© 2012 IBM CorporationIBM Security Systems1© 2012 IBM CorporationIBM Security SystemsRohit NagarajanStrategy and Business ...
© 2013 IBM CorporationIBM Security Systems2AgendaWHYis this attending this session a good investment of your timeWHATare t...
© 2012 IBM CorporationIBM Security Systems3 IBM Security Systems137,400,000
© 2012 IBM CorporationIBM Security Systems4 IBM Security Systems…Number of cyber-attackswitnessed by IBM in 2012
© 2012 IBM CorporationIBM Security Systems5 IBM Security SystemsMost Attacked Industries
© 2012 IBM CorporationIBM Security Systems6 IBM Security Systems
© 2013 IBM CorporationIBM Security Systems7Who’s attacking you?NationalSecurityNation-stateactorsStuxnetEspionage,Activism...
© 2013 IBM CorporationIBM Security Systems8Fingers are being pointed…
© 2013 IBM CorporationIBM Security Systems9
© 2013 IBM CorporationIBM Security Systems10 © 2013 IBM Corporation10Why should you beconcerned?
© 2012 IBM CorporationIBM Security Systems11 IBM Security Systems2011: “The year of the targeted attack”Source: IBM X-Forc...
© 2012 IBM CorporationIBM Security Systems12 IBM Security Systems2012: The explosion of breaches continues!Source: IBM X-F...
© 2013 IBM CorporationIBM Security Systems13 IBM Security SystemsPlenty of proof points amongst your peers
© 2013 IBM CorporationIBM Security Systems14 © 2013 IBM Corporation14X-Force 2012 ReportSummary
© 2012 IBM CorporationIBM Security Systems15 IBM Security SystemsIBM X-ForceThe mission of X-Force is to: Monitor and eva...
© 2012 IBM CorporationIBM Security Systems16 IBM Security SystemsWhat are we seeing? Key Findings from the 2012 Trend Repo...
© 2013 IBM CorporationIBM Security Systems17 © 2013 IBM Corporation17IBM’s Security Strategy
© 2013 IBM CorporationIBM Security Systems18IntelligenceIntegrationExpertiseIBM delivers solutions across a security frame...
© 2013 IBM CorporationIBM Security Systems19Thinking differently about securityThen NowCollect and Analyze EverythingPeopl...
© 2013 IBM CorporationIBM Security Systems20LogsEvents AlertsConfigurationinformationSystemaudit trailsExternalthreat feed...
© 2013 IBM CorporationIBM Security Systems21Cloud security is a key concern ascustomers rethink how IT resources aredesign...
© 2013 IBM CorporationIBM Security Systems22 © 2013 IBM Corporation22Advanced Persistent Threats
© 2013 IBM CorporationIBM Security Systems23 IBM Security SystemsAttackers follow a 5-Stage attack chain11Break-inSpear ph...
© 2013 IBM CorporationIBM Security Systems24 IBM Security SystemsIBM’s approach to defending against APTsSecurity Analytic...
© 2013 IBM CorporationIBM Security Systems25 © 2013 IBM Corporation25Cloud Security
© 2012 IBM CorporationIBM Security Systems26Mapping your cloud security priorities to IBM capabilitiesKey security focus:C...
© 2013 IBM CorporationIBM Security Systems27 © 2013 IBM Corporation27Securing the Mobile Enterprise
© 2012 IBM CorporationIBM Security Systems28Securing the Mobile Enterprise with IBM Solutions
© 2013 IBM CorporationIBM Security Systems29Expertise: At IBM, the world is our Security lab6,000 researchers, developers ...
© 2012 IBM CorporationIBM Security Systems30ibm.com/security© Copyright IBM Corporation 2012. All rights reserved. The inf...
