John Palfreyman, profile picture
Uploaded byJohn Palfreyman
PPT, PDF456 views

Securing Systems of Engagement

This document discusses securing systems of engagement against cyber threats. It begins with an overview of cyber security definitions, common attack methods and challenges. New technologies like cloud, mobile, big data and social media create new opportunities for cyber crimes but also require smarter security approaches. Risk management principles of monitoring threats, understanding systems, assessing impact and designing containment are recommended over perfect defenses. Securing mobile devices involves enrollment/access control, security policies, secure data containers and remote wipe. A secure social business requires leadership setting the right culture, clear processes, education and testing of applications. The future of security is predicted to involve contextual, adaptive approaches with multi-level monitoring, big data analytics, and adaptive, optimized responses.

Embed presentation

Download to read offline
© 2015 IBM Corporation Securing Systems of Engagement . . With the meteoric rise in the usage of smartphones and social media V1, 1 May15 John Palfreyman, IBM
© 2015 IBM Corporation 2 1. Cyber Security & Cyber Crime in Context 2. Technology & Business Landscape 3. A Smarter Approach 4. The Future & Concluding Remarks Agenda
© 2015 IBM Corporation Cyber Security & Cyber Crime in Context Who are the bad guys & what are they up to?
© 2015 IBM Corporation 4 Cyber Security – IBM Definition Cyber Security /–n 1. the protection of an organisation and its assets from electronic attack to minimise the risk of business disruption.
© 2015 IBM Corporation 5 Cyber Security - Expanded Hacking Malware Botnets Denial of Service Trojans Cyber-dependent crimes Source : UK Home Office – Cyber Crime: a review of the evidence Oct 13
© 2015 IBM Corporation 6 Cyber Crime Hacking Malware Botnets Denial of Service Trojans Cyber-dependent crime Fraud Bullying Theft Sexual Offences Trafficking Drugs Cyber-enabled crime Source : UK Home Office – Cyber Crime: a review of the evidence Oct 13
© 2015 IBM Corporation 7  Confusion & hype abound  Common attack methods  Common methods of defense / counter / investigation  Data > Insight chain  Prosecution – burden of evidence  Learning & sharing possible, but patchy Cyber Security & (counter) Cyber Crime
© 2015 IBM Corporation 8 Cyber Threat MOTIVATION S O P H I S T I C A T I O N National Security, Economic Espionage Notoriety, Activism, Defamation Hacktivists Lulzsec, Anonymous Monetary Gain Organized crime Zeus, ZeroAccess, Blackhole Exploit Pack Nuisance, Curiosity Insiders, Spammers, Script-kiddies Nigerian 419 Scams, Code Red Nation-state actors, APTs Stuxnet, Aurora, APT-1
© 2015 IBM Corporation A new type of threat Attacker generic Malware / Hacking / DDoS IT Infrastructure Traditional Advanced Persistent Threat Critical data / infrastructure Attacker !
© 2015 IBM Corporation 10 Attack Phases 11 Break-in Spear phishing and remote exploits to gain access Command & Control (CnC) 22 Latch-on Malware and backdoors installed to establish a foothold 33 Expand Reconnaissance & lateral movement increase access & maintain presence 44 Gather Acquisition & aggregation of confidential data Command & Control (CnC) 55 Exfiltrate Get aggregated data out to external network(s)
© 2015 IBM Corporation IBM X-Force 11 March 2015IBM Security Systems IBM X-Force Threat Intelligence Quarterly, 1Q 2015 Explore the latest security trends—from “designer vulns” to mutations in malware— based on 2014 year-end data and ongoing research
© 2015 IBM Corporation Technology & Business Landscape New opportunities for cyber crime!
© 2015 IBM Corporation 13 Smarter Planet Instrumented – Interconnected - Intelligent
© 2015 IBM Corporation 14 Cloud DRIVERS Speed & agility Fast Innovation CAPEX to OPEX USE CASES SCM, HR, CRM as a SERVICE Predictive Analytics as a SERVICE
© 2015 IBM Corporation 15 Mobile DRIVERS Mobility in Business Agility & flexibility Rate of technology change USE CASES Information capture, workflow management Education where & when needed Case advice Map
© 2015 IBM Corporation 16 Big Data / Analytics DRIVERS Drowning in Data Insight for SMARTER More UNRELIABLE data USE CASES Citizen Sentiment Predictive Policing OSINT augmentation Open Source Internal Sources Intelligence Analysis SIGINT BiometricsEmail GeoINT Telephone Records Data Records
© 2015 IBM Corporation 17 Social Business DRIVERS Use of Social Channels Smart Employment Personnel Rotation USE CASES Citizen Sentiment Counter Terrorism Knowledge Retention Gather INTELLIGENCE •Social Media as OSINT •Individuals, Groups, Events •Supplement traditional sources Efficient WORKING •Breaking down Silos •Collaboration •“Self help” Culture Leverage KNOWLEDGE •Access to Experts, Content •Collaborative Ventures •Enables Innovation Positive IMAGE •Promotion / marketing •Recruiting •Citizen engagement InternalExternal
© 2015 IBM Corporation 18 Systems of Engagement  Collaborative  Interaction oriented  User centric  Unpredictable  Dynamic Big Data / Analytics Cloud Social Business Mobile
