SlideShare a Scribd company logo

Guardium Data Activiy Monitor For C- Level Executives

Camilo Fandiño Gómez
Camilo Fandiño Gómez

IT infrastructure is changing and needs controls for mobile, cloud, and big data Guardium is the leader in database and big data security Heterogeneous support is a great asset to leverage across the infrastructure to reduce risk Supports separation of duties Integration with other security products No additional training for multiple products

Data & Analytics
1 of 24
Download to read offline
It’s All About the Data.. Guardium Data Activity Monitor
2 © 2015 IBM Corporation Three IT & Security Observations… • Mobile – 5,600,000,000 (2011) – 7,400,000,000 (2015) • Gartner projections • Cloud – $18.3 billion (2012) – $31.9 billion (2017) • www.analysysmason.com projections • Big Data – $11.59 billion (2012) – Over $47 billion (2017) • Wikibon
3 © 2015 IBM Corporation Perimeter Security is Not Enough Dynamic Data (in use) Static Data (at rest)
4 © 2015 IBM Corporation Sensitive data is at risk 70% of organizations surveyed use live customer data in non-production environments (testing, Q/A, development) Database Trends and Applications. Ensuring Protection for Sensitive Test Data The Ponemon Institute. The Insecurity of Test Data: The Unseen Crisis 52% of surveyed organizations outsource development 50% of organizations surveyed have no way of knowing if data used in test was compromised The Ponemon Institute. The Insecurity of Test Data: The Unseen Crisis $188 per record cost of a data breach The Ponemon Institute. 2013 Cost of Data Beach Study $5.4M Average cost of a data breach The Ponemon Institute. 2013 Cost of Data Beach Study
5 © 2015 IBM Corporation http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf?CMP=DMC-SMB_Z_ZZ_ZZ_Z_TV_N_Z038 Time span of events by percent of breaches Market Overview Minutes To Compromise, Months To Discover & Remediate Time span of events by percent of breaches
6 © 2015 IBM Corporation http://www.checkpoint.com/products/downloads/whitepapers/ponemon-cybercrime-2012.pdf Goals of Cyber Criminals and Types of Attacks
7 © 2015 IBM Corporation Background of Respondents • 47% work within companies with more than 1,000 employees • 63% report to CIO, CTO or IT Leader
8 © 2015 IBM Corporation Most Organizations Have Weak Controls  94% of breaches involved database servers  85% of victims were unaware of the compromise for weeks to months.  97% of data breaches were avoidable through simple or intermediate controls.  98% of data breaches stemmed from external agents  92% of victims were notified by 3rd parties of the breach.  96% of victims were not PCI DSS-compliant at the time of the breach. Source: 2012 Verizon Data Breach Investigations Report http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf Key findings:In 2011, 855 incidents reported 174 million compromised records Where is the new data store?
10 © 2015 IBM Corporation Data Security Vision • Protect data in any form, anywhere, from internal or external threats • Streamline regulation compliance process • Reduce operational costs around data protection Type of data PCI data SOX data Video Document Proprietary Data Data Classification Consumer Customers (anyone) Outsourced (3rd party) Employees (internal) Role-based (trusted) Data Consumers Channel Hosted applications Cloud applications Mobile Repository Databases DW/Hadoop Hadoop No-SQL File Shares Location On premise Private cloud Public cloud Managed Data Repository Encryption Tokenization Redaction Masking Storage Data at Rest Stored (Databases, File Servers, Big Data, Data Warehouses, Application Servers, Cloud/Virtual ..) Data in Motion Over Network (SQL, HTTP, SSH, FTP, email,. …) Data Discovery Activity Monitoring Real-time Alerting Dynamic Masking Blocking Activity Reporting
11 © 2015 IBM Corporation You need to understand the data in order to protect it Our philosophy: Value Is it used? How often? By who? Risk Sensitivity Exposure Volumes Lifecycle Production Test/Dev Archive Analysis Relevance How old is it? Is it still being used? Who owns the data? DATA
12 © 2015 IBM Corporation Investment 101 Higher RISK  possible higher returns In other words… we are willing to take risks if there is sufficient value behind it
13 © 2015 IBM Corporation Data Security 101 Value RiskFor the Business To the business Above the line High value data with low (or at least acceptable) risk levels Below the line Risk levels are too high given the business value of the data Low Value, High Risk Dormant table with sensitive data Low Value, Low Risk Temp table with no sensitive data High Value, High Risk Table with sensitive data that is used often by business application High Value, Low Risk Table with no sensitive data that is used often by an important business application DATA Need to understand the data in order to protect it Value
14 © 2015 IBM Corporation Discovery & Classification - What data is out there? - How sensitive is it? Activity Monitoring - How exposed is the data? - What data is being extracted? Vulnerability Assessment - How secure is the repository? - Is it fully patched? - Best practice configuration? Value to the Business Risk The Goal: Reduce the risk and get all data element above the ‘risk’ line How? 1. Determine the VALUE 2. Determine the RISK 3. Reduce the RISK Business Glossary Insights on how data is used by the business Activity Monitoring How often? What data? Integrations Who uses the data? Activity Monitoring - Alert/Block suspicious Activities - Prevent unauthorized access to data - Report and Review all data activities Vulnerability Assessment - Assessments & Remediation Steps - Configuration “lock down” - Purge dormant data Encryption - Encrypt data at rest Test Data Management - Declassify data on test/dev env. 1. Understand the VALUE 2. Determine the RISK 3. Reduce the RISK Understanding the Data – Value vs. Risk 1. Discover the DATA
15 © 2015 IBM Corporation Where is the sensitive data? How to prevent unauthorized activities? How to protect sensitive data to reduce risk? How to secure the repository? Discovery Classification Identity & Access Management Activity Monitoring Blocking Quarantine Masking Encryption Assessment Masking/Encryption Who should have access? What is actually happening? Discover Harden Monitor Block Mask Security Policies Dormant Entitlements Dormant Data Compliance Reporting & Security Alerts Data Protection & Enforcement How we do it?
16 © 2015 IBM Corporation Guardium Database Activity Monitor • Assure compliance with regulatory mandates • Protect against threats from legitimate users and potential hackers • Minimize operational costs through automated and centralized controls • Continuous, real-time database access and activity monitoring • Policy-based controls to detect unauthorized or suspicious activity • Prevention of data loss Data Access Protection and Compliance Made Simple Requirements Benefits Guardi um Monitor ProtectDiscover
17 © 2015 IBM Corporation 17 EmployeeTable SELECT Fine-Grained Policies with Real-Time Alerts Application Server 10.10.9.244 Database Server 10.10.9.56 Included with DAM Heterogeneous support including System z and IBM i data servers
18 © 2015 IBM Corporation Option #1 turn on the native logs…It’s free… Home grown solutions are costly and ineffective Create reports Manual review Manual remediation dispatch and tracking Native Database Logging • Pearl/UNIX Scripts/C++ • Scrape and parse the data • Move to central repository Native Hadoop Logging Native NoSQL Logging • High performance impact from native logging affecting application performance • Inconsistent policies enterprise-wide • Training and education on multiple products does not scale • Does not meet auditor requirements for Separation of Duties • Need additional controls to protect audit trail from authorized users • Significant labor cost to review data and maintain process • Is it really free?
19 © 2015 IBM Corporation InfoSphere Guardium Architecture – Same for Oracle, DB2, SQL Server, MySQL, Big Data & NoSQL!! • Intercept and copy transaction to appliance (low overhead on server) • Store audit/log information off application server • Audit information cannot be erased or tampered • Efficient audit architecture is needed for volume of information monitored • Granular real time alerting • Agent is required to monitor privilege users (local connections - shared memory, Name-Pipe, Bequeath) • Agent is required for advanced functionality (ie. blocking and masking) Collector Appliance Host-based Probes (S-TAPs) Data Repositories Audit records
20 © 2015 IBM Corporation Meta-Data (configuration) Dynamic Data (in motion) Static Data (at rest) ApplicationsDatabases ServersNetwork Security Mainframe Network Infrastructure Availability Performance Compliance/Security IT DBA Application Network IT DBA App Admin Network Admin Focused on the Infrastructure It’s all about the DATA IT DBA App Network Security Compliance CISO Classification Vulnerability Assessment Configuration Audit System Guardium VA Activity Monitoring Blocking / Masking Guardium DAM Encryption Data Mgmt (TDM/MDM) Redaction Optim & Guardium Encryption 1. High risk with complex environment 2. Need heterogeneous security controls on the data 3. Controls and compliance can be costly
21 © 2015 IBM Corporation Oracle Oracle Oracle Oracle DAM - Big Data Heterogeneous Support Big Data/No-SQL  BigInsights  Cloudera  MongoDB  CouchDB  Cassandra  GreenplumDB  HortonWorks DAM Netezza Teradata V8 Netezza Teradata BigInsights Cloudera V9 Netezza Teradata BigInsights Cloudera MongoDB CouchDB Cassandra GreenplumHD HortonWorks V9p50 Netezza Teradata BigInsights Cloudera MongoDB CouchDB Cassandra GreenplumHD HortonWorks V9.1 SAP/HANA GreenplumDB
22 © 2015 IBM Corporation Guardium DAM 1. Reduce risk & prevent data breaches – Mitigate external and internal threats 2. Ensure the integrity of sensitive data – Prevent unauthorized changes to data, data infrastructure, configuration files and logs 3. Reduce the cost of compliance – Automate and centralize controls while simplifying audit review processes 4. Enable businesses to take advantage of new technologies – Cloud, mobile & Big Data are changing the dynamics in the market today
23 © 2015 IBM Corporation Summary • IT infrastructure is changing and needs controls for mobile, cloud, and big data • Guardium is the leader in database and big data security • Heterogeneous support is a great asset to leverage across the infrastructure to reduce risk  Supports separation of duties  Integration with other security products  No additional training for multiple products
24 © 2015 IBM Corporation Thank You
25 © 2015 IBM Corporation Guardium: Real-Time Database Monitoring, Protection and Compliance “Do you need to …” • Address a failed audit around weak database controls? • Prevent unauthorized changes to financial data for SOX? • Monitor privileged users & enforce separation of duties? • Prevent a data breach (e.g., SQL injection attacks)? • Identify missing database patches & vulnerabilities? • Identify fraud (SAP, PeopleSoft, Oracle e-Business, etc.)? • Reduce the manual time & effort required for compliance (SOX, PCI, NIST, FISMA, EU DPD, ISO 27002, data privacy laws …)? Key Product Facts 1. Non-Invasive: Guardium continuously monitors all database activity in real-time, with negligible impact on performance and without requiring changes to applications or database configurations. 2. Heterogeneous: Supports all major DBMS and big data platforms 3. Reduces operational costs: By automating compliance reporting and oversight processes (< 6 months payback). 4. Scalable: For example, Dell has deployed Guardium to 1,000+ database servers in 10 data centers worldwide, to address SOX, PCI and SAS70. Guardium supports centralized policies via a multi-tier architecture, Web management console and a centralized, cross-DBMS audit repository. 5. Enforces Separation of Duties: Audit information is stored in a separate hardened appliance (or virtual appliance) so that insiders or hackers can’t “cover their tracks” by tampering with log information. The solution does not rely on native (DBMS- resident) audit logs that can easily be disabled by administrators, thereby supporting separation of duties. Database monitoring and compliance made simple Did you know? • 75% of breached records come from database servers • Guardium supports Oracle, SQL Server, DB2 UDB, DB2 for z/OS, DB2 for iSeries, Informix, Sybase, MySQL, Teradata, Big Data • Guardium clients include blue-chip companies worldwide such as 5 of the top 5 global banks, 2 of the top 3 retailers, and many more • #1 compliance driver is SOX (for protection of ERP/financial systems) followed by PCI (cardholder data) and data privacy • Guardium delivered an ROI of 239% and payback of 5.9 months for a F500 global company (Forrester case study) • Forrester rates Guardium #1 for Current Offering, Architecture and Product Strategy with “dominance in this space” • Typical enterprise deploy “project” then expand to corporate infrastructure to reduce risk and enhance controls • Typical contacts: Dirs. of Security, Compliance, or Risk; DBAs; Application Architects; SOX Proj. Mgrs; Infrastructure Mgrs. • Guardium complements other security controls by focusing exclusively on monitoring at the database and big data layers. • Reduces risk by providing security controls where you most sensitive data resides