Upcoming SlideShare
Loading in …5
×

IBM security systems overview v1.0 - rohit nagarajan

511 views

Published on

This presentation was a part of the GBM Security Event, held on 18-Apr-13 at Gloria Hotel, Dubai Media City, Dubai

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
511
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • Findings from XF 2012 Annual Trend and Risk Report Covers latest security threats that have occurred so far this year as well as trends that we track over time in our different research groups Provides information in the areas of safe security practices when it comes to operating network infrastructures and in writing secure software And we cover what we think are new and emerging technologies that press into the current enterprise infrastructure that demands attention either due to adoption rates – or sheer overloads as is the case we are seeing with the adoption of mobile technology The report helps the reader better understand areas of risk, and provides education for areas of focus and improvement
  • Here are the 4 things that I want you to take away from this session After you walk out of this room, I hope you will be excited enough to ask every single customer of your’s just one question – “what’s your security strategy?”
  • Number of cyber-attacks witnessed on average per day in 2012
  • Data and analysis based on IBM Cyber Security Intelligence & Response Team customer monitoring and consulting data from the year 2012. IBM Managed Security Services (MSS) monitors tens of billions of events per day for more than 3,700 clients in more than 130 countries, 24 hours a day, and 365 days a year. This data and analysis excludes inadvertent data disclosures by non-malicious insiders, routine malware detected or spam.
  • Number of cyber-attacks witnessed on average per day in 2012
  • Number of cyber-attacks witnessed on average per day in 2012
  • Let ’s talk about some major trends and challenges that are shaping our clients’ challenges and our strategy.
  • This chart is from the 2011 report – which we called the Year of the Targeted Attack Highlights the activity that was covered in the press last year Color of circles represent tech means used by attackers to breach these customers The size of the circle is a very rough estimate of the possible financial impact that might have occurred based on what was reported publically This chart is meant to represent the volume of activity that is happening out there – you can see it is quite heavy considering this is a mere sampling of what was probably actually going on This attack activity is driving discussions at the board level of organizations and its asking executives in companies to determine where they are prepared for these types of events where one to occur on their networks In 2012 the attack trend continues Most recent example announced publically last week by Adobe – an APT to their network As we move forward we’ll discuss we’ll discuss some of the specific attack activity and the methods used by attackers to breach systems and networks
  • Open Security Foundation reported 40% increase in breach events for 2012 that cover loss, theft, and exposure of personally identifiable information
  • Let ’s talk about some major trends and challenges that are shaping our clients’ challenges and our strategy.
  • Advanced Security and Threat Research, which includes the X-Force team, is the foundation for many of the pillars in the security product portfolio. As the team tasked with staying on top of the latest threats and vulnerabilities, the information it provides is a critical aspect of providing protection to the other parts of the framework. The rest of this deck will talk to the specific capabilities of this team, as well as some specific integration points between the X-Force research and the products to which they add value.
  • Let ’s talk about some major trends and challenges that are shaping our clients’ challenges and our strategy.
  • People Then: Administration Identity management Cost control Now: Insight Identify and monitor highest risk users Know who has access to sensitive data and systems Baseline normal behavior Prioritize privileged identities Data Then: Basic Control Simple access controls and encryption Now: Laser Focus Discover and protect high-value data Understand who is accessing the data, at what time of day, from where, and in what role Baseline normal behavior Applications Then: Bolt-on Periodic scanning of Web applications Now: Built-in Harden applications with access to sensitive data Scan source and real-time Baseline normal application behavior and alert Infrastructure Then: Thicker Walls Firewalls, manual patching, and antivirus Focus on perimeter security Now: Smarter Defenses Baseline system and network behavior Analyze unknown threats using advanced heuristics Expand coverage into cloud and mobile environments
  • Industry unique compliance NERC CIPs (version 3 to version 4 and/or 5) California privacy + data security (and other state PUCs) Looming Federal legislation (Cybersecurity Act of 2012) Privacy, information governance and data security Classification and protection of utility and customer data, including customer usage data Increased awareness of Cyber security risks With Stuxnet and variants widely reported, and the recent Basecamp publication of control system vulnerabilities and exploits, it ’s becoming clear that cyber threats are no longer an IT-only problem Management seeks more visibility in this area (e.g., situational awareness, intelligence, forensics, etc.)