© 2015 IBM Corporation 19 Use Case – European Air Force Secure Mobile CHALLENGE •Support Organisational Transformation •HQ Task Distribution •Senior Staff demanding Mobile Access SOLUTION •IBM Connections •MS Sharepoint Integration •MaaS 360 based Tablet Security BENEFITS •Improved work efficiency •Consistent & timely information access •Secure MODERN tablet
© 2015 IBM Corporation 20 The Millennial Generation EXPECT . . . to embrace technology for improved productivity and simplicity in their personal lives tools that seem made for and by them freedom of choice, embracing change and innovation INNOVATE . . . •Actively involve a large user population •Work at Internet Scale and Speed •Discover the points of value via iteration •Engage the Millennial generation
© 2015 IBM Corporation Smart Phones (& Tablets) . . . 21  Used in the same way as a personal computer  Ever increasing functionality (app store culture) . . .  . . . and often more accessible architectures  Offer “anywhere” banking, social media, e-mail . . .  Include non-PC (!) features Context, MMS, TXT  Emergence of authentication devices
© 2015 IBM Corporation . . . are harder to defend ? . . . 22  Anti-virus software missing, or inadequate  Encryption / decryption drains the battery  Battery life is always a challenge  Stolen or “found” devices– easy to loose  Malware, mobile spyware, impersonation  Extends set of attack vectors  Much R&D into securing platform
© 2015 IBM Corporation . . . and Bring your Own Device now mainstream 23  Bring-your-own device expected  Securing corporate data  Additional complexities  Purpose-specific endpoints  Device Management
© 2015 IBM Corporation Social Media – Lifestyle Centric Computing 24 www.theconversationprism.com  Different Channels  Web centric  Conversational  Personal  Open  Explosive growth
© 2015 IBM Corporation Social Media – Special Security Challenges 25Source: Digital Shadows, Sophos, Facebook  Too much information  Online impersonation  Trust / Social Engineering / PSYOP  Targeting (Advanced, Persistent Threat) Source: Digital Shadows, Sophos, Facebook
© 2015 IBM Corporation A Smarter Approach to countering cyber crime
© 2015 IBM Corporation 27 Balance Technical Mitigation Better firewalls Improved anti-virus Advanced Crypto People Mitigation Leadership Education Culture Process
© 2015 IBM Corporation 28  Monitor threats  Understand (your) systems  Assess Impact & Probability  Design containment mechanisms  Don’t expect perfect defences  Containment & quarantine planning  Learn & improve Risk Management Approach
© 2015 IBM Corporation Securing a Mobile Device DEVICE •Enrolment & access control •Security Policy enforcement •Secure data container •Remote wipe TRANSACTION •Allow transactions on individual basis •Device monitoring & event detection •Sever risk engine – allow, restrict, flag for review APPLICATION •Endpoint management – software •Application: secure by design •Application scanning for vulnerabilities ACCESS •Enforce access policies •Approved devices and users •Context aware authorisation 29
© 2015 IBM Corporation Secure, Social Business 30 LEADERSHIP •More senior, most impact •Important to leader, important to all •Setting “tone” for culture CULTURE •Everyone knows importance AND risk •Full but SAFE usage •Mentoring PROCESS •What’s allowed, what’s not •Internal & external usage •Smart, real time black listing EDUCATION •Online education (benefits, risks) •Annual recertification •For all, at all levels
© 2015 IBM Corporation The Future & Concluding Remarks What next . . .
© 2015 IBM Corporation 32 Global Technology Outlook – Beyond Systems of Engagement
© 2015 IBM Corporation 33 Contextual, Adaptive Security Monitor and Distill Correlate and Predict Adapt and Pre-empt Security 3.0 Risk Prediction and Planning Encompassing event correlation, risk prediction, business impact assessment and defensive strategy formulation Multi-level monitoring & big data analytics Ranging from active, in device to passive monitoring Adaptive and optimized response Adapt network architecture, access protocols / privileges to maximize attacker workload
© 2015 IBM Corporation 34 1. Are you ready to respond to a cyber crime or security incident and quickly remediate? 2. Do you have the visibility and analytics needed to monitor threats? 3. Do you know where your corporate crown jewels are and are they adequately protected? 4. Can you manage your endpoints from servers to mobile devices and control network access? 5. Do you build security in and continuously test all critical web/mobile applications? 6. Can you automatically manage and limit the identities and access of your employees, partners and vendors to your enterprise? 7. Do you have a risk aware culture and management system that can ensure compliance? Fitness for Purpose
© 2015 IBM Corporation 35 1. Many Similarities – Cyber Crime vs Security – Threat Sophistication 2. Social Business & Mobile offer transformational value 3. New vulnerabilities need to be understood to be mitigated 4. Mitigation needs to be balanced, risk management based and “designed in” Summary
© 2015 IBM Corporation Thanks John Palfreyman, IBM 2dsegma@uk.ibm.com