Recommended

Whitepaper IBM Guardium Data Activity Monitor
Whitepaper IBM Guardium Data Activity MonitorWhitepaper IBM Guardium Data Activity Monitor
Whitepaper IBM Guardium Data Activity Monitor
Camilo Fandiño Gómez
 
IBM InfoSphere Guardium overview
IBM InfoSphere Guardium overviewIBM InfoSphere Guardium overview
IBM InfoSphere Guardium overview
nazeer325
 
Qradar - Reports.pdf
Qradar - Reports.pdfQradar - Reports.pdf
Qradar - Reports.pdf
PencilData
 
Ibm security guardium
Ibm security guardiumIbm security guardium
Ibm security guardium
CMR WORLD TECH
 
Presentation ibm info sphere guardium enterprise-wide database protection a...
Presentation ibm info sphere guardium enterprise-wide database protection a...Presentation ibm info sphere guardium enterprise-wide database protection a...
Presentation ibm info sphere guardium enterprise-wide database protection a...
solarisyougood
 
Siem ppt
Siem pptSiem ppt
Siem ppt
kmehul
 
Guardium Presentation
Guardium PresentationGuardium Presentation
Guardium Presentation
tsteh
 
The Indicators of Compromise
The Indicators of CompromiseThe Indicators of Compromise
The Indicators of Compromise
Tomasz Jakubowski
 

Recommended

Whitepaper IBM Guardium Data Activity Monitor
Whitepaper IBM Guardium Data Activity MonitorWhitepaper IBM Guardium Data Activity Monitor
Whitepaper IBM Guardium Data Activity Monitor
Camilo Fandiño Gómez
 
