ENHANCING YOUR ORGANIZATION'S SECURITY IQ
TO

MEET EMERGING THREATS & NEW REALITIES

Vijay Dheap
Global Product Manager, M...
Welcome to a Not So Friendly Cyber World…

Biggest Bank Heist in History Nets $45Million
All without setting foot in a Ban...
Trends in Security…Attacker Focus & Sophistication
Playing Defense…
Traditional Approach to Security Predicated on a Defensive Mindset
 Assumes explicit organizational peri...
Business Change is Coming…If Not Already Here
Enterprises are Undergoing Dynamic Transformations

The Organization’s Cyber...
Confidential – for division executives only
IBM Security Strategy

Closer Look: Tackling Mobile Security Challenges

6 IBM...
Mobile Security Challenges…

Mobile Threats
Focused on
Mobile Risk Drivers…
Organizations facing an in-flux of mobile devices onto corporate networks
require greater visibility ...
Devising a Mobile Security Strategy

Device Security

Network, Data,
and Access Security

Application Layer
Security

Secu...
Need for Intelligence…

Targeted attacks at individuals,
organizations or specific regions are
growing in sophistication a...
Confidential – for division executives only
IBM Security Strategy

Be Aware & Be Proactive

11 IBM Confidential

© 2011 IB...
Business Drivers for Security Intelligence
Defend the
Brand

Avoid Loss of
Intellectual
Property

Maintain
Compliance with...
Achieving Security Intelligence…

Visibility across organizational security systems to improve response times and
incorpor...
Evolution of Security Intelligence
 Initial Visibility
 Facilitates Compliance
 Attackers adapt not to leave a trace

...
Optimize Your Security Posture…
Security Intelligence:
Information and event management
Advanced correlation and deep anal...
Upcoming SlideShare
Loading in …5
×

Enhancing your Organization's Security IQ to Meet Emerging Threats & New Realities - Security - IBM Smarter Business 2013

771 views

Published on

Organizations today are faced with a broad set of opportunities and competitive challenges due to dynamic technological change. Mobile computing, Social Business and Cloud-based solutions promise significant business and operational potential. But as organizations pursue these initiatives they extend their threat surface areas. New risks and challenges arise that requires the organization to take a more proactive approach to their security posture. They need to improve their security intelligence not only to gain better visibility but also avoid becoming overwhelmed by unqualified security incidents. In this session we will discuss how an organization can enhance their security IQ to deal with new security realities.
Presenter: Vijay Dheap, Global Solutions Manager - Big Data Security Intelligence and Mobile Security.
Mer från dagen på http://bit.ly/sb13se

Published in: Business, Technology
  • Be the first to comment

  • Be the first to like this

Enhancing your Organization's Security IQ to Meet Emerging Threats & New Realities - Security - IBM Smarter Business 2013

  1. 1. ENHANCING YOUR ORGANIZATION'S SECURITY IQ TO MEET EMERGING THREATS & NEW REALITIES Vijay Dheap Global Product Manager, Master Inventor Big Data Security Intelligence & Mobile Security vdheap@us.ibm.com © 2013 IBM Corporation
  2. 2. Welcome to a Not So Friendly Cyber World… Biggest Bank Heist in History Nets $45Million All without setting foot in a Bank… CYBER ESPIONAGE VIA SOCIAL NETWORKING SITES TARGET: US DOD OFFICIALS Hidden Malware Steals 3000 Confidential Documents – Japanese Ministry
  3. 3. Trends in Security…Attacker Focus & Sophistication
  4. 4. Playing Defense… Traditional Approach to Security Predicated on a Defensive Mindset  Assumes explicit organizational perimeter  Optimized for combating external threats  Presumes standardization mitigates risk  Dependent on general awareness of attack methodologies  Requires monitoring and control of traffic flows Origins of Security Intelligence Layered Defenses Essential for Good Security Hygiene and Addressing Traditional Security Threats…but attackers adapting too
  5. 5. Business Change is Coming…If Not Already Here Enterprises are Undergoing Dynamic Transformations The Organization’s Cyber Perimeter is Being Blurred…It can no longer be assumed
  6. 6. Confidential – for division executives only IBM Security Strategy Closer Look: Tackling Mobile Security Challenges 6 IBM Confidential © 2011 IBM Corporation
  7. 7. Mobile Security Challenges… Mobile Threats Focused on
  8. 8. Mobile Risk Drivers… Organizations facing an in-flux of mobile devices onto corporate networks require greater visibility to better manage and mitigate security risk Unregistered Devices Malicious Data/Traffic Risk Drivers Unsanctioned Access Data Leakage
  9. 9. Devising a Mobile Security Strategy Device Security Network, Data, and Access Security Application Layer Security Security for endpoint device and data Achieve visibility and adaptive security policies Security for Mobile Apps
  10. 10. Need for Intelligence… Targeted attacks at individuals, organizations or specific regions are growing in sophistication and frequency Emerging threats are evolving, and new sets of vulnerabilities being uncovered The development of counter measures is inhibited by a lack of awareness of the attack since it may require monitoring across various security solutions Increased governmental regulation and competitive pressures The penalties for security breaches are not only monetarily expensive but it could result in the loss of trust relationships with customers, partners and employees The dynamic mobile ecosystem is inherently social and consumer oriented with each new capability introducing new interaction mechanisms User behavior deemed risky from an enterprise security perspective might be practiced without awareness
  11. 11. Confidential – for division executives only IBM Security Strategy Be Aware & Be Proactive 11 IBM Confidential © 2011 IBM Corporation
  12. 12. Business Drivers for Security Intelligence Defend the Brand Avoid Loss of Intellectual Property Maintain Compliance with Government Regulations Mitigate Fraud Safeguard Trust Relationships
  13. 13. Achieving Security Intelligence… Visibility across organizational security systems to improve response times and incorporate adaptability/flexibility required for early detection of threats or risky behaviors
  14. 14. Evolution of Security Intelligence  Initial Visibility  Facilitates Compliance  Attackers adapt not to leave a trace  Network Does Not Lie  Greater Coverage across organization  Attackers adapt to hide in the noise SIEM …other relevant data  Filters out the noise, improves incident and offense identification  Proactive to detect targeted and zero-day attacks  Needs scalability to add more data sources and extensibility to support additional security analytics Security Intelligence
  15. 15. Optimize Your Security Posture… Security Intelligence: Information and event management Advanced correlation and deep analytics External threat research Security Intelligence Optimized Role based analytics Identity governance Data flow analytics Privileged user controls Data governance User provisioning Proficient Access mgmt Strong authentication Basic Centralized directory People Secure app engineering processes Fraud detection Access monitoring Data loss prevention Encryption Access control Data Application firewall Source code scanning Application scanning Applications Advanced network monitoring Forensics / data mining Secure systems Virtualization security Asset mgmt Endpoint / network security management Perimeter security Anti-virus Infrastructure

×