  • Let ’s talk about some major trends and challenges that are shaping our clients’ challenges and our strategy.
  • Let ’s talk about some major trends and challenges that are shaping our clients’ challenges and our strategy.
  • Main Point:
  • Let ’s talk about some major trends and challenges that are shaping our clients’ challenges and our strategy.
  • IBM security systems overview v1.0 - rohit nagarajan

    1. 1. © 2012 IBM CorporationIBM Security Systems1© 2012 IBM CorporationIBM Security SystemsRohit NagarajanStrategy and Business Development LeaderApril 2013
    2. 2. © 2013 IBM CorporationIBM Security Systems2AgendaWHYis this attending this session a good investment of your timeWHATare the real threats that we are see out thereHOWcan IBM & GBM help protect you from this scourge
    3. 3. © 2012 IBM CorporationIBM Security Systems3 IBM Security Systems137,400,000
    4. 4. © 2012 IBM CorporationIBM Security Systems4 IBM Security Systems…Number of cyber-attackswitnessed by IBM in 2012
    5. 5. © 2012 IBM CorporationIBM Security Systems5 IBM Security SystemsMost Attacked Industries
    6. 6. © 2012 IBM CorporationIBM Security Systems6 IBM Security Systems
    7. 7. © 2013 IBM CorporationIBM Security Systems7Who’s attacking you?NationalSecurityNation-stateactorsStuxnetEspionage,ActivismCompetitors andHacktivistsAuroraMonetaryGainOrganizedcrimeZeusRevenge,CuriosityInsiders andScript-kiddiesCode Red
    8. 8. © 2013 IBM CorporationIBM Security Systems8Fingers are being pointed…
    9. 9. © 2013 IBM CorporationIBM Security Systems9
    10. 10. © 2013 IBM CorporationIBM Security Systems10 © 2013 IBM Corporation10Why should you beconcerned?
    11. 11. © 2012 IBM CorporationIBM Security Systems11 IBM Security Systems2011: “The year of the targeted attack”Source: IBM X-Force®Research 2011 Trend and Risk ReportMarketingServicesOnlineGamingOnlineGamingOnlineGamingOnlineGamingCentralGovernmentGamingGamingInternetServicesOnlineGamingOnlineGamingOnlineServicesOnlineGamingITSecurityBankingITSecurityGovernmentConsultingITSecurityTele-communicationsEnter-tainmentConsumerElectronicsAgricultureApparelInsuranceConsultingConsumerElectronicsInternetServicesCentralGovtCentralGovtCentralGovtAttack TypeSQL InjectionURL TamperingSpear Phishing3rdParty SoftwareDDoSSecureIDTrojan SoftwareUnknownSize of circle estimates relative impact ofbreach in terms of cost to businessJan Feb Mar Apr May Jun Jul Aug Sep Oct Nov DecEntertainmentDefenseDefenseDefenseConsumerElectronicsCentralGovernmentCentralGovernmentCentralGovernmentCentralGovernmentCentralGovernmentCentralGovernmentCentralGovernmentConsumerElectronicsNationalPoliceNationalPoliceStatePoliceStatePolicePoliceGamingFinancialMarketOnlineServicesConsultingDefenseHeavyIndustryEntertainmentBanking2011 Sampling of Security Incidents by Attack Type, Time and ImpactConjecture of relative breach impact is based on publicly disclosed information regarding leaked records and financial lossesThreats Operational Security Emerging Trends
    12. 12. © 2012 IBM CorporationIBM Security Systems12 IBM Security Systems2012: The explosion of breaches continues!Source: IBM X-Force®Research 2012 Trend and Risk Report2012 Sampling of Security Incidents by Attack Type, Time and ImpactConjecture of relative breach impact is based on publicly disclosed information regarding leaked records and financial lossesThreats Operational Security Emerging Trends
    13. 13. © 2013 IBM CorporationIBM Security Systems13 IBM Security SystemsPlenty of proof points amongst your peers
    14. 14. © 2013 IBM CorporationIBM Security Systems14 © 2013 IBM Corporation14X-Force 2012 ReportSummary
    15. 15. © 2012 IBM CorporationIBM Security Systems15 IBM Security SystemsIBM X-ForceThe mission of X-Force is to: Monitor and evaluate therapidly changing threat landscape Research new attack techniquesand develop protection fortomorrow’s security challenges Educate our customers andthe general publicThe mission of X-Force is to: Monitor and evaluate therapidly changing threat landscape Research new attack techniquesand develop protection fortomorrow’s security challenges Educate our customers andthe general public