More Related Content

PPT
Smarter Cyber Security
byJohn Palfreyman
 
PDF
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
byIBM Security
 
PDF
IBM X-Force: Insights from the 1Q 2015 X-Force Threat Intelligence Quarterly
byIBM Security
 
PPTX
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
byIBM Security
 
PDF
Cyber Security at CTX15, London
byJohn Palfreyman
 
PPTX
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
byIBM Security
 
PDF
Security Trends in the Retail Industry
byIBM Security
 
PPTX
Top 2016 Mobile Security Threats and your Employees
byNeil Kemp
 
Smarter Cyber Security
byJohn Palfreyman
 
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
byIBM Security
 
IBM X-Force: Insights from the 1Q 2015 X-Force Threat Intelligence Quarterly
byIBM Security
 
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
byIBM Security
 
Cyber Security at CTX15, London
byJohn Palfreyman
 
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
byIBM Security
 
Security Trends in the Retail Industry
byIBM Security
 
Top 2016 Mobile Security Threats and your Employees
byNeil Kemp
 

What's hot

PDF
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
byIBM Security
 
PPTX
The ROI on Intrusion Prevention: Protecting Both Your Network & Investment
byIBM Security
 
PDF
Securing the C-Suite: Cybersecurity Perspectives from the Boardroom
byIBM Security
 
PPTX
Cyber Security in the Manufacturing Industry: New challenges in the informati...
byEkonomikas ministrija
 
PDF
Mobile Security for Smartphones and Tablets
byVince Verbeke
 
PDF
Level Up Your Security with Threat Intelligence
byIBM Security
 
PPTX
Cyber security and Homeland security
byADGP, Public Grivences, Bangalore
 
PPTX
Bordless Breaches and Migrating Malware
bySarah Freemantle
 
PPTX
Secure Systems of Engagement
byJohn Palfreyman
 
PDF
Simple and secure mobile cloud access
byAGILLY
 
PPT
DSS @CERT.LV_ISACA_2013_Conference - IBM X Force Report 2013
byAndris Soroka
 
PDF
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
byIBM Security
 
PPT
Presentación AMIB Los Cabos
byJuan Carlos Carrillo
 
PPTX
Clinton- Cyber IRT Balto 10_2012
byDon Grauel
 
PDF
Telefónica security io_t_final
byChristopher Wang
 
PDF
IRJET- Cybersecurity: The Agenda for the Decade
byIRJET Journal
 
PDF
Using international standards to improve Asia-Pacific cyber security
byIT Governance Ltd
 
PDF
Top 12 Cybersecurity Predictions for 2017
byIBM Security
 
PPTX
Cybersecurity-Real World Approach FINAL 2-24-16
byJames Rutt
 
PPTX
Tolly Report: Stopping Attacks You Can't See
byIBM Security
 
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
byIBM Security
 
The ROI on Intrusion Prevention: Protecting Both Your Network & Investment
byIBM Security
 