IBM InfoSphere Guardium overview
IBM InfoSphere Guardium overviewIBM InfoSphere Guardium overview
IBM InfoSphere Guardium overview
nazeer325
 
Qradar - Reports.pdf
Qradar - Reports.pdfQradar - Reports.pdf
Qradar - Reports.pdf
PencilData
 
Ibm security guardium
Ibm security guardiumIbm security guardium
Ibm security guardium
CMR WORLD TECH
 
Presentation ibm info sphere guardium enterprise-wide database protection a...
Presentation ibm info sphere guardium enterprise-wide database protection a...Presentation ibm info sphere guardium enterprise-wide database protection a...
Presentation ibm info sphere guardium enterprise-wide database protection a...
solarisyougood
 
Siem ppt
Siem pptSiem ppt
Siem ppt
kmehul
 
Guardium Presentation
Guardium PresentationGuardium Presentation
Guardium Presentation
tsteh
 
The Indicators of Compromise
The Indicators of CompromiseThe Indicators of Compromise
The Indicators of Compromise
Tomasz Jakubowski
 
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database SecurityIBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Securityebuc
 
Best Practices for Configuring Your OSSIM Installation
Best Practices for Configuring Your OSSIM InstallationBest Practices for Configuring Your OSSIM Installation
Best Practices for Configuring Your OSSIM Installation
AlienVault
 
Siem solutions R&E
Siem solutions R&ESiem solutions R&E
Siem solutions R&E
Owais Ahmad
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
Camilo Fandiño Gómez
 
McAfee SIEM solution
McAfee SIEM solution McAfee SIEM solution
McAfee SIEM solution
hashnees
 
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)
k33a
 
SINIFLANDIRMA TEMELLİ KORELASYON YAKLAŞIMI
SINIFLANDIRMA TEMELLİ KORELASYON YAKLAŞIMISINIFLANDIRMA TEMELLİ KORELASYON YAKLAŞIMI
SINIFLANDIRMA TEMELLİ KORELASYON YAKLAŞIMI
Ertugrul Akbas
 
What is SIEM
What is SIEMWhat is SIEM
What is SIEM
Patten John
 
IBM Qradar
IBM QradarIBM Qradar
IBM Qradar
Coenraad Smith
 
Phishing Incident Response Playbook
Phishing Incident Response PlaybookPhishing Incident Response Playbook
Phishing Incident Response Playbook
Naushad CEH, CHFI, MTA, ITIL
 
IBM Security Guardium Data Activity Monitor (Data Sheet-USEN)
IBM Security Guardium Data Activity Monitor (Data Sheet-USEN)IBM Security Guardium Data Activity Monitor (Data Sheet-USEN)
IBM Security Guardium Data Activity Monitor (Data Sheet-USEN)
Peter Tutty
 
SIEM presentation final
SIEM presentation finalSIEM presentation final
SIEM presentation finalRizwan S
 
Next Generation War: EDR vs RED TEAM
Next Generation War: EDR vs RED TEAMNext Generation War: EDR vs RED TEAM
Next Generation War: EDR vs RED TEAM
BGA Cyber Security
 
Top Cybersecurity Threats and How SIEM Protects Against Them
Top Cybersecurity Threats and How SIEM Protects Against ThemTop Cybersecurity Threats and How SIEM Protects Against Them
Top Cybersecurity Threats and How SIEM Protects Against Them
SBWebinars
 
SIEM - Activating Defense through Response by Ankur Vats
SIEM - Activating Defense through Response by Ankur VatsSIEM - Activating Defense through Response by Ankur Vats
SIEM - Activating Defense through Response by Ankur Vats
OWASP Delhi
 
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)
hardik soni
 
What is SIEM? A Brilliant Guide to the Basics
What is SIEM? A Brilliant Guide to the BasicsWhat is SIEM? A Brilliant Guide to the Basics
What is SIEM? A Brilliant Guide to the Basics
Sagar Joshi
 
Insider Threats Detection in Cloud using UEBA
Insider Threats Detection in Cloud using UEBAInsider Threats Detection in Cloud using UEBA
Insider Threats Detection in Cloud using UEBA
Lucas Ko
 
Microsoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat ProtectionMicrosoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat Protection
David J Rosenthal
 
Cybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation SlidesCybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation Slides
SlideTeam
 
Bridging the Gap Between Your Security Defenses and Critical Data
Bridging the Gap Between Your Security Defenses and Critical DataBridging the Gap Between Your Security Defenses and Critical Data
Bridging the Gap Between Your Security Defenses and Critical Data
IBM Security
 
Data security in the cloud
Data security in the cloud Data security in the cloud
Data security in the cloud
IBM Security
 

More Related Content

What's hot

IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database SecurityIBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Securityebuc
 
Best Practices for Configuring Your OSSIM Installation
Best Practices for Configuring Your OSSIM InstallationBest Practices for Configuring Your OSSIM Installation
Best Practices for Configuring Your OSSIM Installation
AlienVault
 
Siem solutions R&E
Siem solutions R&ESiem solutions R&E
Siem solutions R&E
Owais Ahmad
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
Camilo Fandiño Gómez
 
McAfee SIEM solution
McAfee SIEM solution McAfee SIEM solution
McAfee SIEM solution
hashnees
 
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)
k33a
 
SINIFLANDIRMA TEMELLİ KORELASYON YAKLAŞIMI
SINIFLANDIRMA TEMELLİ KORELASYON YAKLAŞIMISINIFLANDIRMA TEMELLİ KORELASYON YAKLAŞIMI
SINIFLANDIRMA TEMELLİ KORELASYON YAKLAŞIMI
Ertugrul Akbas
 
What is SIEM
What is SIEMWhat is SIEM
What is SIEM
Patten John
 
IBM Qradar
IBM QradarIBM Qradar
IBM Qradar
Coenraad Smith
 
Phishing Incident Response Playbook
Phishing Incident Response PlaybookPhishing Incident Response Playbook
Phishing Incident Response Playbook
Naushad CEH, CHFI, MTA, ITIL
 
IBM Security Guardium Data Activity Monitor (Data Sheet-USEN)
IBM Security Guardium Data Activity Monitor (Data Sheet-USEN)IBM Security Guardium Data Activity Monitor (Data Sheet-USEN)
IBM Security Guardium Data Activity Monitor (Data Sheet-USEN)
Peter Tutty
 
SIEM presentation final
SIEM presentation finalSIEM presentation final
SIEM presentation finalRizwan S
 
Next Generation War: EDR vs RED TEAM
Next Generation War: EDR vs RED TEAMNext Generation War: EDR vs RED TEAM
Next Generation War: EDR vs RED TEAM
BGA Cyber Security
 
Top Cybersecurity Threats and How SIEM Protects Against Them
Top Cybersecurity Threats and How SIEM Protects Against ThemTop Cybersecurity Threats and How SIEM Protects Against Them
Top Cybersecurity Threats and How SIEM Protects Against Them
SBWebinars
 
