View
215
Download
0
Category
Preview:
Citation preview
IBM Research Preemptive Cybersecurity for the Next Era
March 13, 2015
Zachary J. LemniosVice President Strategy and Worldwide Operations
IBM Research
© 2014 International Business Machines Corporation 2
Science & Technology
Engagingin newways
Industries &SolutionsResearch
Cloudtransforming
IT
CloudResearch
Data transforming
industries
CognitiveResearch
Three foundational shifts in the Industry:
© 2014 International Business Machines Corporation 3
The Emerging Information Technology Landscape
Mobile SocialCloud
Internet of Things
© 2014 International Business Machines Corporation 4
Explosion of Data across all Industries
Source: IDC’s sixth annual study of the digital universe (2012)
2009 2010 2011 2012 2013 2014 2015 2016 20170
5
10
15
20
25
30
35
Exa
byt
es
Multimedia
Manufacturing & Enterprise IoT
Consumer oriented IoT
Text data
Genomic
Structured
Other
© 2014 International Business Machines Corporation 5
Watson In the data flow
High value Cloud
High Value Opportunities Emerge in Data
© 2014 International Business Machines Corporation 6
Purchase history Social media
Transforming industries with Systems of Insight
Life sciences
Industrial
Retail
360o customer insight
Financial service
Financial transactions Social network
Financial fraud detection
Supply/demand history Physical data
Renewable energy reserve management
Drug/genome database Clinical experience
New medicine discovery
© 2014 International Business Machines Corporation 9
High profile breaches continue to make headlines
Millions of Anthem Customers Targeted in Cyberattack
– The New York Times, Feb 2015
Target's Data Breach: The Largest Retail Hack in U.S. History– Bloomberg, 2014
Fed Acknowledges Cybersecurity Breach– The Wall Street Journal, Feb 2013
South Carolina taxpayer server hacked, 3.6 million Social Security numbers
compromised– CNN, Oct 2012
Facebook hacked in 'sophisticated attack'
– The Guardian, Feb 2013
NASDAQ Confirms Breach in Network
– The Wall Street Journal, Feb 2011
Apple Hacked: Company Admits Development Website
Was Breached– Huffington Post, July 2013
Chinese hacking of US media is 'widespread phenomenon‘– Wired, Feb 2013
Saudi Arabia Says Aramco Cyberattack Came From Foreign States – Bloomberg,
Dec 2012
© 2014 International Business Machines Corporation 10
A new security reality is here
61%
data theft and cybercrimeare their greatest threats
2012 IBM Global Reputational Risk & IT Study
of organizations say
Average cost of adata breach
2014 Cost of Data Breach, Ponemon Institute
$3.5M
70%of security
executives have cloud and mobile security concerns
2013 IBM CISO Survey
Mobile malware growthin just one year
2012 - 2013 Juniper Mobile Threat Report
614% security tools from
vendors
85
45IBM client example
83%of enterprises
have difficulty finding the security skills they need
2012 ESG Research
© 2014 International Business Machines Corporation 11
We are in an Era of Continuous Attack
Operational Sophistication
IBM X-Force declared Year of the
Security Breach
Near Daily Leaks of Sensitive Data
40% increase in reported data
breaches and incidents
Relentless Use of Multiple Methods
500,000,000+ records were leaked, while the future
shows no sign of change
2011 2012 2013
Note: Size of circle estimates relative impact of incident in terms of cost to business.
SQL injection Spear phishing
DDoS Third-party software
Physical access
Malware XSS Watering hole Undisclosed
Attack types
Source: IBM X-Force Threat Intelligence Quarterly – 1Q 2014
© 2014 International Business Machines Corporation 12
Hackers + Warriors have emerged!!
Cyber Warriors: Advanced Persistent Threat
Hackers: Traditional Malware
© 2014 International Business Machines Corporation 13
Adversary
Motive
The cybersecurity Landscape has changed
Damage/Impact to Life & Property
National Security
Monetary Gain
Espionage,Political Activism
Revenge
Curiosity Script-kiddies or hackers using tools, web-based “how-to’s”
Insiders, using inside information
Organized Crime, Hackers & Crackers
Competitors, Hacktivists
Nation-state Actors; Targeted Attacks
© 2014 International Business Machines Corporation 14
Security 360: Contextual, Cognitive and Adaptive
Monitorand Distill
Correlate and Predict
Adapt and Pre-empt
Correlate events
Predict risk
Business impact
Defense strategies
Cognitive Planning
Active
In-device
Near Field
Passive
Contextual Insights
Adaptive Response
Controls Management Agents Active
Security 3.0
© 2014 International Business Machines Corporation 15
Where we need your help
1) Deeper pipeline of outstanding talent
2) New ideas for the toughest problems
a) Advanced Persistent Threats
b) Preempting the Insider Threat
c) Security governance in the era of mobile and BYOD
3) New Ideas for a New World
a) crypto schemes that ensure confidentiality as well as privacy
b) security and compliance in the era of the cloud
c) Security for cyber physical systems
© 2014 International Business Machines Corporation 17
IBM has launched the Next Era of Computing
Tabulating Systems Era
Cognitive Systems Era
Programmable Systems Era
© 2014 International Business Machines Corporation 18
Journey to Watson: a deep foundation in computer science
MachineLearning
NaturalLanguage
Processing
HighPerformanceComputing
KnowledgeRepresentation
andReasoning
QuestionAnsweringTechnology
UnstructuredInformation
Management
© 2014 International Business Machines Corporation 19
Data is the new basis of competitive value
RetailBanking
Oil & Gas
Healthcare
Data at the edge is changing how we look at data
90%
By 2017
Of data created over the last 10 years was never captured or analyzed
The collective computing and storage capacity of smartphones will surpass all worldwide servers
60%
2X
Of valuable sensory data loses value in milliseconds
Rate of data creation compared to the expansion of bandwidth over the past decade
© 2014 International Business Machines Corporation 21
Application of Cognitive Computing to Cyber Security
• Understanding of natural language, images and other sensory information.
• Complex reasoning and deep interaction with experts
• Hypothesis and question generation across arbitrary domains; meta-heuristic to automate algorithm choices
Recommended