Securing the C-Suite: Cybersecurity Perspectives from the Boardroom
byIBM Security
 
Cyber Security in the Manufacturing Industry: New challenges in the informati...
byEkonomikas ministrija
 
Mobile Security for Smartphones and Tablets
byVince Verbeke
 
Level Up Your Security with Threat Intelligence
byIBM Security
 
Cyber security and Homeland security
byADGP, Public Grivences, Bangalore
 
Bordless Breaches and Migrating Malware
bySarah Freemantle
 
Secure Systems of Engagement
byJohn Palfreyman
 
Simple and secure mobile cloud access
byAGILLY
 
DSS @CERT.LV_ISACA_2013_Conference - IBM X Force Report 2013
byAndris Soroka
 
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
byIBM Security
 
Presentación AMIB Los Cabos
byJuan Carlos Carrillo
 
Clinton- Cyber IRT Balto 10_2012
byDon Grauel
 
Telefónica security io_t_final
byChristopher Wang
 
IRJET- Cybersecurity: The Agenda for the Decade
byIRJET Journal
 
Using international standards to improve Asia-Pacific cyber security
byIT Governance Ltd
 
Top 12 Cybersecurity Predictions for 2017
byIBM Security
 
Cybersecurity-Real World Approach FINAL 2-24-16
byJames Rutt
 
Tolly Report: Stopping Attacks You Can't See
byIBM Security
 

Viewers also liked

PPTX
Internet Safety
byTsenn13
 
PPTX
Disol
byMitzy Rojas
 
PDF
Maria Grazia Maffucci - progettazione per obiettivi
byMaria Grazia Maffucci
 
PDF
Maria Grazia Maffucci - relazione reti: progettazione per obiettivi
byMaria Grazia Maffucci
 
DOCX
Internet Then and Now
byKeanna Rae Mejia
 
PPSX
I viaggi di passione avventura
byFabio Bonfante
 
PPT
Health Total
byAlisiaG
 
PPTX
Until Successful Component
byDurga Prasad Kakarla
 
PPT
Redes sociales y empleo 2015
byAdrián Yánez Romero
 
PPTX
Mule Message Properties Component
byDurga Prasad Kakarla
 
PDF
Museos y rrss etpm 2016
byAdrián Yánez Romero
 
PPTX
Absolute Vacation Club
byAbsolute World Group
 
PPTX
Expression Filters
byDurga Prasad Kakarla
 
PDF
Reglamento del aprendiz sena
byLarry-97
 
PPTX
Database Component
byDurga Prasad Kakarla
 
PPTX
SITE-rminology
byKeanna Rae Mejia
 
PPTX
Stratégie hospitalière de lutte contre les violences faites aux femmes
byGynsf
 
PPTX
Idea presentation for economics
byBritneyBondin
 
PPTX
Quartz component
byDurga Prasad Kakarla
 
PDF
Maria Grazia Maffucci - analisi libri
byMaria Grazia Maffucci
 
Internet Safety
byTsenn13
 
Disol
byMitzy Rojas
 
Maria Grazia Maffucci - progettazione per obiettivi
byMaria Grazia Maffucci
 
Maria Grazia Maffucci - relazione reti: progettazione per obiettivi
byMaria Grazia Maffucci
 
Internet Then and Now
byKeanna Rae Mejia
 
I viaggi di passione avventura
byFabio Bonfante
 
Health Total
byAlisiaG
 
Until Successful Component
byDurga Prasad Kakarla
 
Redes sociales y empleo 2015
byAdrián Yánez Romero
 
Mule Message Properties Component
byDurga Prasad Kakarla
 
Museos y rrss etpm 2016
byAdrián Yánez Romero
 
Absolute Vacation Club
byAbsolute World Group
 
Expression Filters
byDurga Prasad Kakarla
 
Reglamento del aprendiz sena
byLarry-97
 
Database Component
byDurga Prasad Kakarla
 
SITE-rminology
byKeanna Rae Mejia
 
Stratégie hospitalière de lutte contre les violences faites aux femmes
byGynsf
 
Idea presentation for economics
byBritneyBondin
 
Quartz component
byDurga Prasad Kakarla
 
Maria Grazia Maffucci - analisi libri
byMaria Grazia Maffucci
 

Similar to Securing Systems of Engagement

PPT
Cyber crime in a Smart Phone & Social Media Obsessed World
byJohn Palfreyman
 
PPTX
Smarter cyber security v8
byJohn Palfreyman
 
PDF
IBM - IAM Security and Trends
byIBM Sverige
 
PPT
Breaking down the cyber security framework closing critical it security gaps
byIBM Security
 