    16. 16. © 2012 IBM CorporationIBM Security Systems16 IBM Security SystemsWhat are we seeing? Key Findings from the 2012 Trend Report Software vulnerability disclosures up in 2012 Web application vulnerabilities surge upward Content Management Systems plug-ins provide soft target Social Media leveraged for enhanced spear-phishingtechniques and intelligence gathering Mobile Security should be more secure than traditional usercomputing devices by 2014 40% increase in breach events for 2012 Sophistication is not always about technology SQL Injection, DDoS, Phishing activity increased from 2011Threatsand ActivityOperationalSecurityEmergingTrends
    17. 17. © 2013 IBM CorporationIBM Security Systems17 © 2013 IBM Corporation17IBM’s Security Strategy
    18. 18. © 2013 IBM CorporationIBM Security Systems18IntelligenceIntegrationExpertiseIBM delivers solutions across a security framework
    19. 19. © 2013 IBM CorporationIBM Security Systems19Thinking differently about securityThen NowCollect and Analyze EverythingPeopleDataApplicationsInfrastructureAdministrationBasic-controlBolt-onThickerwallsInsightLaser-focusedBuilt-inSmarterdefenses
    20. 20. © 2013 IBM CorporationIBM Security Systems20LogsEvents AlertsConfigurationinformationSystemaudit trailsExternalthreat feedsE-mail andsocial activityNetwork flowsand anomaliesIdentitycontextBusinessprocess dataMalwareinformationNow: Intelligence•Real-time monitoring•Context-aware anomalydetection•Automated correlation andanalyticsThen: Collection•Log collection•Signature-based detectionSecurity Intelligence
    21. 21. © 2013 IBM CorporationIBM Security Systems21Cloud security is a key concern ascustomers rethink how IT resources aredesigned, deployed and consumedCloud ComputingIn 2013 we will continue to focus on solving the big problemsRegulatory and compliance pressures aremounting as companies store more dataand can become susceptible to auditfailuresRegulation and ComplianceSophisticated, targeted attacks designedto gain continuous access to criticalinformation are increasing in severity andoccurrenceAdvanced ThreatsSecuring employee-owned devices andconnectivity to corporate applications aretop of mind as CIOs broaden support formobilityMobile ComputingAdvanced Persistent ThreatsStealth Bots Targeted AttacksDesigner Malware Zero-daysEnterpriseCustomersGLBAGLBA
    22. 22. © 2013 IBM CorporationIBM Security Systems22 © 2013 IBM Corporation22Advanced Persistent Threats
    23. 23. © 2013 IBM CorporationIBM Security Systems23 IBM Security SystemsAttackers follow a 5-Stage attack chain11Break-inSpear phishing and remoteexploits to gain accessCommand& Control (CnC)22Latch-onMalware and backdoorsinstalled to establish a foothold33ExpandReconnaissance andlateral movement to increaseaccess and maintain a presence44GatherAcquisition and aggregationof confidential dataCommand& Control (CnC)55ExfiltrateData exfiltration toexternal networks
    24. 24. © 2013 IBM CorporationIBM Security Systems24 IBM Security SystemsIBM’s approach to defending against APTsSecurity AnalyticsLeverage SecurityIntelligence tocorrelate andanalyze activityacross the entireenterprise…Extend with Big Datacapabilities foranalyzingunstructured data…Utilize EmergencyResponse Servicesfor breach or forassessment of riskSecurity AnalyticsLeverage SecurityIntelligence tocorrelate andanalyze activityacross the entireenterprise…Extend with Big Datacapabilities foranalyzingunstructured data…Utilize EmergencyResponse Servicesfor breach or forassessment of riskBreak-inBreak-in11Network and Endpoint Security Use adaptivethreat protection and endpoint management toreduce risks and fend off attacksNetwork and Endpoint Security Use adaptivethreat protection and endpoint management toreduce risks and fend