategic vision… Global consistency… Lots of communication… speak business value, understand risk… minimize the impact… be on the bleeding edge…”© 2013 IBM Corporation IBM Confidential 37
  • 38. Trusteer Advanced Fraud and Malware Protection Helping to protect against financial fraud and advanced security threats Among the capabilities Trusteer brings to IBMs security portfolio: Web Fraud Protection Leading web fraud capabilities for financial services and web commerce Secure Mobile Transactions Embedded security for mobile devices and applications helps enables secure transactions from devices to the back office Extended Advanced Threat Protection Unique endpoint solution for identifying and protecting against Advanced Persistent Threats 38 Security-as-a-Service Cloud based deployment enabling rapid and real-time updates © 2013 IBM Corporation
  • 39. About  Trusteer   Global   Hundreds  of  Customers     100,000,000  Endpoints   Financial  Fraud  Preven;on   Solu;ons   Advanced  Threat   Protec;on   Intelligence   Technology   Leader   ©  Trusteer  2013   Leading  Global  Organiza;ons  Put   Their  TRUST  In  Us   7/10   Top  US  Banks     4/5   Top  Canadian  Banks   9/10   Top  UK  Banks   Major   European  Banks   Exper;se   39  
  • 40. Malware  and  Phishing   Common  threat  to  online  channels  &  internal  systems   Social   Engineering   (Phishing)   Vulnerability   Exploit     Malware   Infec;on   Fraud   Scheme   Execu;on   Data   Exfiltra;on   Three Losing Battles Money   Loss   Enterprise   Breach   Two Major Impacts •  Humans will always make mistakes Widespread  Fraud   •  System and application vulnerabilities continue to emerge •  $3.4B  est  lost  to  online  fraud  in  20121   Advanced  Threats  and  Breaches   •  85%  of  breaches  go  undetected2   1JPMorgan: 2012 Online Fraud Report , 2Gartner: 2290415, •  $8.9M  average  cost  of  cyber-­‐aDacks3   3 •  Malware detection will always lag ©  Trusteer  2013   Ponemon Institute: 2012 Cost of Cybercrime Report: US
  • 41. The  Specific  Problems  Trusteer  Solves   Online  Banking   Account  Takeover,   New  Account  Fraud   Phishing    and   Malware  Fraud   Mobile  Fraud  Risk   WWW   Advanced  Threats   (Employees)   Wire,  ACH,  Internal  Apps   ©  Trusteer  2013  
  • 42. Trusteer  Solu;ons     Trusteer  Pinpoint   Malware  Detec;on   Phishing    and   Malware  Fraud   Trusteer   Rapport   Trusteer  Mobile  Risk   Engine   Trusteer   Mobile  SDK/ APP   Mobile  Fraud  Risk   WWW   Trusteer  Apex   Advanced  Threats   (Employees)   Wire,  ACH,  Internal  Apps   ©  Trusteer  2013   Trusteer  Pinpoint   Account  Takeover   (ATO)  Detec;on   Online  Banking   Account  Takeover,   New  Account  Fraud  
  • 43. Your security team sees… © 2013 IBM Corporation
  • 44. Clarity… © 2013 IBM Corporation
  • 45. Insights… © 2013 IBM Corporation
  • 46. Everything © 2013 IBM Corporation
  • 48. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. © Copyright IBM Corporation 2012. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. © 2013 IBM Corporation