SIEM - Activating Defense through Response by Ankur Vats
SIEM - Activating Defense through Response by Ankur VatsSIEM - Activating Defense through Response by Ankur Vats
SIEM - Activating Defense through Response by Ankur Vats
OWASP Delhi
 
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)
hardik soni
 
What is SIEM? A Brilliant Guide to the Basics
What is SIEM? A Brilliant Guide to the BasicsWhat is SIEM? A Brilliant Guide to the Basics
What is SIEM? A Brilliant Guide to the Basics
Sagar Joshi
 
Insider Threats Detection in Cloud using UEBA
Insider Threats Detection in Cloud using UEBAInsider Threats Detection in Cloud using UEBA
Insider Threats Detection in Cloud using UEBA
Lucas Ko
 
Microsoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat ProtectionMicrosoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat Protection
David J Rosenthal
 
Cybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation SlidesCybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation Slides
SlideTeam
 

What's hot (20)

IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database SecurityIBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
 
Best Practices for Configuring Your OSSIM Installation
Best Practices for Configuring Your OSSIM InstallationBest Practices for Configuring Your OSSIM Installation
Best Practices for Configuring Your OSSIM Installation
 
Siem solutions R&E
Siem solutions R&ESiem solutions R&E
Siem solutions R&E
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
 
McAfee SIEM solution
McAfee SIEM solution McAfee SIEM solution
McAfee SIEM solution
 
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)
 
SINIFLANDIRMA TEMELLİ KORELASYON YAKLAŞIMI
SINIFLANDIRMA TEMELLİ KORELASYON YAKLAŞIMISINIFLANDIRMA TEMELLİ KORELASYON YAKLAŞIMI
SINIFLANDIRMA TEMELLİ KORELASYON YAKLAŞIMI
 
What is SIEM
What is SIEMWhat is SIEM
What is SIEM
 
IBM Qradar
IBM QradarIBM Qradar
IBM Qradar
 
Phishing Incident Response Playbook
Phishing Incident Response PlaybookPhishing Incident Response Playbook
Phishing Incident Response Playbook
 
IBM Security Guardium Data Activity Monitor (Data Sheet-USEN)
IBM Security Guardium Data Activity Monitor (Data Sheet-USEN)IBM Security Guardium Data Activity Monitor (Data Sheet-USEN)
IBM Security Guardium Data Activity Monitor (Data Sheet-USEN)
 
SIEM presentation final
SIEM presentation finalSIEM presentation final
SIEM presentation final
 
Next Generation War: EDR vs RED TEAM
Next Generation War: EDR vs RED TEAMNext Generation War: EDR vs RED TEAM
Next Generation War: EDR vs RED TEAM
 
Top Cybersecurity Threats and How SIEM Protects Against Them
Top Cybersecurity Threats and How SIEM Protects Against ThemTop Cybersecurity Threats and How SIEM Protects Against Them
Top Cybersecurity Threats and How SIEM Protects Against Them
 
SIEM - Activating Defense through Response by Ankur Vats
SIEM - Activating Defense through Response by Ankur VatsSIEM - Activating Defense through Response by Ankur Vats
SIEM - Activating Defense through Response by Ankur Vats
 
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)
 
What is SIEM? A Brilliant Guide to the Basics
What is SIEM? A Brilliant Guide to the BasicsWhat is SIEM? A Brilliant Guide to the Basics
What is SIEM? A Brilliant Guide to the Basics
 
Insider Threats Detection in Cloud using UEBA
Insider Threats Detection in Cloud using UEBAInsider Threats Detection in Cloud using UEBA
Insider Threats Detection in Cloud using UEBA
 
Microsoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat ProtectionMicrosoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat Protection
 
Cybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation SlidesCybersecurity Incident Management Powerpoint Presentation Slides
Cybersecurity Incident Management Powerpoint Presentation Slides
 

Similar to Guardium Data Activiy Monitor For C- Level Executives

Bridging the Gap Between Your Security Defenses and Critical Data
Bridging the Gap Between Your Security Defenses and Critical DataBridging the Gap Between Your Security Defenses and Critical Data
Bridging the Gap Between Your Security Defenses and Critical Data
IBM Security
 
Data security in the cloud
Data security in the cloud Data security in the cloud
Data security in the cloud
IBM Security
 
How Vulnerable is Your Critical Data?
How Vulnerable is Your Critical Data?How Vulnerable is Your Critical Data?
How Vulnerable is Your Critical Data?
IBM Security
 
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenberg
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenbergIbm ofa ottawa_ how_secure_is_your_data_eric_offenberg
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenberg
dawnrk
 
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenberg
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenbergIbm ofa ottawa_ how_secure_is_your_data_eric_offenberg
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenberg
dawnrk
 
Avoiding the Data Compliance "Hot Seat"
Avoiding the Data Compliance "Hot Seat"Avoiding the Data Compliance "Hot Seat"
Avoiding the Data Compliance "Hot Seat"
IBM Security
 
Shield db data security
Shield db data securityShield db data security
Shield db data security
Mousumi Manna
 
Shield db data security
Shield db data securityShield db data security
Shield db data security
Mousumi Manna
 
Shield db data security
Shield db data securityShield db data security
Shield db data security
Tapan Biswas
 
Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)
Iftikhar Ali Iqbal
 
David valovcin big data - big risk
David valovcin big data - big riskDavid valovcin big data - big risk
David valovcin big data - big risk
IBM Sverige
 
Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015
Robert Crane
 
Data security in a big data environment sweden
Data security in a big data environment swedenData security in a big data environment sweden
Data security in a big data environment sweden
IBM Sverige
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
IBM Security
 
Hackers, Cyber Crime and Espionage
Hackers, Cyber Crime and EspionageHackers, Cyber Crime and Espionage
Hackers, Cyber Crime and Espionage
Imperva
 
User management - the next-gen of authentication meetup 27012022
User management - the next-gen of authentication meetup 27012022User management - the next-gen of authentication meetup 27012022
User management - the next-gen of authentication meetup 27012022
lior mazor
 
Information protection and compliance
Information protection and complianceInformation protection and compliance
Information protection and compliance
Dean Iacovelli
 
B2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanB2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam Levithan
SPS Paris
 
Database auditing essentials
Database auditing essentialsDatabase auditing essentials
Database auditing essentials
Craig Mullins
 

Similar to Guardium Data Activiy Monitor For C- Level Executives (20)

Bridging the Gap Between Your Security Defenses and Critical Data
Bridging the Gap Between Your Security Defenses and Critical DataBridging the Gap Between Your Security Defenses and Critical Data
Bridging the Gap Between Your Security Defenses and Critical Data
 
Data security in the cloud
Data security in the cloud Data security in the cloud
Data security in the cloud
 
How Vulnerable is Your Critical Data?
How Vulnerable is Your Critical Data?How Vulnerable is Your Critical Data?
How Vulnerable is Your Critical Data?
 
