view on-demand webinar: https://event.on24.com/wcc/r/1241904/E7C5BDA81308626F69D20F843B229534 An alarming number of organizations today are doing the bare minimum to meet compliance regulations. They are completely unaware of the “data security race” taking place against malicious insiders and criminal hackers creating risk, flying past them in a to win over sensitive data. These organizations are spending their time doing just enough to check the compliance ‘checkbox’ and pass their audits. While being compliance-ready is absolutely important and represents a great first step along the road to data security, it won't win you the gold. View this on-demand webcast to learn more about how to shift your thinking and compete to win by using your compliance efforts to springboard you into a successful data security program - one that can safeguard data from internal and external threats, allowing you to be the champion and protector of your customers, your brand, and the sensitive data the fuels your business.

1. Compete to win
DON’T JUST BE COMPLIANT – BE SECURE!
Leslie Wiggins
August 30, 2016
WW Portfolio Marketing
Stephanie Best
WW Portfolio Marketing, Security Services

2. 2 IBM Security
Where does your organization invest the most?

3. 3 IBM Security
Data is challenging to control, making it hard to support compliance
and security initiatives
DYNAMIC
Data multiplies
continuously and
moves quickly
DISTRIBUTED
Data is everywhere,
across applications
and infrastructure
IN DEMAND
Users need to constantly access
and share data to do their jobs

4. 4 IBM Security
Regulations often begin the data security conversation
Common
Compliance
Requirements
PCI
For the
safety of
cardholder
data
SOX
To safeguard
financial
data
HIPAA
To ensure
patient
privacy
GDPR
Protects
personal
privacy and
data
$5K per month to
$500K per month
$1M - $5M
with possible
imprisonment
Up to $1.5M
per year
Up to €20M
or 4% annual
WW turnover

5. 5 IBM Security
Stopping at compliance leaves sensitive data – and your business -
exposed
70%
Customer data, product designs,
sales information, proprietary
algorithms, communications, etc.
Source: TechRadar
of your company’s
value likely lies in
intellectual property
Damaging security incidents
involve loss, illicit modification, or
destruction of sensitive data
Yet many security programs forget
to protect the data

6. 6 IBM Security
Attackers break through everyday to get at sensitive data
2013
800+ Million
records breached
2014
1+ Billion
records breached
2015
Unprecedented
high-value targets breached

7. 7 IBM Security
Many organizations stop at compliance. Why?
1. State of confusion: They don’t know where to start or what security
capabilities can help
2. Only have funding for compliance, not data security
3. The organization’s security funding is earmarked for known issues
(ie., perimeter security, antivirus, etc.)
4. Trying to leverage a home-grown solution, attempting to use DB logs to meet
compliance mandates
5. Selecting a technology that doesn’t solve the problem

8. 8 IBM Security
Spot the issues Understand the issues Take action
Identify potential risks to
sensitive data, understand
the value of that data and
the level of risk
Understand how they are at
risk; get guidance on an
action plan
Put the right preventative or
real-time protective
measure into place
Refocus: Know your hot spots and swing into action

9. 9 IBM Security
Start moving in the right direction
Jumpstart compliance with 3 key capabilities
1) Discover – find and classify the relevant data
2) Monitor – know who is reading / changing data and create
an audit-worthy record without slowing performance
3) Harden – secure specific data repositories
AUTOMATE!
It will make it easier and more cost efficient to do everything.

10. 10 IBM Security
Easily expand and springboard from compliance to data security
DATA
AT
REST
DATA
IN
MOTION
HARDEN
MONITORPROTECT
DISCOVER

11. 11 IBM Security
Where is your sensitive data?
• Find it – in an automated way, so discovery isn’t an all-consuming exercise
• Assess risk – determine how sensitive it is
• Classify it – so you can keep tabs on its risk level and know how to handle it
What do you need to do?
Why?
• Sensitive data exists beyond the scope of ‘Compliance’ requirements
• It’s the sensitive stuff that has value – and is a prime target
DISCOVER HARDEN MONITOR PROTECT
Consider: What if you find dormant sensitive data?

