A New Remedy for the Cyber Storm Approaching

A new remedy for the
Cyber Storm Approaching...
INTEGRATED SECURITY FOR A NEW ERA
Joe Daw
8/23/2016
Cybersecurity Architect – North America
IBM

2 IBM Security
Joe Daw - Intro
• Joined IBM's Security Team on March 30th, 2015 and is currently a Security Architect
for IBM North America.
• 15+ years of experience in Firm Information Security leadership, which included Jones
Day, a top global law firm, and Bristol West/Farmers Insurance.
• Key strengths are in assessing, implementing and building information security programs
within multiple industries, many of which required and maintained Sarbanes-Oxley and
PCI compliance.
• Maintained expertise in many areas of information security, dealing with infrastructure
and network security, vulnerability management, application security assessments,
visibility through security monitoring solutions, security policy management, risk and
compliance, incident response and over-all program management.
• Bachelor of Computer Science from the University of Akron and maintains a CISSP, as
well as is a founder and active board member for the local Cleveland, OH ISC2 chapter
program.

3 IBM Security
Today’s security drivers
COMPLIANCE
HUMAN
ERROR
SKILLS GAP
ADVANCED
ATTACKS
INNOVATION

4 IBM Security
2013
800+ Million records
2014
1+ Billion records
2015
Unprecedented Impact
Attackers break through conventional safeguards every day
$7M
average cost of a U.S. data breachaverage time to identify data breach
201 days

5 IBM Security
Retail Information Security
• At IBM, we’re convinced that the retail industry should address the
challenge of digital security in a long-term, strategic way, using a multi-
layered approach:
− Anticipate security threats that are likely to manifest in the future,
and put in place defenses in depth, to minimize the likelihood of a
successful attack.
− Use advanced, automated detection mechanisms to detect
patterns and catch incipient intrusions before they get far.
− Establish a culture of informed vigilance with regard to security, and
be prepared to react swiftly and effectively to arrest attacks.

6 IBM Security
5 Most exploited vulnerabilities by attackers
End User Clicking
Weak/default
passwords
Insecure
configurations
Legacy or
unpatched
hardware/software
Basic network
security and
segmentation

7 IBM Security
Traditional security practices are unsustainable
MILLION
unfilled security positions
by 20201.585security tools from 45vendors
PERCENT of CEOs are
reluctant to share incident
information externally68

9 IBM Security
Imagine if you could…
PROTECT against tomorrow’s risks, today

10 IBM Security
Implementing and measuring security

11 IBM Security
How do I get started when all I see is chaos?
IP reputation
Indicators of compromiseThreat sharing
Firewalls
Incident and threat management
Virtual patching
Sandboxing
Network visibility
Endpoint patching and managementMalware protection
Antivirus
Data access control Data monitoring
Application security management
Application scanning
Access management
Entitlements and roles
Identity management
Transaction protection
Device management
Content security
Workload
protection
Cloud access
security brokerAnomaly detection
Log, flow, data analysis
Vulnerability management
Privileged identity management
Incident response
Criminal detection
Fraud protection

12 IBM Security
Security
Analytics
Threat
Intelligence
Mobile
Cloud
Mobile
Cloud
Security
Analytics
Threat
Intelligence
Security
Analytics
An integrated and intelligent security immune system
Indicators of compromise
Firewalls
Incident and threat management
Virtual patching
Sandboxing
Network visibility
Access management
Entitlements and roles
Identity management
Workload
protection
Cloud access
security broker
Privileged identity management
Data access control
Application security management
Application scanning
Data monitoring
Transaction protection
Device management
Content security
IP reputation Threat sharing
Criminal detection
Fraud protection
Endpoint patching and management
Malware protection
Antivirus
Anomaly detection
Vulnerability management Incident response
Log, flow, data analysis

13 IBM Security
SECURITY
ECOSYSTEM
SECURITY TRANSFORMATION SERVICES
Management consulting | Systems integration | Managed security
Security
Analytics
Threat
Intelligence
Mobile
Cloud
IBM has the world’s broadest and deepest security portfolio
Mobile
INFORMATION RISK
AND PROTECTION
Cloud Security Enforcer
Trusteer Rapport
Trusteer Mobile
Privileged Identity Manager
Access Manager
Identity Governance and Intelligence
Key Manager
DataPower
AppScan
Guardium
Trusteer Pinpoint
Cloud
Cloud Identity Service
MaaS360
Security
Analytics
Threat
Intelligence
App Exchange
X-Force Exchange
zSecure
BigFix
QRadar Incident Forensics
Network Protection XGS
Security
Analytics
QRadar Vulnerability Manager
QRadar SIEM QRadar Risk Manager
Resilient Incident Response
SECURITY OPERATIONS
AND RESPONSE

