SlideShare a Scribd company logo

IBM Immune System

L
Luke Kenny

The IBM Security immune system is a fully integrated approach that allows its components to grow and adapt within the infrastructure—working together to improve their effectiveness. So they can deliver intelligence, visibility and actionable insights across the entire system.

Technology
1 of 40
Download to read offline
The security immune system An integrated approach to protecting your organization Find out more
Why a security immune system makes sense now We’ve heard it time and again. When it comes to cyber security threats, no one is immune. No business, no government, no individual. In fact, the entire conversation has shifted from focusing on “if you’re attacked” to “how quickly you can respond.” And that’s not likely to change in the foreseeable future. So let’s think about the concept of immunity for a minute. As humans, we have finely tuned—and highly adaptive—immune systems ready to help us fight off all kinds of attacks that would otherwise threaten to destroy us. Made up of cells, tissues and organs that work together to defend us against attacks by “foreign” invaders, a healthy immune system can distinguish between the body’s own cells and those that don’t belong. It’s an intelligent, organized and efficient system that can instantly recognize an invader and take action to either block its entry or destroy it. But when we think about cyber security, we tend to see a diverse collection of point-product solutions— each designed with a specific target in mind. Imagine what would happen if our bodies functioned that way. The results could be deadly. That’s why IBM has developed an integrated and intelligent security immune system. Next
There will likely be 20.8 billion “connected things” by 20201 The average total cost of a data breach in 2015 was $4 million2 Unauthorized access accounted for 45 percent of security incidents in 20153 Click on any bar at left to navigate the IBM Security immune system story. Next Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM Integration and intelligence take the lead Over the years companies have responded to threats by backing up the security tool truck and unloading it on their IT environment. The expanding security arsenal of fragmented, disconnected point products has added complexity without significantly improving the overall security posture of the organization. The result? A bloated infrastructure that makes it more difficult to monitor the network as a whole, often leaving security teams to operate in the dark. It’s time to take a more holistic view of your security portfolio. The IBM Security immune system is a fully integrated approach that allows its components to grow and adapt within the infrastructure—working together to improve their effectiveness. So they can deliver intelligence, visibility and actionable insights across the entire system. And once the IBM Security immune system is fully engaged with your entire ecosystem—allowing collaboration across third-party vendors, technology providers and business partners—it can provide you with the intelligence you need to understand existing threats and adapt to new ones. Some organizations report they’re using as many as 85 security products—from more than 40 vendors—at once. Not surprisingly, as each tool is added, the costs associated with installing, configuring, managing, upgrading and patching continue to grow. And with the skills gap plaguing the industry, where the necessary expertise isn’t always available, it’s easy to see how more threats are continuing to generate more vendors, more tools—and more headaches. Next
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM Integration and intelligence take the lead Security Analytics Security Ecosystem Endpoint Threat Intelligence Network Mobile Cloud Advanced Fraud Data and Apps Identity and Access Endpoint patching and management Antivirus Malware protection Indicators of compromise IP reputation Threat sharing Incident and threat management Firewalls Sandboxing Virtual patching Network visibility Fraud protection Criminal detection Transaction protection Device management Content security Log, flow, data analysis Anomaly detection Vulnerability management Incident response Privileged identity management Entitlements and roles Access management Identity management Workload protection Cloud access security broker Data monitoring Data access control Application scanning Application security management Forensic analysis Cognitive security User behavior analytics The IBM Security immune system looks at a security portfolio in a more organized fashion—as an integrated framework of security capabilities that transmits and ingests vital security data to help gain visibility, understand and prioritize threats, and coordinate multiple layers of defense. At its core, the system uses security intelligence and analytics to automate policies and block threats—just as the human immune system can automatically assess and identify a virus, for example, and trigger an immune response. Next
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM Integrating security planning, response and readiness The IBM Security immune system delivers a full range of security solutions and services designed to address your organization’s specific needs across three key areas. Security Transformation Services Helps you optimize your security program to address modern-day risks Security Operations and Response Lets you orchestrate your defenses throughout the entire attack lifecycle Information Risk and Protection Allows you to keep your critical information protected while accelerating business Next
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM Security Transformation Services Helping to simplify your view of the big picture Security Transformation Services let your organization take a more proactive, preemptive and mature approach to security. So you can: • Access the right skills—with trusted security advisors, responders, testers, analysts and engineers—available 24x7x365 globally • Build strategy that accelerates new IT trends, including BYOD, cloud, mobile, social and IOT • Optimize security programs with technology that manages and protects against the latest threats • Reduce complexity and consolidate fragmented solutions into an integrated solution • Gain access to global threat intelligence for improved visibility into the threat lifecycle • Build protected and connected systems to reduce operating costs and complexity Next
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM Security Transformation Services Helping to simplify your view of the big picture Trusteer Mobile Cloud Security INFORMATION RISK AND PROTECTION BigFix X-Force ExchangeApp Exchange SECURITY OPERATIONS AND RESPONSE Guardium Key Manager AppScan MaaS360 Trusteer Pinpoint Trusteer Rapport QRadar Vulnerability Manager QRadar User Behavior Analytics QRadar SIEM QRadar Risk Manager Resilient Incident Response Privileged Identity Manager Cloud Identity Service zSecure Network Protection (XGS) QRadar Incident Forensics Identity Governance and Intelligence Trusteer Mobile Cloud Security INFORMATION RISKATI AND PROTECTIONOT BigFix X-Force Exchangep ExchangeApp SECURITY OPERATIONSSECURITY OPERATIONS AND RESPONSE Guardium Key Manager AppScan MaaS360 Trusteer Pinpoint Trusteer Rapport QRadar Vulnerability Managerrab QRadar User Behavior AnalyticsBe QRadar SIEM QRadar Risk Manager Resilient Incident Response Privileged Identity Manager Cloud Identity Service zSecure Network Protection (XGS) QRadar Incident Forensics Identity Governance and Intelligence SECURITY TRANSFORMATION SERVICES Management consulting l Systems integration l Managed security Next
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM Security Operations and Response Orchestrate your defenses throughout the entire attack lifecycle Criminals are relentless. Hoping you aren’t a target is not enough to keep the bad guys out— especially because they may already be inside your organization. And relying on perimeter solutions, periodic scans and compliance-driven methods won’t keep you ahead of the threat. The Security Operations and Response platform offers an integrated, end-to-end approach to safeguarding your systems. That means you can prevent, detect and respond to threats in an intelligent, orchestrated and automated manner. It’s an approach that lets you: • Continuously stop attacks and remediate vulnerabilities • Take advantage of cognitive analytics to sense, discover and prioritize unknown threats • Respond to incidents quickly and effectively, using deep threat intelligence provided by the IBM X-Force® Research team—and their massive threat databases—to hunt for indicators Next
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM Security Operations and Response Orchestrate your defenses throughout the entire attack lifecycle Privileged Identity Manager Cloud Identity Service zSecure Identity Governance and Intelligence Cloud Security MaaS360 Trusteer Pinpoint Trusteer Mobile Trusteer Rapport Guardium Key Manager AppScan SECURITY TRANSFORMATION SERVICES Management consulting l Systems integration l Managed security INFORMATION RISK AND PROTECTION Privileged Identity Manager Cloud Identity Service zSecure Identity Governance and Intelligence Cloud Security MaaS360 Trusteer Pinpoint Trusteer Mobile Trusteer Rapport Guardium Key Manager AppScan SECURITY TRANSFORMATION SERVICES Manageement consulting l Systems integration l securityManaged s INFORMATION RISKATI AND PROTECTIONOT SECURITY OPERATIONS AND RESPONSE QRadar Vulnerability Manager QRadar User Behavior Analytics QRadar SIEM QRadar Risk Manager Resilient Incident Response X-Force ExchangeX-Force Exchange BigFix Network Protection (XGS) QRadar Incident Forensics App Exchange Next
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM Information Risk and Protection Keep your critical information protected while accelerating business Cloud and mobile computing, social media, big data and IOT are just a few of the innovations making dramatic changes to the business landscape. The result is more connectivity across users, apps, data and transactions than ever before. And that means more security issues for everyone involved. The solutions and services that comprise the Information Risk and Protection domain can help protect your information while keeping your employees productive. They’re designed to help safeguard critical data, users, apps and transactions wherever they live—in the cloud, on mobile devices or on local servers and media. They allow you to: • Identify business risks—such as abnormal insider activity, rogue cloud app usage or web fraud—with identity analytics and real-time alerts • Gain control of users, access and development, using identity governance and intelligence, app and data protection, DevOps security and mobile security • Safeguard interactions with adaptive access and web app protection, identity federation to and from the cloud, data compliance and secure mobile collaboration Next
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM Information Risk and Protection Keep your critical information protected while accelerating business App Exchange QRadar Vulnerability Manager QRadar User Behavior Analytics QRadar SIEM QRadar Risk Manager Resilient Incident Response Network Protection (XGS) QRadar Incident Forensics SECURITY TRANSFORMATION SERVICES Management consulting l Systems integration l Managed security BigFix X-Force Exchange SECURITY OPERATIONS AND RESPONSE p ExchangeApp QRadar Vulnerability Managerrab QRadar User Behavior AnalyticsBe QRadar SIEMS QRadar Risk Manager Resilient Incident Respponse Network Protection (XGS) QRadar Incident Forensics SECURITY TRANSFORMATION SERVICES Manageement consulting l Systems integration l securityManaged s BigFix X-Force Exchange SECURITY OPERATIONSSECURITY OPERATIONS AND RESPONSE Cloud Security INFORMATION RISK AND PROTECTION Guardium Key Manager AppScan MaaS360 Trusteer Pinpoint Trusteer Rapport Trusteer Mobile Privileged Identity Manager Cloud Identity Service zSecure Identity Governance and Intelligence Next
How it works: Four use cases tell the story Every organization faces its own security challenges. The following use cases offer a brief glimpse into how the IBM Security immune system would help four companies identify and respond to those challenges. The failed compliance audit The drive-by download The insider threat The potential for fraud Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM Next
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The failed compliance audit Like most large organizations around the world today, Company A works hard to stay on top of an expanding—and ever-changing—security compliance environment. But despite the company’s best efforts, it has failed a recent regulator-led audit and was found to be noncompliant with a set of newly released rules. The incident results in a fine and considerable reputational damage. This is where elements of the Security Transformation Services domain come into play. See how the story unfolds... Next Gap assessment Ongoing monitoring Continuous improvement Remediation 1 32 4 See the big picture 5
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The failed compliance audit Like most large organizations around the world today, Company A works hard to stay on top of an expanding—and ever-changing—security compliance environment. But despite the company’s best efforts, it has failed a recent regulator-led audit and was found to be noncompliant with a set of newly released rules. The incident results in a fine and considerable reputational damage. This is where elements of the Security Transformation Services domain come into play. Ongoing monitoring Continuous improvement Remediation 32 4 See the big picture 5 1 Gap assessment The failure also triggers an automatic security immune system response, which calls upon IBM Security Strategy, Risk and Compliance Services to help evaluate the audit findings—along with Company A’s IT risk management framework, metrics and risk objectives. In addition, Security Framework and Risk Assessment from IBM provides Company A with a list of existing gaps—prioritized according to business impact—and a set of recommended solutions for addressing any potential regulatory compliance gaps. Company A also receives a proposal for updated security education and training to help head off future audit issues. Next
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM Gap assessment Ongoing monitoring Continuous improvement 1 3 4 See the big picture 5 A case in point: The failed compliance audit Like most large organizations around the world today, Company A works hard to stay on top of an expanding—and ever-changing—security compliance environment. But despite the company’s best efforts, it has failed a recent regulator-led audit and was found to be noncompliant with a set of newly released rules. The incident results in a fine and considerable reputational damage. This is where elements of the Security Transformation Services domain come into play. 2 Remediation Deployment and Migration Services from IBM allow Company A to implement the necessary risk management solutions and align its governance practices. Remediation measures also establish new metrics to allow for better visibility into the effectiveness of the company’s controls. Next