12. 12 IBM Security
Automate the process of finding uncatalogued sensitive data sources
and identifying and classifying sensitive data
• Crawl network
• Leverage algorithms to identify sensitive data - wherever it’s hiding
• Take (policy-based) action:
̶ Alerts
̶ Add to group of sensitive objects

13. 13 IBM Security
Can your environment help repel a breach?
• Find the gaps – perform vulnerability assessment
• Fix them – apply patches, fix packs, etc., to harden your data perimeter
• Determine entitlement – review entitlements and take control
What do you need to do?
Why?
• 60% of breaches are due to unpatched or otherwise vulnerable sensitive data repositories
• 70% of organizations do not have a data security solution that supports entitlement reporting
DISCOVER HARDEN MONITOR PROTECT

14. 14 IBM Security
To start hardening your environment you need to know your users, know
your repositories
Know your users Know your repositories
• Who is looking at sensitive data?
• Who is changing/deleting sensitive data?
• Should those users have (full) access?
• Are there dormant user accounts?
• Does data need to be protected from
different types of users?
• Where is your sensitive data?
• Do you know where your dormant data is?
• Are all sensitive data repositories secure?
• What needs to happen to secure them?
• Can you protect your data within that
repository?

15. 15 IBM Security
Do you know what’s happening to your sensitive data?
DISCOVER HARDEN MONITOR PROTECT
• Watch your data – in real time
• Know where sensitive data lives – everywhere
• Track your progress – to know what’s happening
What do you need to do?
Why?
• You can’t protect against it
if you don’t know it’s happening

16. 16 IBM Security
1. Policy-based, real-time
monitoring* reveals
behavior patterns over time
2. Analytics run
and anomalies
are surfaced
3. Anomalies are sent
for manual review or
triggers action
*Includes actions by privileged users
Walk before you can run: Monitor before you can protect
Apply machine learning and intelligence to uncover behavioral changes and risks

17. 17 IBM Security
Specialized threat detection analytics can spot and stop attack symptoms
early
• Scan and analyze data to detect
symptoms of data repository attacks
• Look for specific patterns of events
and behaviors that indicate trouble
• SQL injections and malicious stored
procedures are two of the most common
attack vectors
• Do not rely on attack signature
dictionary comparisons
(they go out of date quickly)
Drill down on any aspect of a threat

18. 18 IBM Security
Can you secure sensitive data against internal and external risk?
DISCOVER HARDEN MONITOR PROTECT
• Protect data at rest – via redaction, encryption, or masking
• Protect data in motion – via alerting, quarantining, dynamic blocking, etc.
What do you need to do?
Why?
• Protect your customers, your IP, your business, and your brand
• Avoid creating the wrong kinds of headlines
• Empower employees with the right level of access to the right kinds of data

19. 19 IBM Security
Examples of ways to protect sensitive data
MASKING REDACTION TRANSFORMATION
Structured sensitive
data is replaced with
realistic but fake data
Unstructured
sensitive data
is covered over
Unstructured sensitive
data is transformed into
unreadable without key
• Names
• Geography
• Credit card numbers
• Telephone numbers
• Email addresses
• Social security
numbers
• Account numbers
• URLs
• IP addresses

20. 20 IBM Security
• Relational architecture to aggregate data
for real-time analytics
• Cognitive and specialized threat detection
analytics help fill the security analyst role
• Real-time data protection capabilities,
(e.g., encryption, masking, blocking, etc.)
Go for Gold! Put it all together and dramatically reduce risk
• Proactively spot and flag user and data risk
• Find and stop threats early
• Safeguard sensitive data from end-to-end
Comprehensive
data protection
Discover
&
classify
Harden the
environment
Monitor for
compliance
Monitor
for security
Why take this step?
Requirements:

21. 21 IBM Security
PROTECT
Complete protection for sensitive
data, including compliance automation
ADAPT
Seamlessly handle
changes within your IT
environment
ANALYZE
Automatically
discover critical data
and uncover risk
Guardium supports compliance and also uses intelligence and
automation to safeguard data