PPSX
IBM: Cognitive Security Transformation for the Enrgy Sector
byFMA Summits
 
PPTX
Take your SOC Beyond SIEM
byThomas Springer
 
PPTX
QRadar Security Intelligence Overview.pptx
byDmitry718707
 
PPTX
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
byIBM Security
 
PPTX
Splunk for Security Breakout Session
bySplunk
 
PPTX
2015 Cybercrime Trends – Things are Going to Get Interesting
byIBM Security
 
PPTX
PCM Vision 2019 Breakout: IBM | Red Hat
byPCM
 
PDF
Kista watson summit final public version
byIBM Sverige
 
PPT
IBM security systems overview v1.0 - rohit nagarajan
byShwetank Jayaswal
 
PDF
Fall2015SecurityShow
byAdam Heller
 
PDF
IT Security Bedrohungen optimal abwehren_Tom Turner und Andreas Wespi
byIBM Switzerland
 
PDF
Rochester Security Event
bycalebbarlow
 
PPTX
Security in the Cognitive Era: Why it matters more than ever
byEC-Council
 
PDF
[RakutenTechConf2013] [A-0] Security Meets Analytics
byRakuten Group, Inc.
 
PPTX
Cybersecurity in the Cognitive Era: Priming Your Digital Immune System
byIBM Security
 
PPT
Fortifying for the future: Insights from the 2014 IBM Chief Information Secur...
byIBM Center for Applied Insights
 
Cyber crime in a Smart Phone & Social Media Obsessed World
byJohn Palfreyman
 
Smarter cyber security v8
byJohn Palfreyman
 
IBM - IAM Security and Trends
byIBM Sverige
 
Breaking down the cyber security framework closing critical it security gaps
byIBM Security
 
IBM: Cognitive Security Transformation for the Enrgy Sector
byFMA Summits
 
Take your SOC Beyond SIEM
byThomas Springer
 
QRadar Security Intelligence Overview.pptx
byDmitry718707
 
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
byIBM Security
 
Splunk for Security Breakout Session
bySplunk
 
2015 Cybercrime Trends – Things are Going to Get Interesting
byIBM Security
 
PCM Vision 2019 Breakout: IBM | Red Hat
byPCM
 
Kista watson summit final public version
byIBM Sverige
 
IBM security systems overview v1.0 - rohit nagarajan
byShwetank Jayaswal
 
Fall2015SecurityShow
byAdam Heller
 
IT Security Bedrohungen optimal abwehren_Tom Turner und Andreas Wespi
byIBM Switzerland
 
Rochester Security Event
bycalebbarlow
 
Security in the Cognitive Era: Why it matters more than ever
byEC-Council
 
[RakutenTechConf2013] [A-0] Security Meets Analytics
byRakuten Group, Inc.
 
Cybersecurity in the Cognitive Era: Priming Your Digital Immune System
byIBM Security
 
Fortifying for the future: Insights from the 2014 IBM Chief Information Secur...
byIBM Center for Applied Insights
 

Recently uploaded

PDF
TrustArc Webinar - Assessing AI Risk with Confidence
byTrustArc
 
PDF
Safeguarding AI-Based Financial Infrastructure
byYasir Naveed Riaz
 
PPTX
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
PDF
How Mobile Apps Are Shaping the Future of Digital Innovation
byWilliam Taylor
 
PPTX
The Landscape of Computer Software Development Companies
byYash Singh
 
PDF
December Patch Tuesday
byIvanti
 
PDF
Empowering Productivity with Clever Prompts and Intelligent Agents
byUni Systems S.M.S.A.
 