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The failed compliance audit Like most large organizations around the world today, Company A works hard to stay on top of an expanding—and ever-changing—security compliance environment. But despite the company’s best efforts, it has failed a recent regulator-led audit and was found to be noncompliant with a set of newly released rules. The incident results in a fine and considerable reputational damage. This is where elements of the Security Transformation Services domain come into play. Gap assessment Continuous improvement Remediation 1 2 4 See the big picture 5 3 Ongoing monitoring Once new metrics are established, IBM Automated IT Risk Management Services allow Company A to automatically monitor those metrics. It’s a cost- effective solution that can align multiple aspects of the company’s security program, offering increased visibility into control and compliance gaps and facilitating quick resolution. Next
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The failed compliance audit Like most large organizations around the world today, Company A works hard to stay on top of an expanding—and ever-changing—security compliance environment. But despite the company’s best efforts, it has failed a recent regulator-led audit and was found to be noncompliant with a set of newly released rules. The incident results in a fine and considerable reputational damage. This is where elements of the Security Transformation Services domain come into play. Gap assessment Ongoing monitoring Remediation 1 32 See the big picture 5 4 Continuous improvement With help from IBM Security Strategy and Planning Services and IBM Security Architecture and Program Design Services, Company A can ensure that the key components of its compliance management efforts will be continuously evaluated and improved, allowing for ongoing compliance monitoring over the months and years to come. Next
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM Here’s how the IBM Security immune system would call upon specific solutions to address the issues raised in the case of the failed compliance audit. A case in point: The failed compliance audit Trusteer Mobile Cloud Security INFORMATION RISK AND PROTECTION X-Force ExchangeApp Exchange SECURITY OPERATIONS AND RESPONSE Guardium Key Manager AppScan MaaS360 Trusteer Pinpoint Trusteer Rapport BigFix QRadar Vulnerability Manager QRadar User Behavior Analytics QRadar SIEM QRadar Risk Manager Resilient Incident Response Privileged Identity Manager Cloud Identity Service zSecure Network Protection (XGS) QRadar Incident Forensics Identity Governance and Intelligence Trusteer Mobile Cloud Security INFORMATION RISKATI AND PROTECTIONOT X-Force Exchangep ExchangeApp SECURITY OPERATIONSSECURITY OPERATIONS AND RESPONSE Guardium Key Manager AppScan MaaS360 Trusteer Pinpoint Trusteer Rapport BigFix QRadar Vulnerability Managerrab QRadar User Behavior AnalyticsBe QRadar SIEMS QRadar Risk Manager Resilient Incident Response Privileged Identity Manager Cloud Identity Service zSecure Network Protection (XGS) QRadar Incident Forensics Identity Governance and Intelligence SECURITY TRANSFORMATION SERVICES Management consulting l Systems integration l Managed security Security Framework and Risk Assessment Deployment and Migration Services Strategy and Planning Services Architecture and Program Design Automated IT Risk Management Services Next
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The drive-by download There are countless ways in which determined attackers might go about getting into your systems without your knowledge. It happens all the time. Just check today’s headlines for details on the latest high-profile break-in or data breach. Here’s an example of how one such attack might be played out—and how several Security Operations and Response solutions can help disrupt the attack chain in real time. Here’s how it all begins... Next The break-in The expansion The details in the data The connection The cutoff 1 2 3 4 5 See the big picture 6
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The drive-by download There are countless ways in which determined attackers might go about getting into your systems without your knowledge. It happens all the time. Just check today’s headlines for details on the latest high-profile break-in or data breach. Here’s an example of how one such attack might be played out—and how several Security Operations and Response solutions can help disrupt the attack chain in real time. The expansion The details in the data The connection The cutoff 2 3 4 5 See the big picture 6 1 The break-in One of Company B’s account executives is in a taxi, on his way to the airport for a trip to a customer site. Stuck in traffic, he pulls out his laptop, checks the company’s intranet for some project details and sends out a few emails. What he doesn’t know is that he triggered an attack via drive-by download. And because he’s almost always on the road, he hasn’t had much contact with the company’s IT security team. So his laptop may not have been updated with the latest patches. IBM BigFix would allow Company B’s IT security team to discover unmanaged endpoints (such as this employee’s laptop) and get real-time visibility into all its endpoints to identify vulnerabilities and those endpoints that are noncompliant. ® Next
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM 1 A case in point: The drive-by download There are countless ways in which determined attackers might go about getting into your systems without your knowledge. It happens all the time. Just check today’s headlines for details on the latest high-profile break-in or data breach. Here’s an example of how one such attack might be played out—and how several Security Operations and Response solutions can help disrupt the attack chain in real time. 4The break-in The expansion The details in the data The cutoff 1 3 4 5 See the big picture 6 2 The connection As it turns out, Company B’s account executive had indeed missed getting the latest patches installed on his laptop. By the time he reaches the airport, the download has already latched onto the company’s network and infects its internal system as part of a botnet. With IBM Security Network Protection (XGS), Company B would be able to gain visibility into the network traffic and actively block communication with the botnet’s command and control server, based on intelligence provided by IBM X-Force Exchange. It can also effectively block zero-day exploit traffic and then send those traffic flows to IBM QRadar Security Information and Event Management (SIEM) for anomaly detection. ® Next
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The drive-by download There are countless ways in which determined attackers might go about getting into your systems without your knowledge. It happens all the time. Just check today’s headlines for details on the latest high-profile break-in or data breach. Here’s an example of how one such attack might be played out—and how several Security Operations and Response solutions can help disrupt the attack chain in real time. The break-in The details in the data The connection The cutoff 1 2 4 5 See the big picture 6 3 The expansion Without those safeguards in place, however, Company B unwittingly allows the attack to continue, targeting internal email sent to high-profile employees. At this point, QRadar SIEM could still help halt the attack by correlating network traffic flows and security events from other security controls—and external intelligence on active botnets from IBM X-Force Exchange—into a list of priority offenses. Next
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The drive-by download There are countless ways in which determined attackers might go about getting into your systems without your knowledge. It happens all the time. Just check today’s headlines for details on the latest high-profile break-in or data breach. Here’s an example of how one such attack might be played out—and how several Security Operations and Response solutions can help disrupt the attack chain in real time. The break-in The expansion The connection The cutoff 1 2 3 5 See the big picture 6 4 The details in the data The attackers soon come within striking distance, gaining the authorization needed to access Company B’s resources. QRadar Incident Forensics would now be able to reconstruct abnormal user and database activity from the associated network packet data. This would allow investigators to discover less obvious data connections and previously hidden relationships across multiple IDs. Next
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The drive-by download There are countless ways in which determined attackers might go about getting into your systems without your knowledge. It happens all the time. Just check today’s headlines for details on the latest high-profile break-in or data breach. Here’s an example of how one such attack might be played out—and how several Security Operations and Response solutions can help disrupt the attack chain in real time. The break-in The expansion The details in the data The connection 1 2 3 4 See the big picture 6 5 TM The cutoff If the attackers manage to reach the point of siphoning out Company B’s data, the IBM Resilient Incident Response Platform could help the company’s security team analyze, respond, resolve and mitigate the incident as quickly as possible. So they could take action to prevent or mitigate the damage inflicted by the attack. ® Next
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The drive-by download Here’s how the IBM Security immune system would call upon specific solutions to address the issues raised in the case of the drive-by download. QRadar User Behavior Analytics Privileged Identity Manager Cloud Identity Service zSecure Identity Governance and Intelligence QRadar Vulnerability Manager QRadar Risk Manager SECURITY TRANSFORMATION SERVICES Management consulting l Systems integration l Managed security Trusteer Mobile Cloud Security INFORMATION RISK AND PROTECTION App Exchange Guardium Key Manager AppScan MaaS360 Trusteer Pinpoint Trusteer Rapport QRadar User Behavior AnalyticsBe Privileged Identity Manager Cloud Identity Service zSecure Identity Governance and Intelligence QRadar Vulnerability Managerrab QRadar Risk Manager SECURITY TRANSFORMATION SERVICES Manageement consulting l Systems integration l securityManaged s Trusteer Mobile Cloud Security INFORMATION RISKATI AND PROTECTIONOT p ExchangeApp Guardium Key Manager AppScan MaaS360 Trusteer Pinpoint Trusteer Rapport QRadar SIEM BigFix SECURITY OPERATIONS AND RESPONSE Network Protection (XGS) QRadar Incident Forensics Resilient Incident Response X-Force Exchange Next
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The insider threat Company C is aware that in 2015, 60 percent of attacks were carried out by insiders, either ones with malicious intent or inadvertent actors.4 In other words, those attacks were instigated or initiated by people you would likely trust with access to your company’s assets—including hard copy documents, disks, electronic files and laptops. Insiders could be employees of the company, or business partners, clients or even maintenance contractors. Here’s an example of how Information Risk and Protection solutions help thwart insider threats. Follow the process... Next Privileged identity management Security intelligence and analytics Identity governance Activity monitoring 1 2 3 4 See the big picture 5
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The insider threat Company C is aware that in 2015, 60 percent of attacks were carried out by insiders, either ones with malicious intent or inadvertent actors.4 In other words, those attacks were instigated or initiated by people you would likely trust with access to your company’s assets—including hard copy documents, disks, electronic files and laptops. Insiders could be employees of the company, or business partners, clients or even maintenance contractors. Here’s an example of how Information Risk and Protection solutions help thwart insider threats. Security intelligence and analytics Identity governance Activity monitoring 2 3 4 See the big picture 5 1 Privileged identity management With multiple locations in both urban and suburban settings, Company C employs a large number of individuals—including part-time hourly workers and several levels of management personnel. In addition, there are often teams of contractors brought in to work on special projects. The one thing they all have in common? A need for ongoing access to the company’s systems and data. That’s why the company uses IBM Security Privileged Identity Manager to help prevent advanced insider threats. It provides a centralized approach to managing access to privileged accounts, allowing users to “check out” these accounts when they need access to sensitive systems. Each of these special sessions is automatically recorded, providing an audit trail and helping to ensure that privileged access is not misused. In addition, the company relies on IBM Security Guardium to cross-reference that information as it audits user access to data that’s either at rest or in motion. ® Next
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The insider threat Company C is aware that in 2015, 60 percent of attacks were carried out by insiders, either ones with malicious intent or inadvertent actors.4 In other words, those attacks were instigated or initiated by people you would likely trust with access to your company’s assets—including hard copy documents, disks, electronic files and laptops. Insiders could be employees of the company, or business partners, clients or even maintenance contractors. Here’s an example of how Information Risk and Protection solutions help thwart insider threats. Privileged identity management Security intelligence and analytics Identity governance 1 3 4 See the big picture 5 2 Activity monitoring While monitoring and auditing privileged user access, Guardium can also identify abnormal or suspicious behavior and block illicit data and file access with real-time response. One day the system observes that several large files have been downloaded onto a thumb drive by one of Company C’s part-time employees. Because the system recognizes that action as unusual activity— given the employee’s responsibilities—it issues an alert flagging that behavior. Or it could deny access to the data in question. Company C might also take advantage of IBM QRadar User Behavior Analytics to gain early visibility into related insider threats by analyzing other employees’ usage patterns to determine if their credentials or systems have been compromised. It can identify users by name, add suspects to a watch list or drill down into underlying log and flow data. What’s more, Guardium can share any illicit activity it finds to help QRadar User Behavior Analytics fine-tune its analytics, and then go on to share any anomalous activity it finds with Guardium.Next