22. 22 IBM Security
IBM Security Guardium capabilities support the complete journey from
compliance to security
ANALYZE. PROTECT. ADAPT
Discovery, classification,
vulnerability assessment,
entitlement reporting
Encryption, masking,
and redaction
Data and file activity
monitoring
Dynamic blocking and
masking, alerts, and
quarantine
Compliance automation
and auditing
ANALYTICS

23. 23 IBM Security
Guardium makes it easier to expand your coverage

24. 24 IBM Security
Guardium supports an intelligent and integrated environment
to help stop threats more aggressively
Set up
user access
Detect
and correct
Integrated Value
Work with vetted privileged
user information
Detect unusual activity from
privileged users; make corrections
to block/prevent breaches
Monitor
database activity
Understand who is behind
privileged credentials accessing
sensitive data
Data
Data activity
monitoring
Risk detection
and threat
analytics
Data
protection
Identity
and
Access
Access
management
Identity
management
Privileged
users
management
Security
Intelligence
SIEM
Provide visibility into
illicit data activity
Data activity events and alerts
Leverage perimeter alerts
Block suspicious insiders
Provide identity context
aware security intelligence
Identity attributes and
privileged user activity
Assess and reconcile
privileged user access
and activity
Credential data and
identity context

25. 25 IBM Security
A smart approach to compliance can carry you further,
helping you transform this risk landscape
2013
800+ Million
records breached
2014
1+ Billion
records breached
2015
Unprecedented
high-value targets breached

26. 26 IBM Security
2013
800+ Million
records breached
2014
1+ Billion
records breached
2015
Unprecedented
high-value targets breached
Transforming into something that’s more manageable and secure

27. TAP INTO THE TALENT YOU NEED TO EFFECTIVELY MANAGE YOUR DATA SECURITY
IBM Managed Data Protection
Services for Guardium

28. 28 IBM Security
Your security solution may be able to offer robust data protection, but are
you making the most of it?
Process
Are the processes
within your data
security program
well-defined?
Technology
Can you optimize
your technology
and investments
over time?
People
Do you have the
required skills in-house?

29. 29 IBM Security
Address the people, process and technology aspects of your data
security program and help improve your data security maturity
Managed data protection services for Guardium is an integrated consulting and managed security
services solution that can elevate your database security maturity with proven methods and clear
transition into steady state, delivered by IBM security operation centers worldwide. We can:
Provide access to certified,
specialized IBM resources
and security operation
centers around the globe,
24x7 for robust data
protection
Help optimize your
security program and
avoid the costs of in-house
management
Enable security
maturity through IBM
X-Force® Threat
Intelligence and
security integrations

30. 30 IBM Security
IBM was recognized as a leader in Gartner’s 2015 Magic Quadrant for
Managed Security Services, Worldwide
 Published on December 28, 2015
 IBM positioned among Leaders in the Magic Quadrant
report by analysts Kelly Kavanagh and Toby Bussa
 Key criteria:
– Ability to execute – IBM positioned furthest for
execution
– Completeness of vision
 Vendors evaluated:
– AT&T
– BAE Systems
– BT
– CenturyLink
– CSC
– Dell SecureWorks
– HPE Download the report HERE.
Gartner disclaimer: This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is
available upon request from IBM Security Services. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to
select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as
statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
– IBM
– NTT
– Orange Business Services
– Symantec
– Trustwave
– Verizon
– Wipro

31. 31 IBM Security
IBM Security Services has a global presence.
monitored countries
(managed security services)
service delivery experts
endpoints protected
+
events managed per day
+
IBM Security Services, by the numbers
+
+
Security operations centers
Security research centers
Security solution development centers

32. ibm.com/security
securityintelligence.com
xforce.ibmcloud.com
@ibmsecurity
youtube/user/ibmsecuritysolutions
© Copyright IBM Corporation 2016. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind,
express or implied. Any statement of direction represents IBM's current intent, is subject to change or withdrawal, and represent only goals and objectives. IBM, the IBM logo, and other IBM products
and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service
marks of others.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your
enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others.
No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems,
products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products
or services to be most effective. IBM does not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party.
FOLLOW US ON:
THANK YOU