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenberg
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenbergIbm ofa ottawa_ how_secure_is_your_data_eric_offenberg
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenberg
 
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenberg
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenbergIbm ofa ottawa_ how_secure_is_your_data_eric_offenberg
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenberg
 
Avoiding the Data Compliance "Hot Seat"
Avoiding the Data Compliance "Hot Seat"Avoiding the Data Compliance "Hot Seat"
Avoiding the Data Compliance "Hot Seat"
 
Shield db data security
Shield db data securityShield db data security
Shield db data security
 
Shield db data security
Shield db data securityShield db data security
Shield db data security
 
Shield db data security
Shield db data securityShield db data security
Shield db data security
 
BREACHED: Data Centric Security for SAP
BREACHED: Data Centric Security for SAPBREACHED: Data Centric Security for SAP
BREACHED: Data Centric Security for SAP
 
Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)
 
David valovcin big data - big risk
David valovcin big data - big riskDavid valovcin big data - big risk
David valovcin big data - big risk
 
Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015Office 365 Security, Privacy and Compliance - SMB Nation 2015
Office 365 Security, Privacy and Compliance - SMB Nation 2015
 
Data security in a big data environment sweden
Data security in a big data environment swedenData security in a big data environment sweden
Data security in a big data environment sweden
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
 
Hackers, Cyber Crime and Espionage
Hackers, Cyber Crime and EspionageHackers, Cyber Crime and Espionage
Hackers, Cyber Crime and Espionage
 
User management - the next-gen of authentication meetup 27012022
User management - the next-gen of authentication meetup 27012022User management - the next-gen of authentication meetup 27012022
User management - the next-gen of authentication meetup 27012022
 
Information protection and compliance
Information protection and complianceInformation protection and compliance
Information protection and compliance
 
B2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanB2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam Levithan
 
Database auditing essentials
Database auditing essentialsDatabase auditing essentials
Database auditing essentials
 

More from Camilo Fandiño Gómez

IBM Security QFlow & Vflow
IBM Security QFlow & VflowIBM Security QFlow & Vflow
IBM Security QFlow & Vflow
Camilo Fandiño Gómez
 
Whitepaper IBM Qradar Security Intelligence
Whitepaper IBM Qradar Security IntelligenceWhitepaper IBM Qradar Security Intelligence
Whitepaper IBM Qradar Security Intelligence
Camilo Fandiño Gómez
 
IBM Security SaaS IaaS and PaaS
IBM Security SaaS IaaS and PaaSIBM Security SaaS IaaS and PaaS
IBM Security SaaS IaaS and PaaS
Camilo Fandiño Gómez
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
Camilo Fandiño Gómez
 
IBM Cloud Security Enforcer
IBM Cloud Security EnforcerIBM Cloud Security Enforcer
IBM Cloud Security Enforcer
Camilo Fandiño Gómez
 
IBM Security Strategy
IBM Security StrategyIBM Security Strategy
IBM Security Strategy
Camilo Fandiño Gómez
 
Conoce la Seguridad Cognitiva
Conoce la Seguridad CognitivaConoce la Seguridad Cognitiva
Conoce la Seguridad Cognitiva
Camilo Fandiño Gómez
 
Top 10 razones para no necesitar un MDM
Top 10 razones para no necesitar un MDMTop 10 razones para no necesitar un MDM
Top 10 razones para no necesitar un MDM
Camilo Fandiño Gómez
 
IBM Seguridad Móvil - Acompaña tu estrategia BYOD
IBM Seguridad Móvil - Acompaña tu estrategia BYODIBM Seguridad Móvil - Acompaña tu estrategia BYOD
IBM Seguridad Móvil - Acompaña tu estrategia BYOD
Camilo Fandiño Gómez
 

More from Camilo Fandiño Gómez (9)

IBM Security QFlow & Vflow
IBM Security QFlow & VflowIBM Security QFlow & Vflow
IBM Security QFlow & Vflow
 
Whitepaper IBM Qradar Security Intelligence
Whitepaper IBM Qradar Security IntelligenceWhitepaper IBM Qradar Security Intelligence
Whitepaper IBM Qradar Security Intelligence
 
IBM Security SaaS IaaS and PaaS
IBM Security SaaS IaaS and PaaSIBM Security SaaS IaaS and PaaS
IBM Security SaaS IaaS and PaaS
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
 
IBM Cloud Security Enforcer
IBM Cloud Security EnforcerIBM Cloud Security Enforcer
IBM Cloud Security Enforcer
 
IBM Security Strategy
IBM Security StrategyIBM Security Strategy
IBM Security Strategy
 
Conoce la Seguridad Cognitiva
Conoce la Seguridad CognitivaConoce la Seguridad Cognitiva
Conoce la Seguridad Cognitiva
 
Top 10 razones para no necesitar un MDM
Top 10 razones para no necesitar un MDMTop 10 razones para no necesitar un MDM
Top 10 razones para no necesitar un MDM
 
IBM Seguridad Móvil - Acompaña tu estrategia BYOD
IBM Seguridad Móvil - Acompaña tu estrategia BYODIBM Seguridad Móvil - Acompaña tu estrategia BYOD
IBM Seguridad Móvil - Acompaña tu estrategia BYOD
 

Recently uploaded

一比一原版(UniSA毕业证书)南澳大学毕业证如何办理
一比一原版(UniSA毕业证书)南澳大学毕业证如何办理一比一原版(UniSA毕业证书)南澳大学毕业证如何办理
一比一原版(UniSA毕业证书)南澳大学毕业证如何办理
slg6lamcq
 
一比一原版(CBU毕业证)卡普顿大学毕业证如何办理
一比一原版(CBU毕业证)卡普顿大学毕业证如何办理一比一原版(CBU毕业证)卡普顿大学毕业证如何办理
一比一原版(CBU毕业证)卡普顿大学毕业证如何办理
ahzuo
 
The affect of service quality and online reviews on customer loyalty in the E...
The affect of service quality and online reviews on customer loyalty in the E...The affect of service quality and online reviews on customer loyalty in the E...
The affect of service quality and online reviews on customer loyalty in the E...
jerlynmaetalle
 
原版制作(swinburne毕业证书)斯威本科技大学毕业证毕业完成信一模一样
原版制作(swinburne毕业证书)斯威本科技大学毕业证毕业完成信一模一样原版制作(swinburne毕业证书)斯威本科技大学毕业证毕业完成信一模一样
原版制作(swinburne毕业证书)斯威本科技大学毕业证毕业完成信一模一样
u86oixdj
 
一比一原版(Coventry毕业证书)考文垂大学毕业证如何办理
一比一原版(Coventry毕业证书)考文垂大学毕业证如何办理一比一原版(Coventry毕业证书)考文垂大学毕业证如何办理
一比一原版(Coventry毕业证书)考文垂大学毕业证如何办理
74nqk8xf
 
Learn SQL from basic queries to Advance queries
Learn SQL from basic queries to Advance queriesLearn SQL from basic queries to Advance queries
Learn SQL from basic queries to Advance queries
manishkhaire30
 
Everything you wanted to know about LIHTC
Everything you wanted to know about LIHTCEverything you wanted to know about LIHTC
Everything you wanted to know about LIHTC
Roger Valdez
 