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The insider threat Company C is aware that in 2015, 60 percent of attacks were carried out by insiders, either ones with malicious intent or inadvertent actors.4 In other words, those attacks were instigated or initiated by people you would likely trust with access to your company’s assets—including hard copy documents, disks, electronic files and laptops. Insiders could be employees of the company, or business partners, clients or even maintenance contractors. Here’s an example of how Information Risk and Protection solutions help thwart insider threats. Privileged identity management Identity governance Activity monitoring 1 2 4 See the big picture 5 3 Security intelligence and analytics Taking matters a step further, QRadar SIEM can help Company C pull together a clearer picture of potential problems by using analytics to correlate Privileged Identity Manager credentials with Guardium activities—to detect anomalies and trigger alerts. And IBM MaaS360 lets the company manage and safeguard its mobile devices, applications and content—while maintaining data security and personal privacy. ® Next
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The insider threat Company C is aware that in 2015, 60 percent of attacks were carried out by insiders, either ones with malicious intent or inadvertent actors.4 In other words, those attacks were instigated or initiated by people you would likely trust with access to your company’s assets—including hard copy documents, disks, electronic files and laptops. Insiders could be employees of the company, or business partners, clients or even maintenance contractors. Here’s an example of how Information Risk and Protection solutions help thwart insider threats. Privileged identity management Security intelligence and analytics Activity monitoring 1 2 3 See the big picture 5 4 Identity governance IBM Security Identity Governance and Intelligence lets Company C’s IT managers and auditors govern insider access and ensure regulatory compliance across the organization. It helps the company mitigate access risks and access policy violations by combining intelligence-driven, business-driven identity governance with end-to-end user lifecycle management. What’s more, it checks for segregation of duties violations and runs access certification campaigns to help ensure the validity of privileged access rights. Next
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM Here’s how the IBM Security immune system would call upon specific solutions to address the issues raised in the case of the insider threat. A case in point: The insider threat SECURITY TRANSFORMATION SERVICES Management consulting l Systems integration l Managed security QRadar Vulnerability Manager QRadar Risk Manager Resilient Incident Response Trusteer Mobile Cloud Security X-Force ExchangeApp Exchange SECURITY OPERATIONS AND RESPONSE Key Manager AppScan Trusteer Pinpoint Trusteer Rapport BigFix Cloud Identity Service zSecure Network Protection (XGS) QRadar Incident Forensics SECURITY TRANSFORMATION SERVICES Manageement consulting l Systems integration l securityManaged s QRadar Vulnerability Managerrab QRadar Risk Manager Resilient Incident Response Trusteer Mobile Cloud Security X-Force Exchangep ExchangeApp SECURITY OPERATIONSSECURITY OPERATIONS AND RESPONSE Key Manager AppScan Trusteer Pinpoint Trusteer Rapport BigFix Cloud Identity Service zSecure Network Protection (XGS) QRadar Incident Forensics QRadar SIEM INFORMATION RISK AND PROTECTION Privileged Identity Manager Identity Governance and Intelligence MaaS360 Guardium QRadar User Behavior Analytics Next
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The potential for fraud Most companies would find it difficult to discuss IT security without talking about fraud. And that’s especially true for financial services organizations. Company D is engaged in the consumer side of the financial services business, where it’s important to recognize that some of the very conveniences that banks now routinely offer customers—including automated teller machines, credit cards and mobile banking apps—have introduced a level of accessibility that goes a long way toward making the financial system highly vulnerable to cyber attacks. But Information Risk and Protection solutions can help significantly reduce the risk of fraud—without complicating the user experience. Learn what happens behind the scenes... Logging in Exercising necessary caution Protecting customers from fraud 1 2 3 See the big picture 4 Next
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM 1 Exercising necessary caution Protecting customers from fraud 2 3 See the big picture 4 A case in point: The potential for fraud Most companies would find it difficult to discuss IT security without talking about fraud. And that’s especially true for financial services organizations. Company D is engaged in the consumer side of the financial services business, where it’s important to recognize that some of the very conveniences that banks now routinely offer customers—including automated teller machines, credit cards and mobile banking apps—have introduced a level of accessibility that goes a long way toward making the financial system highly vulnerable to cyber attacks. But Information Risk and Protection solutions can help significantly reduce the risk of fraud—without complicating the user experience. Logging in Laura M. is a Company D customer who wants to move money from one of her accounts to another via mobile phone. It takes just a few seconds for her to log in, using her online ID and security code. But in those few seconds, IBM Security Access Manager (ISAM) is validating Laura’s password, determining her location, making note of the date and time, and identifying the IP address for the device she’s using. Doing so helps Company D block fraudulent and high-risk transactions by analyzing user information and correlating user behavior and device attributes in real time—so it can determine whether Laura is who she says she is. Next
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The potential for fraud Most companies would find it difficult to discuss IT security without talking about fraud. And that’s especially true for financial services organizations. Company D is engaged in the consumer side of the financial services business, where it’s important to recognize that some of the very conveniences that banks now routinely offer customers—including automated teller machines, credit cards and mobile banking apps—have introduced a level of accessibility that goes a long way toward making the financial system highly vulnerable to cyber attacks. But Information Risk and Protection solutions can help significantly reduce the risk of fraud—without complicating the user experience. Logging in Exercising necessary caution 1 3 See the big picture 4 2 ® Protecting customers from fraud Next, IBM Trusteer solutions help figure out whether Laura is a true customer or a fraudster—by determining whether the device she’s using is valid, analyzing her behavior and helping to verify that neither her credentials nor her phone have been compromised. Trusteer also notes that Laura isn’t just checking her account balance, but wants to transfer funds from one account to another. If it finds any evidence to suspect that it’s dealing with a fraudster, it can restrict functionality based on bank policies, without alerting him or her that they’ve been detected. All this happens behind the scenes—in seconds—without giving Laura any reason to know or care about what’s going on. Next
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The potential for fraud Most companies would find it difficult to discuss IT security without talking about fraud. And that’s especially true for financial services organizations. Company D is engaged in the consumer side of the financial services business, where it’s important to recognize that some of the very conveniences that banks now routinely offer customers—including automated teller machines, credit cards and mobile banking apps—have introduced a level of accessibility that goes a long way toward making the financial system highly vulnerable to cyber attacks. But Information Risk and Protection solutions can help significantly reduce the risk of fraud—without complicating the user experience. Logging in Protecting customers from fraud 1 2 See the big picture 4 3 Exercising necessary caution Of course there are certain circumstances under which Laura’s actions might be subject to additional scrutiny to help protect both the bank and herself. For example, ISAM could move to enforce additional rules, asking Laura to perform a second authentication step (such as getting a second password) if she wanted to transfer over $10,000. And if she wanted to transfer millions of dollars, even multi-step authentication would likely be insufficient. She would instead be told to visit the bank in person. Next
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM Here’s how the IBM Security immune system would call upon specific solutions to address the issues raised in the case of potential fraud. A case in point: The potential for fraud SECURITY TRANSFORMATION SERVICES Management consulting l Systems integration l Managed security Cloud Security X-Force ExchangeApp Exchange SECURITY OPERATIONS AND RESPONSE Guardium Key Manager AppScan MaaS360 BigFix QRadar Vulnerability Manager QRadar User Behavior Analytics QRadar SIEM QRadar Risk Manager Resilient Incident Response Privileged Identity Manager Cloud Identity Service zSecure Network Protection (XGS) QRadar Incident Forensics SECURITY TRANSFORMATION SERVICES Manageement consulting l Systems integration l securityManaged s Cloud Security X-Force Exchangep ExchangeApp SECURITY OPERATIONSSECURITY OPERATIONS AND RESPONSE Guardium Key Manager AppScan MaaS360 BigFix QRadar Vulnerability Managerrab QRadar User Behavior AnalyticsBe QRadar SIEMS QRadar Risk Manager Resilient Incident Response Privileged Identity Manager Cloud Identity Service zSecure Network Protection (XGS) QRadar Incident Forensics INFORMATION RISK AND PROTECTION Trusteer Mobile Trusteer Pinpoint Trusteer Rapport Identity Governance and Intelligence Next
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM Why IBM Today’s threats continue to rise in numbers and scale, as sophisticated attackers break through conventional safeguards every day. The demand for leaked data is trending toward higher-value records containing personally identifiable information and other highly sensitive data, with less emphasis on the emails, passwords and even credit card data that were the targets of years past.5 And hardly a week goes by when the media isn’t reporting that yet another prominent organization has fallen victim to a data breach, costing many millions of dollars. In fact, the average cost of a data breach is now $4 million. That’s a 29 percent increase since 2013.6 A piecemeal approach to security simply will not work. It’s time to move beyond methods that assemble defenses for specific needs but lack the integration to extend security across enterprise assets and vulnerabilities. It’s time for a comprehensive, integrated security immune system that delivers leading technology, best practices and flexibility. To protect your valuable resources, you need a system that relies on today’s intelligence, not yesterday’s narrow definition of known threats. When you partner with IBM, you gain access to a security team of 7,500 people supporting more than 12,000 customers in 133 countries. As a proven leader in enterprise security, we hold more than 3,500 security patents. And by combining the security immune system with advanced cognitive computing, we let organizations like yours continue to innovate while reducing risk. So you can continue to grow your business—while securing your most critical data and processes. For more information To learn more about the IBM Security portfolio of solutions, please contact your IBM representative or IBM Business Partner, or visit: ibm.com/security Additionally, IBM Global Financing offers numerous payment options to help you acquire the technology you need to grow your business. We provide full lifecycle management of IT products and services, from acquisition to disposition. For more information, visit: ibm.com/financing Appendix LegalNext
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM Appendix Click on the links below for more information on the following IBM products and services mentioned in this brochure: IBM Security Strategy, Risk and Compliance Services Security Framework and Risk Assessment from IBM Deployment and Migration Services from IBM IBM Automated IT Risk Management Services IBM Security Strategy and Planning Services IBM Security Architecture and Program Design Services IBM BigFix IBM Security Network Protection (XGS) IBM QRadar Security Information and Event Management IBM X-Force Exchange IBM QRadar Incident Forensics IBM Resilient Incident Response Platform Standard IBM Resilient Incident Response Platform Enterprise IBM Security Privileged Identity Manager IBM Security Guardium IBM QRadar User Behavior Analytics IBM MaaS360 IBM Security Identity Governance and Intelligence IBM Security Access Manager (ISAM) IBM Trusteer Solutions Next Legal
Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM © Copyright IBM Corporation 2016 IBM Security Route 100 Somers, NY 10589 Produced in the United States of America October 2016 IBM, the IBM logo, ibm.com, BigFix, Guardium, Maas360, QRadar, Resilient Incident Response Platform, Trusteer, X-Force and zSecure are trademarks or registered trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the web at “Copyright and trademark information” at ibm.com/legal/copytrade.shtml This document is current as of the initial date of publication and may be changed by IBM at any time. Not all offerings are available in every country in which IBM operates. THE INFORMATION IN THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING WITHOUT ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OR CONDITION OF NON-INFRINGEMENT. IBM products are warranted according to the terms and conditions of the agreements under which they are provided. The client is responsible for ensuring compliance with laws and regulations applicable to it. IBM does not provide legal advice or represent or warrant that its services or products will ensure that the client is in compliance with any law or regulation. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. 1 Gartner Press Release, Gartner Says 6.4 Billion Connected “Things” Will Be in Use in 2016, Up 30 Percent From 2015, November 10, 2015. ² Ponemon, Key findings from the 2016 Cost of Data Breach Study: Global Analysis, June 2016. 3,4 Reviewing IBM a year of serious data breaches, major attacks and new vulnerabilities, April 2016. 5 IBM X-Force Threat Intelligence Report – 2016. 6 Ponemon, Key findings, 2016. SEB03029-USEN-00