PDF
Digit Expo 2025 - EICC Edinburgh 27th November
byRay Bugg
 
PPTX
The Future of IT Service Management AI Automation & Beyond.pptx
byChetu
 
PDF
Top 7 Manufacturing Software for Small Businesses Boosting Growth in 2025
byEnvertis Software Solutions
 
PPTX
Ethics in AI - Artificial Intelligence Fundamentals.pptx
byemenyiblessing
 
PDF
Generative AI in 2026: Hype, Bubble, Winter or The Real Deal?
byDr. Tathagat Varma
 
PDF
Generative AI in UiPath: Mastering the Generative Extractor for Intelligent D...
byDianaGray10
 
PDF
Greetings All Students Update 3 by Mia Corp
by©LDMMIA, ©Reiki Yoga
 
PDF
Unlocking the Power of Salesforce Architecture: Frameworks for Effective Solu...
byvarsha30tiwari
 
PDF
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
PDF
Guided Substation Engineering with CoMPAS: Simplifying IEC 61850
byDanBrown980551
 
PPTX
Combining Induction and Transduction for Abstract Reasoning.pptx
byallen578468
 
PDF
AI and Computer Architecture: 200 Years Together
byDmitry Zinoviev
 
PDF
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
TrustArc Webinar - Assessing AI Risk with Confidence
byTrustArc
 
Safeguarding AI-Based Financial Infrastructure
byYasir Naveed Riaz
 
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
How Mobile Apps Are Shaping the Future of Digital Innovation
byWilliam Taylor
 
The Landscape of Computer Software Development Companies
byYash Singh
 
December Patch Tuesday
byIvanti
 
Empowering Productivity with Clever Prompts and Intelligent Agents
byUni Systems S.M.S.A.
 
Digit Expo 2025 - EICC Edinburgh 27th November
byRay Bugg
 
The Future of IT Service Management AI Automation & Beyond.pptx
byChetu
 
Top 7 Manufacturing Software for Small Businesses Boosting Growth in 2025
byEnvertis Software Solutions
 
Ethics in AI - Artificial Intelligence Fundamentals.pptx
byemenyiblessing
 
Generative AI in 2026: Hype, Bubble, Winter or The Real Deal?
byDr. Tathagat Varma
 
Generative AI in UiPath: Mastering the Generative Extractor for Intelligent D...
byDianaGray10
 
Greetings All Students Update 3 by Mia Corp
by©LDMMIA, ©Reiki Yoga
 
Unlocking the Power of Salesforce Architecture: Frameworks for Effective Solu...
byvarsha30tiwari
 
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
Guided Substation Engineering with CoMPAS: Simplifying IEC 61850
byDanBrown980551
 