14 IBM Security
LEAD
in strategic
domains
Security Transformation Services
Management Consulting | Systems Integration | Managed Security
Security Research and Threat Intelligence
Security Operations and Response Information Risk and Protection
IBM Security Strategy
Cloud Security Mobile Security
Identity Governance and Access Management
Data
Protection
Application
Security
Advanced Fraud
Prevention
Incident Response
Security Intelligence and Analytics
Vulnerability and
Patch Management
Endpoint and
Network Protection
User Behavior
Analytics
SUPPORT
the CISO agenda Cloud
Mobile and
Internet of Things
Compliance
Mandates
Skills
Shortage
Advanced
Threats
Cloud CollaborationCognitive
ACCELERATE
with key innovation

15 IBM Security
IBM helps protect against new and complex security challenges
Optimize your security
program with skills to
address modern day risks
SECURITY
TRANSFORMATION
SERVICES
Orchestrate your defenses
throughout the entire attack
lifecycle
SECURITY
OPERATIONS
AND RESPONSE
Keep your critical
information protected while
accelerating the business
INFORMATION
RISK AND
PROTECTION

16 IBM Security
Transform your security program
Build strategy that
accelerates new IT trends
• BYoD , Cloud, Mobile, IoT
• SaaS and Cloud based services
Access the right skills
• Advisors, responders, testers,
analysts and engineers
• 24x7x365 global expertise
Build protected and
connected systems
• Increase productivity
• Grant stakeholders access to the
right data without introducing risk
Optimize security programs
• Modernize Identity and access,
application development, privacy
policies, data security
• Manage and protect against
latest threats
Gain access to global
threat intelligence
• Greater control in real time
with actionable insights
• Improved visibility to manage
the threat lifecycle
Reduce complexity
• Provide programmatic, automated
and integrated outcomes
• Consolidate point products
to an integrated solution

17 IBM Security
Why IBM Security Transformation Services?
Unparalleled
Expertise
Best-in-class Managed
Security Services
Integrated
Approach
• IBM X-Force® Exchange and
Threat Research teams providing
zero-day threat alerts to clients
• Over 1400 employees
serving 130+ countries,
with a 95% retention rate
• 35 billion security events
analyzed daily across
4,500+ global clients
• Access to a global network
of skilled industry experts
• Deep industry service
delivery experience across
numerous types of operations
• Ability to lead and execute
large, transformational
projects
• Integrated portfolio
of security services and
technology
• Open ecosystem with 100+
technology partners and
30+ services partners
• 800+ technical vendor and
150+ professional security
certifications

18 IBM Security
SECURITY
TRANSFORMATION
SERVICES
lifecycle
SECURITY
OPERATIONS
AND RESPONSE
Keep your critical
INFORMATION
RISK AND
PROTECTION

19 IBM Security
Continuously stop attacks
and remediate vulnerabilities
Upgrade your defenses with a coordinated platform to outthink threats
• Disrupt malware and exploits
• Discover and patch endpoints
• Automatically fix vulnerabilities
Respond to incidents quickly, with precision
• Hunt for indicators
using deep forensics
• Orchestrate and automate
incident response
Discover unknown threats
with advanced analytics
• See attacks across the enterprise
• Sense abnormal behaviors
• Automatically prioritize threats
RESPOND

20 IBM Security
Why IBM Security Operations and Response?
Cognitive Analytics Open Ecosystem Deep Threat Intelligence
• IBM Security App Exchange
provides access to apps from
leading security partners
• Out-of-the-box integrations
for 500+ third-party security
products
• Open APIs allow for custom
integrations and apps
• QRadar Sense Analytics
allows you to inspect events,
flows, users, and more
• Speed analysis with visuals,
query, and auto-discovery
across the platform
• Get ready to augment your
analysts with Watson for Cyber
Security
• IBM X-Force Exchange
helps you stay ahead of the
latest threats and attacks
• Powered by the X-Force
Research team and
700TB+ of threat data
• Share data with a
collaborative portal and
STIX / TAXII standards

21 IBM Security
SECURITY
TRANSFORMATION
SERVICES
lifecycle
SECURITY
OPERATIONS
AND RESPONSE
Keep your critical
INFORMATION
RISK AND
PROTECTION

22 IBM Security
Data
Applications
Connectivity to more users, devices, and data than ever before
Web
Applications
Systems
Applications
APIs Mobile
Applications
Infrastructure
and Devices
Datacenters PCs Mobile Cloud Services IoT
On Premises Off PremisesUnstructuredStructured
Users
Auditors Suppliers
Consultants Contractors
Employees Partners
Customers
Systems
Applications
Partners
Structured
Laptops
It’s time to expand from infrastructure to information-centric security
Employees
Unstructured
APIs
Off Premises
Customers
Mobile
Applications