做(mqu毕业证书)麦考瑞大学毕业证硕士文凭证书学费发票原版一模一样
做(mqu毕业证书)麦考瑞大学毕业证硕士文凭证书学费发票原版一模一样做(mqu毕业证书)麦考瑞大学毕业证硕士文凭证书学费发票原版一模一样
做(mqu毕业证书)麦考瑞大学毕业证硕士文凭证书学费发票原版一模一样
axoqas
 
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
Timothy Spann
 
一比一原版(Dalhousie毕业证书)达尔豪斯大学毕业证如何办理
一比一原版(Dalhousie毕业证书)达尔豪斯大学毕业证如何办理一比一原版(Dalhousie毕业证书)达尔豪斯大学毕业证如何办理
一比一原版(Dalhousie毕业证书)达尔豪斯大学毕业证如何办理
mzpolocfi
 
一比一原版(爱大毕业证书)爱丁堡大学毕业证如何办理
一比一原版(爱大毕业证书)爱丁堡大学毕业证如何办理一比一原版(爱大毕业证书)爱丁堡大学毕业证如何办理
一比一原版(爱大毕业证书)爱丁堡大学毕业证如何办理
g4dpvqap0
 
Nanandann Nilekani's ppt On India's .pdf
Nanandann Nilekani's ppt On India's .pdfNanandann Nilekani's ppt On India's .pdf
Nanandann Nilekani's ppt On India's .pdf
eddie19851
 
一比一原版(UofS毕业证书)萨省大学毕业证如何办理
一比一原版(UofS毕业证书)萨省大学毕业证如何办理一比一原版(UofS毕业证书)萨省大学毕业证如何办理
一比一原版(UofS毕业证书)萨省大学毕业证如何办理
v3tuleee
 
Ch03-Managing the Object-Oriented Information Systems Project a.pdf
Ch03-Managing the Object-Oriented Information Systems Project a.pdfCh03-Managing the Object-Oriented Information Systems Project a.pdf
Ch03-Managing the Object-Oriented Information Systems Project a.pdf
haila53
 
Analysis insight about a Flyball dog competition team's performance
Analysis insight about a Flyball dog competition team's performanceAnalysis insight about a Flyball dog competition team's performance
Analysis insight about a Flyball dog competition team's performance
roli9797
 
一比一原版(Deakin毕业证书)迪肯大学毕业证如何办理
一比一原版(Deakin毕业证书)迪肯大学毕业证如何办理一比一原版(Deakin毕业证书)迪肯大学毕业证如何办理
一比一原版(Deakin毕业证书)迪肯大学毕业证如何办理
oz8q3jxlp
 
Influence of Marketing Strategy and Market Competition on Business Plan
Influence of Marketing Strategy and Market Competition on Business PlanInfluence of Marketing Strategy and Market Competition on Business Plan
Influence of Marketing Strategy and Market Competition on Business Plan
jerlynmaetalle
 
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
Timothy Spann
 
办(uts毕业证书)悉尼科技大学毕业证学历证书原版一模一样
办(uts毕业证书)悉尼科技大学毕业证学历证书原版一模一样办(uts毕业证书)悉尼科技大学毕业证学历证书原版一模一样
办(uts毕业证书)悉尼科技大学毕业证学历证书原版一模一样
apvysm8
 
一比一原版(Bradford毕业证书)布拉德福德大学毕业证如何办理
一比一原版(Bradford毕业证书)布拉德福德大学毕业证如何办理一比一原版(Bradford毕业证书)布拉德福德大学毕业证如何办理
一比一原版(Bradford毕业证书)布拉德福德大学毕业证如何办理
mbawufebxi
 

Recently uploaded (20)

一比一原版(UniSA毕业证书)南澳大学毕业证如何办理
一比一原版(UniSA毕业证书)南澳大学毕业证如何办理一比一原版(UniSA毕业证书)南澳大学毕业证如何办理
一比一原版(UniSA毕业证书)南澳大学毕业证如何办理
 
一比一原版(CBU毕业证)卡普顿大学毕业证如何办理
一比一原版(CBU毕业证)卡普顿大学毕业证如何办理一比一原版(CBU毕业证)卡普顿大学毕业证如何办理
一比一原版(CBU毕业证)卡普顿大学毕业证如何办理
 
The affect of service quality and online reviews on customer loyalty in the E...
The affect of service quality and online reviews on customer loyalty in the E...The affect of service quality and online reviews on customer loyalty in the E...
The affect of service quality and online reviews on customer loyalty in the E...
 
原版制作(swinburne毕业证书)斯威本科技大学毕业证毕业完成信一模一样
原版制作(swinburne毕业证书)斯威本科技大学毕业证毕业完成信一模一样原版制作(swinburne毕业证书)斯威本科技大学毕业证毕业完成信一模一样
原版制作(swinburne毕业证书)斯威本科技大学毕业证毕业完成信一模一样
 
一比一原版(Coventry毕业证书)考文垂大学毕业证如何办理
一比一原版(Coventry毕业证书)考文垂大学毕业证如何办理一比一原版(Coventry毕业证书)考文垂大学毕业证如何办理
一比一原版(Coventry毕业证书)考文垂大学毕业证如何办理
 
Learn SQL from basic queries to Advance queries
Learn SQL from basic queries to Advance queriesLearn SQL from basic queries to Advance queries
Learn SQL from basic queries to Advance queries
 
Everything you wanted to know about LIHTC
Everything you wanted to know about LIHTCEverything you wanted to know about LIHTC
Everything you wanted to know about LIHTC
 
做(mqu毕业证书)麦考瑞大学毕业证硕士文凭证书学费发票原版一模一样
做(mqu毕业证书)麦考瑞大学毕业证硕士文凭证书学费发票原版一模一样做(mqu毕业证书)麦考瑞大学毕业证硕士文凭证书学费发票原版一模一样
做(mqu毕业证书)麦考瑞大学毕业证硕士文凭证书学费发票原版一模一样
 
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
 
一比一原版(Dalhousie毕业证书)达尔豪斯大学毕业证如何办理
一比一原版(Dalhousie毕业证书)达尔豪斯大学毕业证如何办理一比一原版(Dalhousie毕业证书)达尔豪斯大学毕业证如何办理
一比一原版(Dalhousie毕业证书)达尔豪斯大学毕业证如何办理
 
一比一原版(爱大毕业证书)爱丁堡大学毕业证如何办理
一比一原版(爱大毕业证书)爱丁堡大学毕业证如何办理一比一原版(爱大毕业证书)爱丁堡大学毕业证如何办理
一比一原版(爱大毕业证书)爱丁堡大学毕业证如何办理
 
Nanandann Nilekani's ppt On India's .pdf
Nanandann Nilekani's ppt On India's .pdfNanandann Nilekani's ppt On India's .pdf
Nanandann Nilekani's ppt On India's .pdf
 
一比一原版(UofS毕业证书)萨省大学毕业证如何办理
一比一原版(UofS毕业证书)萨省大学毕业证如何办理一比一原版(UofS毕业证书)萨省大学毕业证如何办理
一比一原版(UofS毕业证书)萨省大学毕业证如何办理
 