Combining Induction and Transduction for Abstract Reasoning.pptx
byallen578468
 
AI and Computer Architecture: 200 Years Together
byDmitry Zinoviev
 
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 

Securing Systems of Engagement

  • 1.
    © 2015 IBMCorporation Securing Systems of Engagement . . With the meteoric rise in the usage of smartphones and social media V1, 1 May15 John Palfreyman, IBM
  • 2.
    © 2015 IBMCorporation 2 1. Cyber Security & Cyber Crime in Context 2. Technology & Business Landscape 3. A Smarter Approach 4. The Future & Concluding Remarks Agenda
  • 3.
    © 2015 IBMCorporation Cyber Security & Cyber Crime in Context Who are the bad guys & what are they up to?
  • 4.
    © 2015 IBMCorporation 4 Cyber Security – IBM Definition Cyber Security /–n 1. the protection of an organisation and its assets from electronic attack to minimise the risk of business disruption.
  • 5.
    © 2015 IBMCorporation 5 Cyber Security - Expanded Hacking Malware Botnets Denial of Service Trojans Cyber-dependent crimes Source : UK Home Office – Cyber Crime: a review of the evidence Oct 13
  • 6.
    © 2015 IBMCorporation 6 Cyber Crime Hacking Malware Botnets Denial of Service Trojans Cyber-dependent crime Fraud Bullying Theft Sexual Offences Trafficking Drugs Cyber-enabled crime Source : UK Home Office – Cyber Crime: a review of the evidence Oct 13
  • 7.
    © 2015 IBMCorporation 7  Confusion & hype abound  Common attack methods  Common methods of defense / counter / investigation  Data > Insight chain  Prosecution – burden of evidence  Learning & sharing possible, but patchy Cyber Security & (counter) Cyber Crime
  • 8.
    © 2015 IBMCorporation 8 Cyber Threat MOTIVATION S O P H I S T I C A T I O N National Security, Economic Espionage Notoriety, Activism, Defamation Hacktivists Lulzsec, Anonymous Monetary Gain Organized crime Zeus, ZeroAccess, Blackhole Exploit Pack Nuisance, Curiosity Insiders, Spammers, Script-kiddies Nigerian 419 Scams, Code Red Nation-state actors, APTs Stuxnet, Aurora, APT-1
  • 9.
    © 2015 IBMCorporation A new type of threat Attacker generic Malware / Hacking / DDoS IT Infrastructure Traditional Advanced Persistent Threat Critical data / infrastructure Attacker !
  • 10.
    © 2015 IBMCorporation 10 Attack Phases 11 Break-in Spear phishing and remote exploits to gain access Command & Control (CnC) 22 Latch-on Malware and backdoors installed to establish a foothold 33 Expand Reconnaissance & lateral movement increase access & maintain presence 44 Gather Acquisition & aggregation of confidential data Command & Control (CnC) 55 Exfiltrate Get aggregated data out to external network(s)
  • 11.
    © 2015 IBMCorporation IBM X-Force 11 March 2015IBM Security Systems IBM X-Force Threat Intelligence Quarterly, 1Q 2015 Explore the latest security trends—from “designer vulns” to mutations in malware— based on 2014 year-end data and ongoing research
  • 12.
    © 2015 IBMCorporation Technology & Business Landscape New opportunities for cyber crime!
  • 13.
    © 2015 IBMCorporation 13 Smarter Planet Instrumented – Interconnected - Intelligent
  • 14.
    © 2015 IBMCorporation 14 Cloud DRIVERS Speed & agility Fast Innovation CAPEX to OPEX USE CASES SCM, HR, CRM as a SERVICE Predictive Analytics as a SERVICE
  • 15.
    © 2015 IBMCorporation 15 Mobile DRIVERS Mobility in Business Agility & flexibility Rate of technology change USE CASES Information capture, workflow management Education where & when needed Case advice Map
  • 16.
    © 2015 IBMCorporation 16 Big Data / Analytics DRIVERS Drowning in Data Insight for SMARTER More UNRELIABLE data USE CASES Citizen Sentiment Predictive Policing OSINT augmentation Open Source Internal Sources Intelligence Analysis SIGINT BiometricsEmail GeoINT Telephone Records Data Records
  • 17.
    © 2015 IBMCorporation 17 Social Business DRIVERS Use of Social Channels Smart Employment Personnel Rotation USE CASES Citizen Sentiment Counter Terrorism Knowledge Retention Gather INTELLIGENCE •Social Media as OSINT •Individuals, Groups, Events •Supplement traditional sources Efficient WORKING •Breaking down Silos •Collaboration •“Self help” Culture Leverage KNOWLEDGE •Access to Experts, Content •Collaborative Ventures •Enables Innovation Positive IMAGE •Promotion / marketing •Recruiting •Citizen engagement InternalExternal
  • 18.
    © 2015 IBMCorporation 18 Systems of Engagement  Collaborative  Interaction oriented  User centric  Unpredictable  Dynamic Big Data / Analytics Cloud Social Business Mobile
  • 19.
    © 2015 IBMCorporation 19 Use Case – European Air Force Secure Mobile CHALLENGE •Support Organisational Transformation •HQ Task Distribution •Senior Staff demanding Mobile Access SOLUTION •IBM Connections •MS Sharepoint Integration •MaaS 360 based Tablet Security BENEFITS •Improved work efficiency •Consistent & timely information access •Secure MODERN tablet
  • 20.
    © 2015 IBMCorporation 20 The Millennial Generation EXPECT . . . to embrace technology for improved productivity and simplicity in their personal lives tools that seem made for and by them freedom of choice, embracing change and innovation INNOVATE . . . •Actively involve a large user population •Work at Internet Scale and Speed •Discover the points of value via iteration •Engage the Millennial generation
  • 21.