Recommended

IBM Security Strategy
IBM Security StrategyIBM Security Strategy
IBM Security StrategyCamilo Fandiño Gómez
 
An Integrated, Intelligent Approach to Security
An Integrated, Intelligent Approach to SecurityAn Integrated, Intelligent Approach to Security
An Integrated, Intelligent Approach to SecurityGerard McNamee
 
IBM Security Immune System
IBM Security Immune SystemIBM Security Immune System
IBM Security Immune SystemJuan Pablo Coelho
 
SBIC Enterprise Information Security Strategic Technologies
SBIC Enterprise Information Security Strategic TechnologiesSBIC Enterprise Information Security Strategic Technologies
SBIC Enterprise Information Security Strategic TechnologiesEMC
 
Avoiding The Seven Deadly Sins of IT
Avoiding The Seven Deadly Sins of ITAvoiding The Seven Deadly Sins of IT
Avoiding The Seven Deadly Sins of ITEnvision Technology Advisors
 
Ibm security products portfolio
Ibm security products portfolioIbm security products portfolio
Ibm security products portfolioPatrick Bouillaud
 
IBM Security Software Solutions - One Pager
IBM Security Software Solutions - One PagerIBM Security Software Solutions - One Pager
IBM Security Software Solutions - One PagerThierry Matusiak
 
IBM Security Software Solutions
IBM Security Software Solutions IBM Security Software Solutions
IBM Security Software Solutions Thierry Matusiak
 

Recommended

IBM Security Strategy
IBM Security StrategyIBM Security Strategy
IBM Security StrategyCamilo Fandiño Gómez
 
An Integrated, Intelligent Approach to Security
An Integrated, Intelligent Approach to SecurityAn Integrated, Intelligent Approach to Security
An Integrated, Intelligent Approach to SecurityGerard McNamee
 
IBM Security Immune System
IBM Security Immune SystemIBM Security Immune System
IBM Security Immune SystemJuan Pablo Coelho
 
SBIC Enterprise Information Security Strategic Technologies
SBIC Enterprise Information Security Strategic TechnologiesSBIC Enterprise Information Security Strategic Technologies
SBIC Enterprise Information Security Strategic TechnologiesEMC
 
Avoiding The Seven Deadly Sins of IT
Avoiding The Seven Deadly Sins of ITAvoiding The Seven Deadly Sins of IT
Avoiding The Seven Deadly Sins of ITEnvision Technology Advisors
 
Ibm security products portfolio
Ibm security products portfolioIbm security products portfolio
Ibm security products portfolioPatrick Bouillaud
 
IBM Security Software Solutions - One Pager
IBM Security Software Solutions - One PagerIBM Security Software Solutions - One Pager
IBM Security Software Solutions - One PagerThierry Matusiak
 
IBM Security Software Solutions
IBM Security Software Solutions IBM Security Software Solutions
IBM Security Software Solutions Thierry Matusiak
 
IBM Security Software Solutions - Powerpoint
IBM Security Software Solutions - Powerpoint IBM Security Software Solutions - Powerpoint
IBM Security Software Solutions - PowerpointThierry Matusiak
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackAccelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackIBM Security
 
Integrating-Cyber-Security-for-Increased-Effectiveness
Integrating-Cyber-Security-for-Increased-EffectivenessIntegrating-Cyber-Security-for-Increased-Effectiveness
Integrating-Cyber-Security-for-Increased-EffectivenessAyham Kochaji
 
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...Raffael Marty
 
Key Points of FISMA Reforms of 2013
Key Points of FISMA Reforms of 2013Key Points of FISMA Reforms of 2013
Key Points of FISMA Reforms of 2013Tuan Phan
 
IBM Security Products: Intelligence, Integration, Expertise
IBM Security Products: Intelligence, Integration, ExpertiseIBM Security Products: Intelligence, Integration, Expertise
IBM Security Products: Intelligence, Integration, ExpertiseShwetank Jayaswal
 
Symantec_2004_AnnualReport
Symantec_2004_AnnualReportSymantec_2004_AnnualReport
Symantec_2004_AnnualReportfinance40
 
Is the IT security gap a threat to SMBS?
Is the IT security gap a threat to SMBS?Is the IT security gap a threat to SMBS?
Is the IT security gap a threat to SMBS?Globizzcon
 
Information protection and compliance
Information protection and complianceInformation protection and compliance
Information protection and complianceDean Iacovelli
 
Should You Be Automating
Should You Be AutomatingShould You Be Automating
Should You Be AutomatingSiemplify
 
CISO-Fundamentals
CISO-FundamentalsCISO-Fundamentals
CISO-FundamentalsGary Hayslip CISSP, CISA, CRISC, CCSK
 
So you want to be a CISO - 5 steps to Success
So you want to be a CISO - 5 steps to SuccessSo you want to be a CISO - 5 steps to Success
So you want to be a CISO - 5 steps to SuccessGary Hayslip CISSP, CISA, CRISC, CCSK
 
Leo TechnoSoft’s Intelligence Driven SOC is integrated Context-aware Security...
Leo TechnoSoft’s Intelligence Driven SOC is integrated Context-aware Security...Leo TechnoSoft’s Intelligence Driven SOC is integrated Context-aware Security...
Leo TechnoSoft’s Intelligence Driven SOC is integrated Context-aware Security...hardik soni
 
br-security-connected-top-5-trends
br-security-connected-top-5-trendsbr-security-connected-top-5-trends
br-security-connected-top-5-trendsChristopher Bennett
 
Denis Hackett M.Sc. - IDC Presentation Sept 2014 Croke Park Sept25 - Denis Ha...
Denis Hackett M.Sc. - IDC Presentation Sept 2014 Croke Park Sept25 - Denis Ha...Denis Hackett M.Sc. - IDC Presentation Sept 2014 Croke Park Sept25 - Denis Ha...
Denis Hackett M.Sc. - IDC Presentation Sept 2014 Croke Park Sept25 - Denis Ha...Education & Training Boards
 
Integrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIntegrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIBM Security
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats IBM Security
 
Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?IBM Security
 
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...Sirius
 
Week 1&2 intro_ v2-upload
Week 1&2 intro_ v2-uploadWeek 1&2 intro_ v2-upload
Week 1&2 intro_ v2-uploadVinoth Sn
 
Ibm cognitive security_white_paper_04_2016
Ibm cognitive security_white_paper_04_2016Ibm cognitive security_white_paper_04_2016
Ibm cognitive security_white_paper_04_2016Janghyuck Choi
 
Get Benefit From Threat Intelligence
Get Benefit From Threat IntelligenceGet Benefit From Threat Intelligence
Get Benefit From Threat IntelligenceSOCVault
 

More Related Content

What's hot

IBM Security Software Solutions - Powerpoint
IBM Security Software Solutions - Powerpoint IBM Security Software Solutions - Powerpoint
IBM Security Software Solutions - PowerpointThierry Matusiak
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackAccelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackIBM Security
 
Integrating-Cyber-Security-for-Increased-Effectiveness
Integrating-Cyber-Security-for-Increased-EffectivenessIntegrating-Cyber-Security-for-Increased-Effectiveness
Integrating-Cyber-Security-for-Increased-EffectivenessAyham Kochaji
 
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...Raffael Marty
 
Key Points of FISMA Reforms of 2013
Key Points of FISMA Reforms of 2013Key Points of FISMA Reforms of 2013
Key Points of FISMA Reforms of 2013Tuan Phan
 
IBM Security Products: Intelligence, Integration, Expertise
IBM Security Products: Intelligence, Integration, ExpertiseIBM Security Products: Intelligence, Integration, Expertise
IBM Security Products: Intelligence, Integration, ExpertiseShwetank Jayaswal
 
Symantec_2004_AnnualReport
Symantec_2004_AnnualReportSymantec_2004_AnnualReport
Symantec_2004_AnnualReportfinance40
 
Is the IT security gap a threat to SMBS?
Is the IT security gap a threat to SMBS?Is the IT security gap a threat to SMBS?
Is the IT security gap a threat to SMBS?Globizzcon
 
Information protection and compliance
Information protection and complianceInformation protection and compliance
Information protection and complianceDean Iacovelli
 
Should You Be Automating
Should You Be AutomatingShould You Be Automating
Should You Be AutomatingSiemplify
 
Leo TechnoSoft’s Intelligence Driven SOC is integrated Context-aware Security...
Leo TechnoSoft’s Intelligence Driven SOC is integrated Context-aware Security...Leo TechnoSoft’s Intelligence Driven SOC is integrated Context-aware Security...
Leo TechnoSoft’s Intelligence Driven SOC is integrated Context-aware Security...hardik soni
 
br-security-connected-top-5-trends
br-security-connected-top-5-trendsbr-security-connected-top-5-trends
br-security-connected-top-5-trendsChristopher Bennett
 
Denis Hackett M.Sc. - IDC Presentation Sept 2014 Croke Park Sept25 - Denis Ha...
Denis Hackett M.Sc. - IDC Presentation Sept 2014 Croke Park Sept25 - Denis Ha...Denis Hackett M.Sc. - IDC Presentation Sept 2014 Croke Park Sept25 - Denis Ha...
Denis Hackett M.Sc. - IDC Presentation Sept 2014 Croke Park Sept25 - Denis Ha...Education & Training Boards
 
Integrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIntegrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIBM Security
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats IBM Security
 
Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?IBM Security
 
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...Sirius
 
Week 1&2 intro_ v2-upload
Week 1&2 intro_ v2-uploadWeek 1&2 intro_ v2-upload
Week 1&2 intro_ v2-uploadVinoth Sn
 

What's hot (20)

IBM Security Software Solutions - Powerpoint
IBM Security Software Solutions - Powerpoint IBM Security Software Solutions - Powerpoint
IBM Security Software Solutions - Powerpoint
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackAccelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon Black
 
Integrating-Cyber-Security-for-Increased-Effectiveness
Integrating-Cyber-Security-for-Increased-EffectivenessIntegrating-Cyber-Security-for-Increased-Effectiveness
Integrating-Cyber-Security-for-Increased-Effectiveness
 
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
 
Key Points of FISMA Reforms of 2013
Key Points of FISMA Reforms of 2013Key Points of FISMA Reforms of 2013
Key Points of FISMA Reforms of 2013
 
IBM Security Products: Intelligence, Integration, Expertise
IBM Security Products: Intelligence, Integration, ExpertiseIBM Security Products: Intelligence, Integration, Expertise
IBM Security Products: Intelligence, Integration, Expertise
 
Symantec_2004_AnnualReport
Symantec_2004_AnnualReportSymantec_2004_AnnualReport
Symantec_2004_AnnualReport
 
Is the IT security gap a threat to SMBS?
Is the IT security gap a threat to SMBS?Is the IT security gap a threat to SMBS?
Is the IT security gap a threat to SMBS?
 