Ch03-Managing the Object-Oriented Information Systems Project a.pdf
Ch03-Managing the Object-Oriented Information Systems Project a.pdfCh03-Managing the Object-Oriented Information Systems Project a.pdf
Ch03-Managing the Object-Oriented Information Systems Project a.pdf
 
Analysis insight about a Flyball dog competition team's performance
Analysis insight about a Flyball dog competition team's performanceAnalysis insight about a Flyball dog competition team's performance
Analysis insight about a Flyball dog competition team's performance
 
一比一原版(Deakin毕业证书)迪肯大学毕业证如何办理
一比一原版(Deakin毕业证书)迪肯大学毕业证如何办理一比一原版(Deakin毕业证书)迪肯大学毕业证如何办理
一比一原版(Deakin毕业证书)迪肯大学毕业证如何办理
 
Influence of Marketing Strategy and Market Competition on Business Plan
Influence of Marketing Strategy and Market Competition on Business PlanInfluence of Marketing Strategy and Market Competition on Business Plan
Influence of Marketing Strategy and Market Competition on Business Plan
 
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
 
办(uts毕业证书)悉尼科技大学毕业证学历证书原版一模一样
办(uts毕业证书)悉尼科技大学毕业证学历证书原版一模一样办(uts毕业证书)悉尼科技大学毕业证学历证书原版一模一样
办(uts毕业证书)悉尼科技大学毕业证学历证书原版一模一样
 
一比一原版(Bradford毕业证书)布拉德福德大学毕业证如何办理
一比一原版(Bradford毕业证书)布拉德福德大学毕业证如何办理一比一原版(Bradford毕业证书)布拉德福德大学毕业证如何办理
一比一原版(Bradford毕业证书)布拉德福德大学毕业证如何办理
 