    © 2015 IBMCorporation Smart Phones (& Tablets) . . . 21  Used in the same way as a personal computer  Ever increasing functionality (app store culture) . . .  . . . and often more accessible architectures  Offer “anywhere” banking, social media, e-mail . . .  Include non-PC (!) features Context, MMS, TXT  Emergence of authentication devices
  • 22.
    © 2015 IBMCorporation . . . are harder to defend ? . . . 22  Anti-virus software missing, or inadequate  Encryption / decryption drains the battery  Battery life is always a challenge  Stolen or “found” devices– easy to loose  Malware, mobile spyware, impersonation  Extends set of attack vectors  Much R&D into securing platform
  • 23.
    © 2015 IBMCorporation . . . and Bring your Own Device now mainstream 23  Bring-your-own device expected  Securing corporate data  Additional complexities  Purpose-specific endpoints  Device Management
  • 24.
    © 2015 IBMCorporation Social Media – Lifestyle Centric Computing 24 www.theconversationprism.com  Different Channels  Web centric  Conversational  Personal  Open  Explosive growth
  • 25.
    © 2015 IBMCorporation Social Media – Special Security Challenges 25Source: Digital Shadows, Sophos, Facebook  Too much information  Online impersonation  Trust / Social Engineering / PSYOP  Targeting (Advanced, Persistent Threat) Source: Digital Shadows, Sophos, Facebook
  • 26.
    © 2015 IBMCorporation A Smarter Approach to countering cyber crime
  • 27.
    © 2015 IBMCorporation 27 Balance Technical Mitigation Better firewalls Improved anti-virus Advanced Crypto People Mitigation Leadership Education Culture Process
  • 28.
    © 2015 IBMCorporation 28  Monitor threats  Understand (your) systems  Assess Impact & Probability  Design containment mechanisms  Don’t expect perfect defences  Containment & quarantine planning  Learn & improve Risk Management Approach
  • 29.
    © 2015 IBMCorporation Securing a Mobile Device DEVICE •Enrolment & access control •Security Policy enforcement •Secure data container •Remote wipe TRANSACTION •Allow transactions on individual basis •Device monitoring & event detection •Sever risk engine – allow, restrict, flag for review APPLICATION •Endpoint management – software •Application: secure by design •Application scanning for vulnerabilities ACCESS •Enforce access policies •Approved devices and users •Context aware authorisation 29
  • 30.
    © 2015 IBMCorporation Secure, Social Business 30 LEADERSHIP •More senior, most impact •Important to leader, important to all •Setting “tone” for culture CULTURE •Everyone knows importance AND risk •Full but SAFE usage •Mentoring PROCESS •What’s allowed, what’s not •Internal & external usage •Smart, real time black listing EDUCATION •Online education (benefits, risks) •Annual recertification •For all, at all levels
  • 31.
    © 2015 IBMCorporation The Future & Concluding Remarks What next . . .
  • 32.
    © 2015 IBMCorporation 32 Global Technology Outlook – Beyond Systems of Engagement
  • 33.
    © 2015 IBMCorporation 33 Contextual, Adaptive Security Monitor and Distill Correlate and Predict Adapt and Pre-empt Security 3.0 Risk Prediction and Planning Encompassing event correlation, risk prediction, business impact assessment and defensive strategy formulation Multi-level monitoring & big data analytics Ranging from active, in device to passive monitoring Adaptive and optimized response Adapt network architecture, access protocols / privileges to maximize attacker workload
  • 34.
    © 2015 IBMCorporation 34 1. Are you ready to respond to a cyber crime or security incident and quickly remediate? 2. Do you have the visibility and analytics needed to monitor threats? 3. Do you know where your corporate crown jewels are and are they adequately protected? 4. Can you manage your endpoints from servers to mobile devices and control network access? 5. Do you build security in and continuously test all critical web/mobile applications? 6. Can you automatically manage and limit the identities and access of your employees, partners and vendors to your enterprise? 7. Do you have a risk aware culture and management system that can ensure compliance? Fitness for Purpose
  • 35.
    © 2015 IBMCorporation 35 1. Many Similarities – Cyber Crime vs Security – Threat Sophistication 2. Social Business & Mobile offer transformational value 3. New vulnerabilities need to be understood to be mitigated 4. Mitigation needs to be balanced, risk management based and “designed in” Summary
  • 36.
    © 2015 IBMCorporation Thanks John Palfreyman, IBM 2dsegma@uk.ibm.com

Editor's Notes

  • #10 Traditionally, the attackers came from the Internet. They usually used some standard or generic malware, hacking technique or ddos tool, attacked critical infrastructure and tested what they could get their hands on. With that scenario, protecting the infrastructure was usually sufficient. With APT, this scenario has changed. Attackers are looking for specific data or infrastructure to target and they are very persistent in getting there. They are still using some kind of malware or exploit to get there, but they are usually very advanced, zero day versions, and often employ multiple exploits at once. And the number of possible entry points has increased greatly – there are still servers to be attacked, but also desktop PCs, mobile devices such as laptops and mobile phones (often vulnerable and with closed systems, e.g. iPhone) and entry points such as social networks, which are all connected in some way these days. And the attack might not come from the Internet alone anymore – malware inserted through USB sticks is an emerging threat.