Information protection and compliance
Information protection and complianceInformation protection and compliance
Information protection and compliance
 
Should You Be Automating
Should You Be AutomatingShould You Be Automating
Should You Be Automating
 
CISO-Fundamentals
CISO-FundamentalsCISO-Fundamentals
CISO-Fundamentals
 
So you want to be a CISO - 5 steps to Success
So you want to be a CISO - 5 steps to SuccessSo you want to be a CISO - 5 steps to Success
So you want to be a CISO - 5 steps to Success
 
Leo TechnoSoft’s Intelligence Driven SOC is integrated Context-aware Security...
Leo TechnoSoft’s Intelligence Driven SOC is integrated Context-aware Security...Leo TechnoSoft’s Intelligence Driven SOC is integrated Context-aware Security...
Leo TechnoSoft’s Intelligence Driven SOC is integrated Context-aware Security...
 
br-security-connected-top-5-trends
br-security-connected-top-5-trendsbr-security-connected-top-5-trends
br-security-connected-top-5-trends
 
Denis Hackett M.Sc. - IDC Presentation Sept 2014 Croke Park Sept25 - Denis Ha...
Denis Hackett M.Sc. - IDC Presentation Sept 2014 Croke Park Sept25 - Denis Ha...Denis Hackett M.Sc. - IDC Presentation Sept 2014 Croke Park Sept25 - Denis Ha...
Denis Hackett M.Sc. - IDC Presentation Sept 2014 Croke Park Sept25 - Denis Ha...
 
Integrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIntegrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM Resilient
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats
 
Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?
 
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
 
Week 1&2 intro_ v2-upload
Week 1&2 intro_ v2-uploadWeek 1&2 intro_ v2-upload
Week 1&2 intro_ v2-upload
 

Similar to IBM Immune System

Ibm cognitive security_white_paper_04_2016
Ibm cognitive security_white_paper_04_2016Ibm cognitive security_white_paper_04_2016
Ibm cognitive security_white_paper_04_2016Janghyuck Choi
 
Get Benefit From Threat Intelligence
Get Benefit From Threat IntelligenceGet Benefit From Threat Intelligence
Get Benefit From Threat IntelligenceSOCVault
 
The future of cyber security
The future of cyber securityThe future of cyber security
The future of cyber securitySandip Juthani
 
Symantec cyber-resilience
Symantec cyber-resilienceSymantec cyber-resilience
Symantec cyber-resilienceSymantec
 
Cognitive security
Cognitive securityCognitive security
Cognitive securityIqra khalil
 
Microsoft Security adoptionguide for the enterprise
Microsoft Security adoptionguide for the enterpriseMicrosoft Security adoptionguide for the enterprise
Microsoft Security adoptionguide for the enterprisessuserd58af7
 
Ibm security overview 2012 jan-18 sellers deck
Ibm security overview 2012 jan-18 sellers deckIbm security overview 2012 jan-18 sellers deck
Ibm security overview 2012 jan-18 sellers deckArrow ECS UK
 
OpenText Cyber Resilience Fastrak
OpenText Cyber Resilience FastrakOpenText Cyber Resilience Fastrak
OpenText Cyber Resilience FastrakMarc St-Pierre
 
Security solutions for a smarter planet
Security solutions for a smarter planetSecurity solutions for a smarter planet
Security solutions for a smarter planetVincent Kwon
 
Force 3 Software Practice Overview
Force 3 Software Practice OverviewForce 3 Software Practice Overview
Force 3 Software Practice OverviewForce 3
 
Crucial Layers_ Exploring the Depth of Enterprise Cyber Security.pdf
Crucial Layers_ Exploring the Depth of Enterprise Cyber Security.pdfCrucial Layers_ Exploring the Depth of Enterprise Cyber Security.pdf
Crucial Layers_ Exploring the Depth of Enterprise Cyber Security.pdfseoteameits
 
IBM Security Strategy Overview
IBM Security Strategy OverviewIBM Security Strategy Overview
IBM Security Strategy Overviewxband
 
Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...
Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...
Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...IBM Security
 
Soar cybersecurity
Soar cybersecuritySoar cybersecurity
Soar cybersecuritySecuraa
 
What is threat intelligence ?
What is threat intelligence ?What is threat intelligence ?
What is threat intelligence ?AariyaRathi
 
Do You Know About Cyber Security? | Secninjaz Technologies LLP
Do You Know About Cyber Security? | Secninjaz Technologies LLP Do You Know About Cyber Security? | Secninjaz Technologies LLP
Do You Know About Cyber Security? | Secninjaz Technologies LLP Secninjaz Technologies LLP
 
Cyber Security Audit.pdf
Cyber Security Audit.pdfCyber Security Audit.pdf
Cyber Security Audit.pdfVograce
 
Top Cyber Security Companies: Protecting Your Digital Assets
Top Cyber Security Companies: Protecting Your Digital AssetsTop Cyber Security Companies: Protecting Your Digital Assets
Top Cyber Security Companies: Protecting Your Digital Assetscyberprosocial
 
Top Cyber Security Companies: Protecting Your Digital Assets
Top Cyber Security Companies: Protecting Your Digital AssetsTop Cyber Security Companies: Protecting Your Digital Assets
Top Cyber Security Companies: Protecting Your Digital Assetscyberprosocial
 

Similar to IBM Immune System (20)

Ibm cognitive security_white_paper_04_2016
Ibm cognitive security_white_paper_04_2016Ibm cognitive security_white_paper_04_2016
Ibm cognitive security_white_paper_04_2016
 
Get Benefit From Threat Intelligence
Get Benefit From Threat IntelligenceGet Benefit From Threat Intelligence
Get Benefit From Threat Intelligence
 
The future of cyber security
The future of cyber securityThe future of cyber security
The future of cyber security
 
Symantec cyber-resilience
Symantec cyber-resilienceSymantec cyber-resilience
Symantec cyber-resilience
 
Cognitive security
Cognitive securityCognitive security
Cognitive security
 
Microsoft Security adoptionguide for the enterprise
Microsoft Security adoptionguide for the enterpriseMicrosoft Security adoptionguide for the enterprise
Microsoft Security adoptionguide for the enterprise
 
Ibm security overview 2012 jan-18 sellers deck
Ibm security overview 2012 jan-18 sellers deckIbm security overview 2012 jan-18 sellers deck
Ibm security overview 2012 jan-18 sellers deck
 
OpenText Cyber Resilience Fastrak
OpenText Cyber Resilience FastrakOpenText Cyber Resilience Fastrak
OpenText Cyber Resilience Fastrak
 
Security solutions for a smarter planet
Security solutions for a smarter planetSecurity solutions for a smarter planet
Security solutions for a smarter planet
 
Force 3 Software Practice Overview
Force 3 Software Practice OverviewForce 3 Software Practice Overview
Force 3 Software Practice Overview
 
IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,
 
Crucial Layers_ Exploring the Depth of Enterprise Cyber Security.pdf
Crucial Layers_ Exploring the Depth of Enterprise Cyber Security.pdfCrucial Layers_ Exploring the Depth of Enterprise Cyber Security.pdf
Crucial Layers_ Exploring the Depth of Enterprise Cyber Security.pdf
 
IBM Security Strategy Overview
IBM Security Strategy OverviewIBM Security Strategy Overview
IBM Security Strategy Overview
 
Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...
Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...
Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...
 
Soar cybersecurity
Soar cybersecuritySoar cybersecurity
Soar cybersecurity
 
What is threat intelligence ?
What is threat intelligence ?What is threat intelligence ?
What is threat intelligence ?
 
Do You Know About Cyber Security? | Secninjaz Technologies LLP
Do You Know About Cyber Security? | Secninjaz Technologies LLP Do You Know About Cyber Security? | Secninjaz Technologies LLP
Do You Know About Cyber Security? | Secninjaz Technologies LLP
 
Cyber Security Audit.pdf
Cyber Security Audit.pdfCyber Security Audit.pdf
Cyber Security Audit.pdf
 
Top Cyber Security Companies: Protecting Your Digital Assets
Top Cyber Security Companies: Protecting Your Digital AssetsTop Cyber Security Companies: Protecting Your Digital Assets
Top Cyber Security Companies: Protecting Your Digital Assets
 
Top Cyber Security Companies: Protecting Your Digital Assets
Top Cyber Security Companies: Protecting Your Digital AssetsTop Cyber Security Companies: Protecting Your Digital Assets
Top Cyber Security Companies: Protecting Your Digital Assets
 

Recently uploaded

Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 

Recently uploaded (20)

Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 

IBM Immune System

  • 1. The security immune system An integrated approach to protecting your organization Find out more
  • 2. Why a security immune system makes sense now We’ve heard it time and again. When it comes to cyber security threats, no one is immune. No business, no government, no individual. In fact, the entire conversation has shifted from focusing on “if you’re attacked” to “how quickly you can respond.” And that’s not likely to change in the foreseeable future. So let’s think about the concept of immunity for a minute. As humans, we have finely tuned—and highly adaptive—immune systems ready to help us fight off all kinds of attacks that would otherwise threaten to destroy us. Made up of cells, tissues and organs that work together to defend us against attacks by “foreign” invaders, a healthy immune system can distinguish between the body’s own cells and those that don’t belong. It’s an intelligent, organized and efficient system that can instantly recognize an invader and take action to either block its entry or destroy it. But when we think about cyber security, we tend to see a diverse collection of point-product solutions— each designed with a specific target in mind. Imagine what would happen if our bodies functioned that way. The results could be deadly. That’s why IBM has developed an integrated and intelligent security immune system. Next
  • 3. There will likely be 20.8 billion “connected things” by 20201 The average total cost of a data breach in 2015 was $4 million2 Unauthorized access accounted for 45 percent of security incidents in 20153 Click on any bar at left to navigate the IBM Security immune system story. Next Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM
  • 4. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM Integration and intelligence take the lead Over the years companies have responded to threats by backing up the security tool truck and unloading it on their IT environment. The expanding security arsenal of fragmented, disconnected point products has added complexity without significantly improving the overall security posture of the organization. The result? A bloated infrastructure that makes it more difficult to monitor the network as a whole, often leaving security teams to operate in the dark. It’s time to take a more holistic view of your security portfolio. The IBM Security immune system is a fully integrated approach that allows its components to grow and adapt within the infrastructure—working together to improve their effectiveness. So they can deliver intelligence, visibility and actionable insights across the entire system. And once the IBM Security immune system is fully engaged with your entire ecosystem—allowing collaboration across third-party vendors, technology providers and business partners—it can provide you with the intelligence you need to understand existing threats and adapt to new ones. Some organizations report they’re using as many as 85 security products—from more than 40 vendors—at once. Not surprisingly, as each tool is added, the costs associated with installing, configuring, managing, upgrading and patching continue to grow. And with the skills gap plaguing the industry, where the necessary expertise isn’t always available, it’s easy to see how more threats are continuing to generate more vendors, more tools—and more headaches. Next
  • 5. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM Integration and intelligence take the lead Security Analytics Security Ecosystem Endpoint Threat Intelligence Network Mobile Cloud Advanced Fraud Data and Apps Identity and Access Endpoint patching and management Antivirus Malware protection Indicators of compromise IP reputation Threat sharing Incident and threat management Firewalls Sandboxing Virtual patching Network visibility Fraud protection Criminal detection Transaction protection Device management Content security Log, flow, data analysis Anomaly detection Vulnerability management Incident response Privileged identity management Entitlements and roles Access management Identity management Workload protection Cloud access security broker Data monitoring Data access control Application scanning Application security management Forensic analysis Cognitive security User behavior analytics The IBM Security immune system looks at a security portfolio in a more organized fashion—as an integrated framework of security capabilities that transmits and ingests vital security data to help gain visibility, understand and prioritize threats, and coordinate multiple layers of defense. At its core, the system uses security intelligence and analytics to automate policies and block threats—just as the human immune system can automatically assess and identify a virus, for example, and trigger an immune response. Next
  • 6. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM Integrating security planning, response and readiness The IBM Security immune system delivers a full range of security solutions and services designed to address your organization’s specific needs across three key areas. Security Transformation Services Helps you optimize your security program to address modern-day risks Security Operations and Response Lets you orchestrate your defenses throughout the entire attack lifecycle Information Risk and Protection Allows you to keep your critical information protected while accelerating business Next
  • 7. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM Security Transformation Services Helping to simplify your view of the big picture Security Transformation Services let your organization take a more proactive, preemptive and mature approach to security. So you can: • Access the right skills—with trusted security advisors, responders, testers, analysts and engineers—available 24x7x365 globally • Build strategy that accelerates new IT trends, including BYOD, cloud, mobile, social and IOT • Optimize security programs with technology that manages and protects against the latest threats • Reduce complexity and consolidate fragmented solutions into an integrated solution • Gain access to global threat intelligence for improved visibility into the threat lifecycle • Build protected and connected systems to reduce operating costs and complexity Next
  • 8. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM Security Transformation Services Helping to simplify your view of the big picture Trusteer Mobile Cloud Security INFORMATION RISK AND PROTECTION BigFix X-Force ExchangeApp Exchange SECURITY OPERATIONS AND RESPONSE Guardium Key Manager AppScan MaaS360 Trusteer Pinpoint Trusteer Rapport QRadar Vulnerability Manager QRadar User Behavior Analytics QRadar SIEM QRadar Risk Manager Resilient Incident Response Privileged Identity Manager Cloud Identity Service zSecure Network Protection (XGS) QRadar Incident Forensics Identity Governance and Intelligence Trusteer Mobile Cloud Security INFORMATION RISKATI AND PROTECTIONOT BigFix X-Force Exchangep ExchangeApp SECURITY OPERATIONSSECURITY OPERATIONS AND RESPONSE Guardium Key Manager AppScan MaaS360 Trusteer Pinpoint Trusteer Rapport QRadar Vulnerability Managerrab QRadar User Behavior AnalyticsBe QRadar SIEM QRadar Risk Manager Resilient Incident Response Privileged Identity Manager Cloud Identity Service zSecure Network Protection (XGS) QRadar Incident Forensics Identity Governance and Intelligence SECURITY TRANSFORMATION SERVICES Management consulting l Systems integration l Managed security Next
  • 9. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM Security Operations and Response Orchestrate your defenses throughout the entire attack lifecycle Criminals are relentless. Hoping you aren’t a target is not enough to keep the bad guys out— especially because they may already be inside your organization. And relying on perimeter solutions, periodic scans and compliance-driven methods won’t keep you ahead of the threat. The Security Operations and Response platform offers an integrated, end-to-end approach to safeguarding your systems. That means you can prevent, detect and respond to threats in an intelligent, orchestrated and automated manner. It’s an approach that lets you: • Continuously stop attacks and remediate vulnerabilities • Take advantage of cognitive analytics to sense, discover and prioritize unknown threats • Respond to incidents quickly and effectively, using deep threat intelligence provided by the IBM X-Force® Research team—and their massive threat databases—to hunt for indicators Next
  • 10. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM Security Operations and Response Orchestrate your defenses throughout the entire attack lifecycle Privileged Identity Manager Cloud Identity Service zSecure Identity Governance and Intelligence Cloud Security MaaS360 Trusteer Pinpoint Trusteer Mobile Trusteer Rapport Guardium Key Manager AppScan SECURITY TRANSFORMATION SERVICES Management consulting l Systems integration l Managed security INFORMATION RISK AND PROTECTION Privileged Identity Manager Cloud Identity Service zSecure Identity Governance and Intelligence Cloud Security MaaS360 Trusteer Pinpoint Trusteer Mobile Trusteer Rapport Guardium Key Manager AppScan SECURITY TRANSFORMATION SERVICES Manageement consulting l Systems integration l securityManaged s INFORMATION RISKATI AND PROTECTIONOT SECURITY OPERATIONS AND RESPONSE QRadar Vulnerability Manager QRadar User Behavior Analytics QRadar SIEM QRadar Risk Manager Resilient Incident Response X-Force ExchangeX-Force Exchange BigFix Network Protection (XGS) QRadar Incident Forensics App Exchange Next
  • 11. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM Information Risk and Protection Keep your critical information protected while accelerating business Cloud and mobile computing, social media, big data and IOT are just a few of the innovations making dramatic changes to the business landscape. The result is more connectivity across users, apps, data and transactions than ever before. And that means more security issues for everyone involved. The solutions and services that comprise the Information Risk and Protection domain can help protect your information while keeping your employees productive. They’re designed to help safeguard critical data, users, apps and transactions wherever they live—in the cloud, on mobile devices or on local servers and media. They allow you to: • Identify business risks—such as abnormal insider activity, rogue cloud app usage or web fraud—with identity analytics and real-time alerts • Gain control of users, access and development, using identity governance and intelligence, app and data protection, DevOps security and mobile security • Safeguard interactions with adaptive access and web app protection, identity federation to and from the cloud, data compliance and secure mobile collaboration Next
  • 12. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM Information Risk and Protection Keep your critical information protected while accelerating business App Exchange QRadar Vulnerability Manager QRadar User Behavior Analytics QRadar SIEM QRadar Risk Manager Resilient Incident Response Network Protection (XGS) QRadar Incident Forensics SECURITY TRANSFORMATION SERVICES Management consulting l Systems integration l Managed security BigFix X-Force Exchange SECURITY OPERATIONS AND RESPONSE p ExchangeApp QRadar Vulnerability Managerrab QRadar User Behavior AnalyticsBe QRadar SIEMS QRadar Risk Manager Resilient Incident Respponse Network Protection (XGS) QRadar Incident Forensics SECURITY TRANSFORMATION SERVICES Manageement consulting l Systems integration l securityManaged s BigFix X-Force Exchange SECURITY OPERATIONSSECURITY OPERATIONS AND RESPONSE Cloud Security INFORMATION RISK AND PROTECTION Guardium Key Manager AppScan MaaS360 Trusteer Pinpoint Trusteer Rapport Trusteer Mobile Privileged Identity Manager Cloud Identity Service zSecure Identity Governance and Intelligence Next
  • 13. How it works: Four use cases tell the story Every organization faces its own security challenges. The following use cases offer a brief glimpse into how the IBM Security immune system would help four companies identify and respond to those challenges. The failed compliance audit The drive-by download The insider threat The potential for fraud Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM Next
  • 14. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The failed compliance audit Like most large organizations around the world today, Company A works hard to stay on top of an expanding—and ever-changing—security compliance environment. But despite the company’s best efforts, it has failed a recent regulator-led audit and was found to be noncompliant with a set of newly released rules. The incident results in a fine and considerable reputational damage. This is where elements of the Security Transformation Services domain come into play. See how the story unfolds... Next Gap assessment Ongoing monitoring Continuous improvement Remediation 1 32 4 See the big picture 5
  • 15. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The failed compliance audit Like most large organizations around the world today, Company A works hard to stay on top of an expanding—and ever-changing—security compliance environment. But despite the company’s best efforts, it has failed a recent regulator-led audit and was found to be noncompliant with a set of newly released rules. The incident results in a fine and considerable reputational damage. This is where elements of the Security Transformation Services domain come into play. Ongoing monitoring Continuous improvement Remediation 32 4 See the big picture 5 1 Gap assessment The failure also triggers an automatic security immune system response, which calls upon IBM Security Strategy, Risk and Compliance Services to help evaluate the audit findings—along with Company A’s IT risk management framework, metrics and risk objectives. In addition, Security Framework and Risk Assessment from IBM provides Company A with a list of existing gaps—prioritized according to business impact—and a set of recommended solutions for addressing any potential regulatory compliance gaps. Company A also receives a proposal for updated security education and training to help head off future audit issues. Next
  • 16. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM Gap assessment Ongoing monitoring Continuous improvement 1 3 4 See the big picture 5 A case in point: The failed compliance audit Like most large organizations around the world today, Company A works hard to stay on top of an expanding—and ever-changing—security compliance environment. But despite the company’s best efforts, it has failed a recent regulator-led audit and was found to be noncompliant with a set of newly released rules. The incident results in a fine and considerable reputational damage. This is where elements of the Security Transformation Services domain come into play. 2 Remediation Deployment and Migration Services from IBM allow Company A to implement the necessary risk management solutions and align its governance practices. Remediation measures also establish new metrics to allow for better visibility into the effectiveness of the company’s controls. Next