Guardium Data Activiy Monitor For C- Level Executives

  • 1. It’s All About the Data.. Guardium Data Activity Monitor
  • 2. 2 © 2015 IBM Corporation Three IT & Security Observations… • Mobile – 5,600,000,000 (2011) – 7,400,000,000 (2015) • Gartner projections • Cloud – $18.3 billion (2012) – $31.9 billion (2017) • www.analysysmason.com projections • Big Data – $11.59 billion (2012) – Over $47 billion (2017) • Wikibon
  • 3. 3 © 2015 IBM Corporation Perimeter Security is Not Enough Dynamic Data (in use) Static Data (at rest)
  • 4. 4 © 2015 IBM Corporation Sensitive data is at risk 70% of organizations surveyed use live customer data in non-production environments (testing, Q/A, development) Database Trends and Applications. Ensuring Protection for Sensitive Test Data The Ponemon Institute. The Insecurity of Test Data: The Unseen Crisis 52% of surveyed organizations outsource development 50% of organizations surveyed have no way of knowing if data used in test was compromised The Ponemon Institute. The Insecurity of Test Data: The Unseen Crisis $188 per record cost of a data breach The Ponemon Institute. 2013 Cost of Data Beach Study $5.4M Average cost of a data breach The Ponemon Institute. 2013 Cost of Data Beach Study
  • 5. 5 © 2015 IBM Corporation http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf?CMP=DMC-SMB_Z_ZZ_ZZ_Z_TV_N_Z038 Time span of events by percent of breaches Market Overview Minutes To Compromise, Months To Discover & Remediate Time span of events by percent of breaches
  • 6. 6 © 2015 IBM Corporation http://www.checkpoint.com/products/downloads/whitepapers/ponemon-cybercrime-2012.pdf Goals of Cyber Criminals and Types of Attacks
  • 7. 7 © 2015 IBM Corporation Background of Respondents • 47% work within companies with more than 1,000 employees • 63% report to CIO, CTO or IT Leader
  • 8. 8 © 2015 IBM Corporation Most Organizations Have Weak Controls  94% of breaches involved database servers  85% of victims were unaware of the compromise for weeks to months.  97% of data breaches were avoidable through simple or intermediate controls.  98% of data breaches stemmed from external agents  92% of victims were notified by 3rd parties of the breach.  96% of victims were not PCI DSS-compliant at the time of the breach. Source: 2012 Verizon Data Breach Investigations Report http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf Key findings:In 2011, 855 incidents reported 174 million compromised records Where is the new data store?
  • 9. 10 © 2015 IBM Corporation Data Security Vision • Protect data in any form, anywhere, from internal or external threats • Streamline regulation compliance process • Reduce operational costs around data protection Type of data PCI data SOX data Video Document Proprietary Data Data Classification Consumer Customers (anyone) Outsourced (3rd party) Employees (internal) Role-based (trusted) Data Consumers Channel Hosted applications Cloud applications Mobile Repository Databases DW/Hadoop Hadoop No-SQL File Shares Location On premise Private cloud Public cloud Managed Data Repository Encryption Tokenization Redaction Masking Storage Data at Rest Stored (Databases, File Servers, Big Data, Data Warehouses, Application Servers, Cloud/Virtual ..) Data in Motion Over Network (SQL, HTTP, SSH, FTP, email,. …) Data Discovery Activity Monitoring Real-time Alerting Dynamic Masking Blocking Activity Reporting
  • 10. 11 © 2015 IBM Corporation You need to understand the data in order to protect it Our philosophy: Value Is it used? How often? By who? Risk Sensitivity Exposure Volumes Lifecycle Production Test/Dev Archive Analysis Relevance How old is it? Is it still being used? Who owns the data? DATA
  • 11. 12 © 2015 IBM Corporation Investment 101 Higher RISK  possible higher returns In other words… we are willing to take risks if there is sufficient value behind it
  • 12. 13 © 2015 IBM Corporation Data Security 101 Value RiskFor the Business To the business Above the line High value data with low (or at least acceptable) risk levels Below the line Risk levels are too high given the business value of the data Low Value, High Risk Dormant table with sensitive data Low Value, Low Risk Temp table with no sensitive data High Value, High Risk Table with sensitive data that is used often by business application High Value, Low Risk Table with no sensitive data that is used often by an important business application DATA Need to understand the data in order to protect it Value
  • 13. 14 © 2015 IBM Corporation Discovery & Classification - What data is out there? - How sensitive is it? Activity Monitoring - How exposed is the data? - What data is being extracted? Vulnerability Assessment - How secure is the repository? - Is it fully patched? - Best practice configuration? Value to the Business Risk The Goal: Reduce the risk and get all data element above the ‘risk’ line How? 1. Determine the VALUE 2. Determine the RISK 3. Reduce the RISK Business Glossary Insights on how data is used by the business Activity Monitoring How often? What data? Integrations Who uses the data? Activity Monitoring - Alert/Block suspicious Activities - Prevent unauthorized access to data - Report and Review all data activities Vulnerability Assessment - Assessments & Remediation Steps - Configuration “lock down” - Purge dormant data Encryption - Encrypt data at rest Test Data Management - Declassify data on test/dev env. 1. Understand the VALUE 2. Determine the RISK 3. Reduce the RISK Understanding the Data – Value vs. Risk 1. Discover the DATA
  • 14. 15 © 2015 IBM Corporation Where is the sensitive data? How to prevent unauthorized activities? How to protect sensitive data to reduce risk? How to secure the repository? Discovery Classification Identity & Access Management Activity Monitoring Blocking Quarantine Masking Encryption Assessment Masking/Encryption Who should have access? What is actually happening? Discover Harden Monitor Block Mask Security Policies Dormant Entitlements Dormant Data Compliance Reporting & Security Alerts Data Protection & Enforcement How we do it?
  • 15. 16 © 2015 IBM Corporation Guardium Database Activity Monitor • Assure compliance with regulatory mandates • Protect against threats from legitimate users and potential hackers • Minimize operational costs through automated and centralized controls • Continuous, real-time database access and activity monitoring • Policy-based controls to detect unauthorized or suspicious activity • Prevention of data loss Data Access Protection and Compliance Made Simple Requirements Benefits Guardi um Monitor ProtectDiscover
  • 16. 17 © 2015 IBM Corporation 17 EmployeeTable SELECT Fine-Grained Policies with Real-Time Alerts Application Server 10.10.9.244 Database Server 10.10.9.56 Included with DAM Heterogeneous support including System z and IBM i data servers
  • 17. 18 © 2015 IBM Corporation Option #1 turn on the native logs…It’s free… Home grown solutions are costly and ineffective Create reports Manual review Manual remediation dispatch and tracking Native Database Logging • Pearl/UNIX Scripts/C++ • Scrape and parse the data • Move to central repository Native Hadoop Logging Native NoSQL Logging • High performance impact from native logging affecting application performance • Inconsistent policies enterprise-wide • Training and education on multiple products does not scale • Does not meet auditor requirements for Separation of Duties • Need additional controls to protect audit trail from authorized users • Significant labor cost to review data and maintain process • Is it really free?
  • 18. 19 © 2015 IBM Corporation InfoSphere Guardium Architecture – Same for Oracle, DB2, SQL Server, MySQL, Big Data & NoSQL!! • Intercept and copy transaction to appliance (low overhead on server) • Store audit/log information off application server • Audit information cannot be erased or tampered • Efficient audit architecture is needed for volume of information monitored • Granular real time alerting • Agent is required to monitor privilege users (local connections - shared memory, Name-Pipe, Bequeath) • Agent is required for advanced functionality (ie. blocking and masking) Collector Appliance Host-based Probes (S-TAPs) Data Repositories Audit records
  • 19. 20 © 2015 IBM Corporation Meta-Data (configuration) Dynamic Data (in motion) Static Data (at rest) ApplicationsDatabases ServersNetwork Security Mainframe Network Infrastructure Availability Performance Compliance/Security IT DBA Application Network IT DBA App Admin Network Admin Focused on the Infrastructure It’s all about the DATA IT DBA App Network Security Compliance CISO Classification Vulnerability Assessment Configuration Audit System Guardium VA Activity Monitoring Blocking / Masking Guardium DAM Encryption Data Mgmt (TDM/MDM) Redaction Optim & Guardium Encryption 1. High risk with complex environment 2. Need heterogeneous security controls on the data 3. Controls and compliance can be costly
  • 20. 21 © 2015 IBM Corporation Oracle Oracle Oracle Oracle DAM - Big Data Heterogeneous Support Big Data/No-SQL  BigInsights  Cloudera  MongoDB  CouchDB  Cassandra  GreenplumDB  HortonWorks DAM Netezza Teradata V8 Netezza Teradata BigInsights Cloudera V9 Netezza Teradata BigInsights Cloudera MongoDB CouchDB Cassandra GreenplumHD HortonWorks V9p50 Netezza Teradata BigInsights Cloudera MongoDB CouchDB Cassandra GreenplumHD HortonWorks V9.1 SAP/HANA GreenplumDB
  • 21. 22 © 2015 IBM Corporation Guardium DAM 1. Reduce risk & prevent data breaches – Mitigate external and internal threats 2. Ensure the integrity of sensitive data – Prevent unauthorized changes to data, data infrastructure, configuration files and logs 3. Reduce the cost of compliance – Automate and centralize controls while simplifying audit review processes 4. Enable businesses to take advantage of new technologies – Cloud, mobile & Big Data are changing the dynamics in the market today
  • 22. 23 © 2015 IBM Corporation Summary • IT infrastructure is changing and needs controls for mobile, cloud, and big data • Guardium is the leader in database and big data security • Heterogeneous support is a great asset to leverage across the infrastructure to reduce risk  Supports separation of duties  Integration with other security products  No additional training for multiple products
  • 23. 24 © 2015 IBM Corporation Thank You
  • 24. 25 © 2015 IBM Corporation Guardium: Real-Time Database Monitoring, Protection and Compliance “Do you need to …” • Address a failed audit around weak database controls? • Prevent unauthorized changes to financial data for SOX? • Monitor privileged users & enforce separation of duties? • Prevent a data breach (e.g., SQL injection attacks)? • Identify missing database patches & vulnerabilities? • Identify fraud (SAP, PeopleSoft, Oracle e-Business, etc.)? • Reduce the manual time & effort required for compliance (SOX, PCI, NIST, FISMA, EU DPD, ISO 27002, data privacy laws …)? Key Product Facts 1. Non-Invasive: Guardium continuously monitors all database activity in real-time, with negligible impact on performance and without requiring changes to applications or database configurations. 2. Heterogeneous: Supports all major DBMS and big data platforms 3. Reduces operational costs: By automating compliance reporting and oversight processes (< 6 months payback). 4. Scalable: For example, Dell has deployed Guardium to 1,000+ database servers in 10 data centers worldwide, to address SOX, PCI and SAS70. Guardium supports centralized policies via a multi-tier architecture, Web management console and a centralized, cross-DBMS audit repository. 5. Enforces Separation of Duties: Audit information is stored in a separate hardened appliance (or virtual appliance) so that insiders or hackers can’t “cover their tracks” by tampering with log information. The solution does not rely on native (DBMS- resident) audit logs that can easily be disabled by administrators, thereby supporting separation of duties. Database monitoring and compliance made simple Did you know? • 75% of breached records come from database servers • Guardium supports Oracle, SQL Server, DB2 UDB, DB2 for z/OS, DB2 for iSeries, Informix, Sybase, MySQL, Teradata, Big Data • Guardium clients include blue-chip companies worldwide such as 5 of the top 5 global banks, 2 of the top 3 retailers, and many more • #1 compliance driver is SOX (for protection of ERP/financial systems) followed by PCI (cardholder data) and data privacy • Guardium delivered an ROI of 239% and payback of 5.9 months for a F500 global company (Forrester case study) • Forrester rates Guardium #1 for Current Offering, Architecture and Product Strategy with “dominance in this space” • Typical enterprise deploy “project” then expand to corporate infrastructure to reduce risk and enhance controls • Typical contacts: Dirs. of Security, Compliance, or Risk; DBAs; Application Architects; SOX Proj. Mgrs; Infrastructure Mgrs. • Guardium complements other security controls by focusing exclusively on monitoring at the database and big data layers. • Reduces risk by providing security controls where you most sensitive data resides