off attacksLatch-onLatch-on22Network Security Use SIEM and adaptive threatprotection to help identify and stop attackersfrom gaining a footholdNetwork Security Use SIEM and adaptive threatprotection to help identify and stop attackersfrom gaining a footholdExpandExpand33Secure Users Leverage strong identitymanagement to enforce access policies andmonitor for suspicious behaviorSecure Users Leverage strong identitymanagement to enforce access policies andmonitor for suspicious behaviorGatherGather44Data Security Embed security deep into datarepositories with data activity monitoring; applyfine-grained access controlsData Security Embed security deep into datarepositories with data activity monitoring; applyfine-grained access controlsExfiltrateExfiltrate55Network Security Proactively monitor networktraffic for common exfiltration tactics; block inreal-timeNetwork Security Proactively monitor networktraffic for common exfiltration tactics; block inreal-time
    25. 25. © 2013 IBM CorporationIBM Security Systems25 © 2013 IBM Corporation25Cloud Security
    26. 26. © 2012 IBM CorporationIBM Security Systems26Mapping your cloud security priorities to IBM capabilitiesKey security focus:Compliance and GovernanceHarden exposed applicationsSecurely federate identityDeploy access controlsEncrypt communicationsManage application policiesKey security focus:Infrastructure and IdentityManage datacenter identitiesSecure virtual machinesPatch default imagesMonitor logs on all resourcesNetwork isolationKey security focus:Applications and DataSecure shared databasesEncrypt private informationBuild secure applicationsKeep an audit trailIntegrate existing securityKey security focus:Data and ComplianceIsolate cloud tenantsPolicy and regulationsManage security operationsBuild compliant data centersOffer backup and resiliencyCloud Enabled Data Center Cloud Platform Services Cloud Service Provider Business Solutions on Cloud26Infrastructure as a Service(IaaS): Cut IT expense andcomplexity through clouddata centersPlatform-as-a-Service(PaaS): Accelerate timeto market with cloud platformservicesInnovatebusiness models bybecoming a cloudservice providerSoftware as a Service(SaaS): Gain immediateaccess with businesssolutions on cloudIBM Identity and AccessManagement SuiteIdentity integration, provision users toSaaS applicationsIBM Endpoint ManagerPatch and configurationmanagement of VMsIBMNetwork IPSProtect and monitor yournetwork infrastructureIBM QRadarSecurity IntelligenceTotal visibility intovirtual and cloud environmentsIBM AppScan SuiteScan apps deployed on the cloud forvulnerabilitiesIBM Guardium SuiteProtect and monitor accessto shared databasesIBM Virtual ServerProtection for VMwareProtect VMs fromadvanced threats
    27. 27. © 2013 IBM CorporationIBM Security Systems27 © 2013 IBM Corporation27Securing the Mobile Enterprise
    28. 28. © 2012 IBM CorporationIBM Security Systems28Securing the Mobile Enterprise with IBM Solutions
    29. 29. © 2013 IBM CorporationIBM Security Systems29Expertise: At IBM, the world is our Security lab6,000 researchers, developers and subject matter expertsworking security initiatives worldwide
    30. 30. © 2012 IBM CorporationIBM Security Systems30ibm.com/security© Copyright IBM Corporation 2012. All rights reserved. The information contained in these materials is provided for informational purposesonly, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the useof, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating anywarranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreementgoverning the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available inall countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s solediscretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in anyway. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the UnitedStates, other countries or both. Other company, product, or service names may be trademarks or service marks of others.

    ×