  • 17. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The failed compliance audit Like most large organizations around the world today, Company A works hard to stay on top of an expanding—and ever-changing—security compliance environment. But despite the company’s best efforts, it has failed a recent regulator-led audit and was found to be noncompliant with a set of newly released rules. The incident results in a fine and considerable reputational damage. This is where elements of the Security Transformation Services domain come into play. Gap assessment Continuous improvement Remediation 1 2 4 See the big picture 5 3 Ongoing monitoring Once new metrics are established, IBM Automated IT Risk Management Services allow Company A to automatically monitor those metrics. It’s a cost- effective solution that can align multiple aspects of the company’s security program, offering increased visibility into control and compliance gaps and facilitating quick resolution. Next
  • 18. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The failed compliance audit Like most large organizations around the world today, Company A works hard to stay on top of an expanding—and ever-changing—security compliance environment. But despite the company’s best efforts, it has failed a recent regulator-led audit and was found to be noncompliant with a set of newly released rules. The incident results in a fine and considerable reputational damage. This is where elements of the Security Transformation Services domain come into play. Gap assessment Ongoing monitoring Remediation 1 32 See the big picture 5 4 Continuous improvement With help from IBM Security Strategy and Planning Services and IBM Security Architecture and Program Design Services, Company A can ensure that the key components of its compliance management efforts will be continuously evaluated and improved, allowing for ongoing compliance monitoring over the months and years to come. Next
  • 19. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM Here’s how the IBM Security immune system would call upon specific solutions to address the issues raised in the case of the failed compliance audit. A case in point: The failed compliance audit Trusteer Mobile Cloud Security INFORMATION RISK AND PROTECTION X-Force ExchangeApp Exchange SECURITY OPERATIONS AND RESPONSE Guardium Key Manager AppScan MaaS360 Trusteer Pinpoint Trusteer Rapport BigFix QRadar Vulnerability Manager QRadar User Behavior Analytics QRadar SIEM QRadar Risk Manager Resilient Incident Response Privileged Identity Manager Cloud Identity Service zSecure Network Protection (XGS) QRadar Incident Forensics Identity Governance and Intelligence Trusteer Mobile Cloud Security INFORMATION RISKATI AND PROTECTIONOT X-Force Exchangep ExchangeApp SECURITY OPERATIONSSECURITY OPERATIONS AND RESPONSE Guardium Key Manager AppScan MaaS360 Trusteer Pinpoint Trusteer Rapport BigFix QRadar Vulnerability Managerrab QRadar User Behavior AnalyticsBe QRadar SIEMS QRadar Risk Manager Resilient Incident Response Privileged Identity Manager Cloud Identity Service zSecure Network Protection (XGS) QRadar Incident Forensics Identity Governance and Intelligence SECURITY TRANSFORMATION SERVICES Management consulting l Systems integration l Managed security Security Framework and Risk Assessment Deployment and Migration Services Strategy and Planning Services Architecture and Program Design Automated IT Risk Management Services Next
  • 20. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The drive-by download There are countless ways in which determined attackers might go about getting into your systems without your knowledge. It happens all the time. Just check today’s headlines for details on the latest high-profile break-in or data breach. Here’s an example of how one such attack might be played out—and how several Security Operations and Response solutions can help disrupt the attack chain in real time. Here’s how it all begins... Next The break-in The expansion The details in the data The connection The cutoff 1 2 3 4 5 See the big picture 6
  • 21. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The drive-by download There are countless ways in which determined attackers might go about getting into your systems without your knowledge. It happens all the time. Just check today’s headlines for details on the latest high-profile break-in or data breach. Here’s an example of how one such attack might be played out—and how several Security Operations and Response solutions can help disrupt the attack chain in real time. The expansion The details in the data The connection The cutoff 2 3 4 5 See the big picture 6 1 The break-in One of Company B’s account executives is in a taxi, on his way to the airport for a trip to a customer site. Stuck in traffic, he pulls out his laptop, checks the company’s intranet for some project details and sends out a few emails. What he doesn’t know is that he triggered an attack via drive-by download. And because he’s almost always on the road, he hasn’t had much contact with the company’s IT security team. So his laptop may not have been updated with the latest patches. IBM BigFix would allow Company B’s IT security team to discover unmanaged endpoints (such as this employee’s laptop) and get real-time visibility into all its endpoints to identify vulnerabilities and those endpoints that are noncompliant. ® Next
  • 22. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM 1 A case in point: The drive-by download There are countless ways in which determined attackers might go about getting into your systems without your knowledge. It happens all the time. Just check today’s headlines for details on the latest high-profile break-in or data breach. Here’s an example of how one such attack might be played out—and how several Security Operations and Response solutions can help disrupt the attack chain in real time. 4The break-in The expansion The details in the data The cutoff 1 3 4 5 See the big picture 6 2 The connection As it turns out, Company B’s account executive had indeed missed getting the latest patches installed on his laptop. By the time he reaches the airport, the download has already latched onto the company’s network and infects its internal system as part of a botnet. With IBM Security Network Protection (XGS), Company B would be able to gain visibility into the network traffic and actively block communication with the botnet’s command and control server, based on intelligence provided by IBM X-Force Exchange. It can also effectively block zero-day exploit traffic and then send those traffic flows to IBM QRadar Security Information and Event Management (SIEM) for anomaly detection. ® Next
  • 23. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The drive-by download There are countless ways in which determined attackers might go about getting into your systems without your knowledge. It happens all the time. Just check today’s headlines for details on the latest high-profile break-in or data breach. Here’s an example of how one such attack might be played out—and how several Security Operations and Response solutions can help disrupt the attack chain in real time. The break-in The details in the data The connection The cutoff 1 2 4 5 See the big picture 6 3 The expansion Without those safeguards in place, however, Company B unwittingly allows the attack to continue, targeting internal email sent to high-profile employees. At this point, QRadar SIEM could still help halt the attack by correlating network traffic flows and security events from other security controls—and external intelligence on active botnets from IBM X-Force Exchange—into a list of priority offenses. Next
  • 24. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The drive-by download There are countless ways in which determined attackers might go about getting into your systems without your knowledge. It happens all the time. Just check today’s headlines for details on the latest high-profile break-in or data breach. Here’s an example of how one such attack might be played out—and how several Security Operations and Response solutions can help disrupt the attack chain in real time. The break-in The expansion The connection The cutoff 1 2 3 5 See the big picture 6 4 The details in the data The attackers soon come within striking distance, gaining the authorization needed to access Company B’s resources. QRadar Incident Forensics would now be able to reconstruct abnormal user and database activity from the associated network packet data. This would allow investigators to discover less obvious data connections and previously hidden relationships across multiple IDs. Next
  • 25. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The drive-by download There are countless ways in which determined attackers might go about getting into your systems without your knowledge. It happens all the time. Just check today’s headlines for details on the latest high-profile break-in or data breach. Here’s an example of how one such attack might be played out—and how several Security Operations and Response solutions can help disrupt the attack chain in real time. The break-in The expansion The details in the data The connection 1 2 3 4 See the big picture 6 5 TM The cutoff If the attackers manage to reach the point of siphoning out Company B’s data, the IBM Resilient Incident Response Platform could help the company’s security team analyze, respond, resolve and mitigate the incident as quickly as possible. So they could take action to prevent or mitigate the damage inflicted by the attack. ® Next
  • 26. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The drive-by download Here’s how the IBM Security immune system would call upon specific solutions to address the issues raised in the case of the drive-by download. QRadar User Behavior Analytics Privileged Identity Manager Cloud Identity Service zSecure Identity Governance and Intelligence QRadar Vulnerability Manager QRadar Risk Manager SECURITY TRANSFORMATION SERVICES Management consulting l Systems integration l Managed security Trusteer Mobile Cloud Security INFORMATION RISK AND PROTECTION App Exchange Guardium Key Manager AppScan MaaS360 Trusteer Pinpoint Trusteer Rapport QRadar User Behavior AnalyticsBe Privileged Identity Manager Cloud Identity Service zSecure Identity Governance and Intelligence QRadar Vulnerability Managerrab QRadar Risk Manager SECURITY TRANSFORMATION SERVICES Manageement consulting l Systems integration l securityManaged s Trusteer Mobile Cloud Security INFORMATION RISKATI AND PROTECTIONOT p ExchangeApp Guardium Key Manager AppScan MaaS360 Trusteer Pinpoint Trusteer Rapport QRadar SIEM BigFix SECURITY OPERATIONS AND RESPONSE Network Protection (XGS) QRadar Incident Forensics Resilient Incident Response X-Force Exchange Next
  • 27. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The insider threat Company C is aware that in 2015, 60 percent of attacks were carried out by insiders, either ones with malicious intent or inadvertent actors.4 In other words, those attacks were instigated or initiated by people you would likely trust with access to your company’s assets—including hard copy documents, disks, electronic files and laptops. Insiders could be employees of the company, or business partners, clients or even maintenance contractors. Here’s an example of how Information Risk and Protection solutions help thwart insider threats. Follow the process... Next Privileged identity management Security intelligence and analytics Identity governance Activity monitoring 1 2 3 4 See the big picture 5
  • 28. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The insider threat Company C is aware that in 2015, 60 percent of attacks were carried out by insiders, either ones with malicious intent or inadvertent actors.4 In other words, those attacks were instigated or initiated by people you would likely trust with access to your company’s assets—including hard copy documents, disks, electronic files and laptops. Insiders could be employees of the company, or business partners, clients or even maintenance contractors. Here’s an example of how Information Risk and Protection solutions help thwart insider threats. Security intelligence and analytics Identity governance Activity monitoring 2 3 4 See the big picture 5 1 Privileged identity management With multiple locations in both urban and suburban settings, Company C employs a large number of individuals—including part-time hourly workers and several levels of management personnel. In addition, there are often teams of contractors brought in to work on special projects. The one thing they all have in common? A need for ongoing access to the company’s systems and data. That’s why the company uses IBM Security Privileged Identity Manager to help prevent advanced insider threats. It provides a centralized approach to managing access to privileged accounts, allowing users to “check out” these accounts when they need access to sensitive systems. Each of these special sessions is automatically recorded, providing an audit trail and helping to ensure that privileged access is not misused. In addition, the company relies on IBM Security Guardium to cross-reference that information as it audits user access to data that’s either at rest or in motion. ® Next
  • 29. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The insider threat Company C is aware that in 2015, 60 percent of attacks were carried out by insiders, either ones with malicious intent or inadvertent actors.4 In other words, those attacks were instigated or initiated by people you would likely trust with access to your company’s assets—including hard copy documents, disks, electronic files and laptops. Insiders could be employees of the company, or business partners, clients or even maintenance contractors. Here’s an example of how Information Risk and Protection solutions help thwart insider threats. Privileged identity management Security intelligence and analytics Identity governance 1 3 4 See the big picture 5 2 Activity monitoring While monitoring and auditing privileged user access, Guardium can also identify abnormal or suspicious behavior and block illicit data and file access with real-time response. One day the system observes that several large files have been downloaded onto a thumb drive by one of Company C’s part-time employees. Because the system recognizes that action as unusual activity— given the employee’s responsibilities—it issues an alert flagging that behavior. Or it could deny access to the data in question. Company C might also take advantage of IBM QRadar User Behavior Analytics to gain early visibility into related insider threats by analyzing other employees’ usage patterns to determine if their credentials or systems have been compromised. It can identify users by name, add suspects to a watch list or drill down into underlying log and flow data. What’s more, Guardium can share any illicit activity it finds to help QRadar User Behavior Analytics fine-tune its analytics, and then go on to share any anomalous activity it finds with Guardium.Next