23 IBM Security
Protect your information, contain the risk
Gain control
• Govern all users and their privileges
• Protect data usage across enterprise and cloud
• Improve DevOps security
• Secure mobile devices and apps
Identify risks
• Discover and classify business critical data and apps
• Expose over privileges with identity analytics
• Analyze cloud app usage and activity
• Detect web fraud with real time alerts
Safeguard interactions
• Deploy adaptive access and web app protection
• Federate to and from the cloud
• Maintain data compliance and stop attacks
• Secure mobile collaboration
IDENTITY
CLOUD
FRAUD
APP
DATA
MOBILE

24 IBM Security
Why IBM Information Risk and Protection?
Risk-based Intelligence Multi-layer Integrations Designed for Cloud & Mobile
• United controls to span
employees, business
partners and customers
• Built with open standards
to speed integration and
interoperability
• Cross segment integrations
to protect against threats
• Business focused analytics
to make decisions and
meet regulations
• X-Force and Trusteer
intelligence to stay ahead
of the latest threats
• Machine learning algorithms
to spot unusual behaviors
and vulnerabilities
• Largest SaaS portfolio across
fraud protection, application,
cloud, and mobile security
• Flexible deployment and
out-of-the-box connectors for
the most popular cloud services
• Safeguarding mobile and
consumer interactions

25 IBM Security
COGNITIVE, CLOUD,
and COLLABORATION
The next era of security
INTELLIGENCE
and INTEGRATION
PERIMETER
CONTROLS

26 IBM Security
IBM Security invests in best-of-breed solutions
Incident
response
Cloud-enabled
identity management
Identity governance
Application security
Risk management
Data management
Security services
and network
security
Database monitoring
and protection
Application security
SOA
management
and security
“…IBM Security is making all the right moves...”
Forbes
2011 2012 2013 2014 2015 20162005 2006 2007 2008 2009 20102002
IBM Security
Systems
IBM Security
Services
Identity
management
Directory
integration
Enterprise
single-sign-on
Endpoint
management
and security
Security
Intelligence
Advanced fraud
protection
Secure mobile mgmt.
CyberTap

27 IBM Security
Industry analysts rank IBM Security
DOMAIN SEGMENT MARKET SEGMENT / REPORT
ANALYST
RANKINGS
Security Operations
and Response
Security Intelligence Security Information and Event Management (SIEM) LEADER
Network and
Endpoint Protection
Intrusion Prevention Systems (IPS) LEADER
Endpoint: Client Management Tools LEADER
Endpoint Protection Platforms (EPP) Strong Performer
Information Risk
and Protection
Identity Governance
and Access
Management
Federated Identity Management and Single Sign-On LEADER
Identity and Access Governance LEADER
Identity and Access Management as a Service (IDaaS) LEADER
Web Access Management (WAM) LEADER
Mobile Access Management LEADER
Identity Provisioning Management LEADER
Data Security Data Masking LEADER
Application Security Application Security Testing (dynamic and static) LEADER
Mobile Protection Enterprise Mobility Management (MaaS360) LEADER
Fraud Protection Web Fraud Detection (Trusteer) LEADER
Security
Transformation
Services
Consulting and
Managed Services
Managed Security Services (MSS) LEADER
Information Security Consulting Services LEADER
V2016-06-16Note: This is a collective view of top analyst rankings, compiled as of July, 2016

28 IBM Security
Adaptive integration with ecosystem partners
100+ ecosystem partners, 500+ QRadar integrations

29 IBM Security
A Global Leader in Enterprise Security
• #1 in enterprise security
software and services*
• 7,500+ people
• 12,000+ customers
• 133 countries
• 3,500+ security patents
• 15 acquisitions since 2005
*According to Technology Business Research, Inc. (TBR) 2016

30 IBM Security
Takeaways from Joe
• Work Smarter – not harder
• Ensure appropriate visibility
• Incident Response Plan?
• Ask for help and check your
work
*According to Technology Business Research, Inc. (TBR) 2016

© Copyright IBM Corporation 2016. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind,
express or implied. Any statement of direction represents IBM's current intent, is subject to change or withdrawal, and represent only goals and objectives. IBM, the IBM logo, and other IBM products
and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service
marks of others.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your
enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others.
No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems,
products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products
or services to be most effective. IBM does not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party.
ibm.com/security
securityintelligence.com
xforce.ibmcloud.com
@ibmsecurity
youtube/user/ibmsecuritysolutions
FOLLOW US ON:
THANK YOU

A New Remedy for the Cyber Storm Approaching

More Related Content

What's hot

Viewers also liked

Similar to A New Remedy for the Cyber Storm Approaching

More from SPI Conference

Recently uploaded

A New Remedy for the Cyber Storm Approaching