  • 30. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The insider threat Company C is aware that in 2015, 60 percent of attacks were carried out by insiders, either ones with malicious intent or inadvertent actors.4 In other words, those attacks were instigated or initiated by people you would likely trust with access to your company’s assets—including hard copy documents, disks, electronic files and laptops. Insiders could be employees of the company, or business partners, clients or even maintenance contractors. Here’s an example of how Information Risk and Protection solutions help thwart insider threats. Privileged identity management Identity governance Activity monitoring 1 2 4 See the big picture 5 3 Security intelligence and analytics Taking matters a step further, QRadar SIEM can help Company C pull together a clearer picture of potential problems by using analytics to correlate Privileged Identity Manager credentials with Guardium activities—to detect anomalies and trigger alerts. And IBM MaaS360 lets the company manage and safeguard its mobile devices, applications and content—while maintaining data security and personal privacy. ® Next
  • 31. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The insider threat Company C is aware that in 2015, 60 percent of attacks were carried out by insiders, either ones with malicious intent or inadvertent actors.4 In other words, those attacks were instigated or initiated by people you would likely trust with access to your company’s assets—including hard copy documents, disks, electronic files and laptops. Insiders could be employees of the company, or business partners, clients or even maintenance contractors. Here’s an example of how Information Risk and Protection solutions help thwart insider threats. Privileged identity management Security intelligence and analytics Activity monitoring 1 2 3 See the big picture 5 4 Identity governance IBM Security Identity Governance and Intelligence lets Company C’s IT managers and auditors govern insider access and ensure regulatory compliance across the organization. It helps the company mitigate access risks and access policy violations by combining intelligence-driven, business-driven identity governance with end-to-end user lifecycle management. What’s more, it checks for segregation of duties violations and runs access certification campaigns to help ensure the validity of privileged access rights. Next
  • 32. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM Here’s how the IBM Security immune system would call upon specific solutions to address the issues raised in the case of the insider threat. A case in point: The insider threat SECURITY TRANSFORMATION SERVICES Management consulting l Systems integration l Managed security QRadar Vulnerability Manager QRadar Risk Manager Resilient Incident Response Trusteer Mobile Cloud Security X-Force ExchangeApp Exchange SECURITY OPERATIONS AND RESPONSE Key Manager AppScan Trusteer Pinpoint Trusteer Rapport BigFix Cloud Identity Service zSecure Network Protection (XGS) QRadar Incident Forensics SECURITY TRANSFORMATION SERVICES Manageement consulting l Systems integration l securityManaged s QRadar Vulnerability Managerrab QRadar Risk Manager Resilient Incident Response Trusteer Mobile Cloud Security X-Force Exchangep ExchangeApp SECURITY OPERATIONSSECURITY OPERATIONS AND RESPONSE Key Manager AppScan Trusteer Pinpoint Trusteer Rapport BigFix Cloud Identity Service zSecure Network Protection (XGS) QRadar Incident Forensics QRadar SIEM INFORMATION RISK AND PROTECTION Privileged Identity Manager Identity Governance and Intelligence MaaS360 Guardium QRadar User Behavior Analytics Next
  • 33. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The potential for fraud Most companies would find it difficult to discuss IT security without talking about fraud. And that’s especially true for financial services organizations. Company D is engaged in the consumer side of the financial services business, where it’s important to recognize that some of the very conveniences that banks now routinely offer customers—including automated teller machines, credit cards and mobile banking apps—have introduced a level of accessibility that goes a long way toward making the financial system highly vulnerable to cyber attacks. But Information Risk and Protection solutions can help significantly reduce the risk of fraud—without complicating the user experience. Learn what happens behind the scenes... Logging in Exercising necessary caution Protecting customers from fraud 1 2 3 See the big picture 4 Next
  • 34. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM 1 Exercising necessary caution Protecting customers from fraud 2 3 See the big picture 4 A case in point: The potential for fraud Most companies would find it difficult to discuss IT security without talking about fraud. And that’s especially true for financial services organizations. Company D is engaged in the consumer side of the financial services business, where it’s important to recognize that some of the very conveniences that banks now routinely offer customers—including automated teller machines, credit cards and mobile banking apps—have introduced a level of accessibility that goes a long way toward making the financial system highly vulnerable to cyber attacks. But Information Risk and Protection solutions can help significantly reduce the risk of fraud—without complicating the user experience. Logging in Laura M. is a Company D customer who wants to move money from one of her accounts to another via mobile phone. It takes just a few seconds for her to log in, using her online ID and security code. But in those few seconds, IBM Security Access Manager (ISAM) is validating Laura’s password, determining her location, making note of the date and time, and identifying the IP address for the device she’s using. Doing so helps Company D block fraudulent and high-risk transactions by analyzing user information and correlating user behavior and device attributes in real time—so it can determine whether Laura is who she says she is. Next
  • 35. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The potential for fraud Most companies would find it difficult to discuss IT security without talking about fraud. And that’s especially true for financial services organizations. Company D is engaged in the consumer side of the financial services business, where it’s important to recognize that some of the very conveniences that banks now routinely offer customers—including automated teller machines, credit cards and mobile banking apps—have introduced a level of accessibility that goes a long way toward making the financial system highly vulnerable to cyber attacks. But Information Risk and Protection solutions can help significantly reduce the risk of fraud—without complicating the user experience. Logging in Exercising necessary caution 1 3 See the big picture 4 2 ® Protecting customers from fraud Next, IBM Trusteer solutions help figure out whether Laura is a true customer or a fraudster—by determining whether the device she’s using is valid, analyzing her behavior and helping to verify that neither her credentials nor her phone have been compromised. Trusteer also notes that Laura isn’t just checking her account balance, but wants to transfer funds from one account to another. If it finds any evidence to suspect that it’s dealing with a fraudster, it can restrict functionality based on bank policies, without alerting him or her that they’ve been detected. All this happens behind the scenes—in seconds—without giving Laura any reason to know or care about what’s going on. Next
  • 36. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM A case in point: The potential for fraud Most companies would find it difficult to discuss IT security without talking about fraud. And that’s especially true for financial services organizations. Company D is engaged in the consumer side of the financial services business, where it’s important to recognize that some of the very conveniences that banks now routinely offer customers—including automated teller machines, credit cards and mobile banking apps—have introduced a level of accessibility that goes a long way toward making the financial system highly vulnerable to cyber attacks. But Information Risk and Protection solutions can help significantly reduce the risk of fraud—without complicating the user experience. Logging in Protecting customers from fraud 1 2 See the big picture 4 3 Exercising necessary caution Of course there are certain circumstances under which Laura’s actions might be subject to additional scrutiny to help protect both the bank and herself. For example, ISAM could move to enforce additional rules, asking Laura to perform a second authentication step (such as getting a second password) if she wanted to transfer over $10,000. And if she wanted to transfer millions of dollars, even multi-step authentication would likely be insufficient. She would instead be told to visit the bank in person. Next
  • 37. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM Here’s how the IBM Security immune system would call upon specific solutions to address the issues raised in the case of potential fraud. A case in point: The potential for fraud SECURITY TRANSFORMATION SERVICES Management consulting l Systems integration l Managed security Cloud Security X-Force ExchangeApp Exchange SECURITY OPERATIONS AND RESPONSE Guardium Key Manager AppScan MaaS360 BigFix QRadar Vulnerability Manager QRadar User Behavior Analytics QRadar SIEM QRadar Risk Manager Resilient Incident Response Privileged Identity Manager Cloud Identity Service zSecure Network Protection (XGS) QRadar Incident Forensics SECURITY TRANSFORMATION SERVICES Manageement consulting l Systems integration l securityManaged s Cloud Security X-Force Exchangep ExchangeApp SECURITY OPERATIONSSECURITY OPERATIONS AND RESPONSE Guardium Key Manager AppScan MaaS360 BigFix QRadar Vulnerability Managerrab QRadar User Behavior AnalyticsBe QRadar SIEMS QRadar Risk Manager Resilient Incident Response Privileged Identity Manager Cloud Identity Service zSecure Network Protection (XGS) QRadar Incident Forensics INFORMATION RISK AND PROTECTION Trusteer Mobile Trusteer Pinpoint Trusteer Rapport Identity Governance and Intelligence Next
  • 38. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM Why IBM Today’s threats continue to rise in numbers and scale, as sophisticated attackers break through conventional safeguards every day. The demand for leaked data is trending toward higher-value records containing personally identifiable information and other highly sensitive data, with less emphasis on the emails, passwords and even credit card data that were the targets of years past.5 And hardly a week goes by when the media isn’t reporting that yet another prominent organization has fallen victim to a data breach, costing many millions of dollars. In fact, the average cost of a data breach is now $4 million. That’s a 29 percent increase since 2013.6 A piecemeal approach to security simply will not work. It’s time to move beyond methods that assemble defenses for specific needs but lack the integration to extend security across enterprise assets and vulnerabilities. It’s time for a comprehensive, integrated security immune system that delivers leading technology, best practices and flexibility. To protect your valuable resources, you need a system that relies on today’s intelligence, not yesterday’s narrow definition of known threats. When you partner with IBM, you gain access to a security team of 7,500 people supporting more than 12,000 customers in 133 countries. As a proven leader in enterprise security, we hold more than 3,500 security patents. And by combining the security immune system with advanced cognitive computing, we let organizations like yours continue to innovate while reducing risk. So you can continue to grow your business—while securing your most critical data and processes. For more information To learn more about the IBM Security portfolio of solutions, please contact your IBM representative or IBM Business Partner, or visit: ibm.com/security Additionally, IBM Global Financing offers numerous payment options to help you acquire the technology you need to grow your business. We provide full lifecycle management of IT products and services, from acquisition to disposition. For more information, visit: ibm.com/financing Appendix LegalNext
  • 39. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM Appendix Click on the links below for more information on the following IBM products and services mentioned in this brochure: IBM Security Strategy, Risk and Compliance Services Security Framework and Risk Assessment from IBM Deployment and Migration Services from IBM IBM Automated IT Risk Management Services IBM Security Strategy and Planning Services IBM Security Architecture and Program Design Services IBM BigFix IBM Security Network Protection (XGS) IBM QRadar Security Information and Event Management IBM X-Force Exchange IBM QRadar Incident Forensics IBM Resilient Incident Response Platform Standard IBM Resilient Incident Response Platform Enterprise IBM Security Privileged Identity Manager IBM Security Guardium IBM QRadar User Behavior Analytics IBM MaaS360 IBM Security Identity Governance and Intelligence IBM Security Access Manager (ISAM) IBM Trusteer Solutions Next Legal
  • 40. Integration and intelligence take the lead Integrating security planning, response and readiness Security Transformation Services Security Operations and Response Information Risk and Protection How it works: Four use cases tell the story Why IBM © Copyright IBM Corporation 2016 IBM Security Route 100 Somers, NY 10589 Produced in the United States of America October 2016 IBM, the IBM logo, ibm.com, BigFix, Guardium, Maas360, QRadar, Resilient Incident Response Platform, Trusteer, X-Force and zSecure are trademarks or registered trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the web at “Copyright and trademark information” at ibm.com/legal/copytrade.shtml This document is current as of the initial date of publication and may be changed by IBM at any time. Not all offerings are available in every country in which IBM operates. THE INFORMATION IN THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING WITHOUT ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OR CONDITION OF NON-INFRINGEMENT. IBM products are warranted according to the terms and conditions of the agreements under which they are provided. The client is responsible for ensuring compliance with laws and regulations applicable to it. IBM does not provide legal advice or represent or warrant that its services or products will ensure that the client is in compliance with any law or regulation. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. 1 Gartner Press Release, Gartner Says 6.4 Billion Connected “Things” Will Be in Use in 2016, Up 30 Percent From 2015, November 10, 2015. ² Ponemon, Key findings from the 2016 Cost of Data Breach Study: Global Analysis, June 2016. 3,4 Reviewing IBM a year of serious data breaches, major attacks and new vulnerabilities, April 2016. 5 IBM X-Force Threat Intelligence Report – 2016. 6 Ponemon, Key findings, 2016. SEB03029-USEN-00