23
IBM SECURITY STRATEGY DRIVING INNOVATION WHILE HELPING TO SECURE 17,500+ CUSTOMERS David Millar November 2017 Security Services Executive IBM Canada Steve Rainville Associate Partner Security Services IBM Canada

IBM SECURITY STRATEGY - SecTor 2020 · IBM SECURITY STRATEGY DRIVING INNOVATION WHILE HELPING TO SECURE 17,500+ CUSTOMERS David Millar November 2017 Security Services Executive IBM

  • Upload
    others

  • View
    6

  • Download
    0

Embed Size (px)

Citation preview

Page 1: IBM SECURITY STRATEGY - SecTor 2020 · IBM SECURITY STRATEGY DRIVING INNOVATION WHILE HELPING TO SECURE 17,500+ CUSTOMERS David Millar November 2017 Security Services Executive IBM

IBM SECURITY STRATEGYDRIVING INNOVATION WHILE HELPING TO SECURE 17,500+ CUSTOMERS

David Millar

November 2017

Security Services ExecutiveIBM Canada

Steve RainvilleAssociate Partner Security Services IBM Canada

Page 2: IBM SECURITY STRATEGY - SecTor 2020 · IBM SECURITY STRATEGY DRIVING INNOVATION WHILE HELPING TO SECURE 17,500+ CUSTOMERS David Millar November 2017 Security Services Executive IBM

2 IBM Security

Cybersecurity is a universal challenge

By 2020, there will be…

5 billionpersonal data records stolen

20.8 billion“things” to secure

$8 trillionlost to cybercrime

Page 3: IBM SECURITY STRATEGY - SecTor 2020 · IBM SECURITY STRATEGY DRIVING INNOVATION WHILE HELPING TO SECURE 17,500+ CUSTOMERS David Millar November 2017 Security Services Executive IBM

3 IBM Security

What our customers are facing

Organizations are using

toomanytools from too many vendors

TOO MANY TOOLS

GDPR fines can cost

billionsfor large global companies

COMPLIANCEMANDATES

By 2022, there will be

1.8millionunfulfilled cybersecurity positions

SKILLSSHORTAGE

Page 4: IBM SECURITY STRATEGY - SecTor 2020 · IBM SECURITY STRATEGY DRIVING INNOVATION WHILE HELPING TO SECURE 17,500+ CUSTOMERS David Millar November 2017 Security Services Executive IBM

4 IBM Security

Your Cyber Security

Committee!

CEO & Board Member(s)

Finance

HR

Comms

Marketing & Sales

Operations

Start a Committee

Page 5: IBM SECURITY STRATEGY - SecTor 2020 · IBM SECURITY STRATEGY DRIVING INNOVATION WHILE HELPING TO SECURE 17,500+ CUSTOMERS David Millar November 2017 Security Services Executive IBM

5 IBM Security

To ramp up your SOC to detect and respond to advanced threats

you need…

People

Process

Technology

Page 6: IBM SECURITY STRATEGY - SecTor 2020 · IBM SECURITY STRATEGY DRIVING INNOVATION WHILE HELPING TO SECURE 17,500+ CUSTOMERS David Millar November 2017 Security Services Executive IBM

6 IBM Security

Technology

Page 7: IBM SECURITY STRATEGY - SecTor 2020 · IBM SECURITY STRATEGY DRIVING INNOVATION WHILE HELPING TO SECURE 17,500+ CUSTOMERS David Millar November 2017 Security Services Executive IBM

7 IBM Security

Does this look familiar?

Criminal detection

Fraud protection

Data access control

Application security management

Applicationscanning

Data protection

Device managementTransaction protection

Content security

Malware protection

Endpoint detectionand response

Endpoint patching and management

Network forensics and threat management

Virtual patching

Firewalls

Sandboxing

Network visibility and segmentation

Access management

Identity governance and administration

Privileged user management

IDaaS

Indicators of compromise

Malware analysis

Threat sharing

Vulnerability management

Security analytics

Threat and anomaly detection

Incident response

User behavior analytics

Threat hunting and investigation

Mainframe security

Page 8: IBM SECURITY STRATEGY - SecTor 2020 · IBM SECURITY STRATEGY DRIVING INNOVATION WHILE HELPING TO SECURE 17,500+ CUSTOMERS David Millar November 2017 Security Services Executive IBM

8 IBM Security

An integrated and intelligent security immune system

Criminal detection

Fraud protection

Data access control

Application security management

Applicationscanning

Data protection

Device management

Transaction protection

Content security

Malware protection

Endpoint detectionand response

Endpoint patching and management

Network forensics and threat management

Virtual patching

Firewalls

Sandboxing

Network visibility and segmentation

Access management

Identity governance and administration

Privileged user management

IDaaS

Mainframe security

Indicators of compromise

Malware analysis

Threat sharing

SECURITY ECOSYSTEM

Vulnerability management

Security analytics

Threat and anomaly detection

Incident response

User behavior analytics

Threat hunting and investigation

Page 9: IBM SECURITY STRATEGY - SecTor 2020 · IBM SECURITY STRATEGY DRIVING INNOVATION WHILE HELPING TO SECURE 17,500+ CUSTOMERS David Millar November 2017 Security Services Executive IBM

9 IBM Security

IBM Security Immune System

BigFix QRadar Incident Forensics

QRadar Network Insights

X-Force Exchange | Malware Analysis

Guardium | Multi-cloud Encryption | Key Manager

Cloud Identity

Identity Governance and Access

zSecure

MaaS360 Trusteer

AppScan

Application Security on Cloud

QRadar | Watson | Resilient | i2

Mobile Device Management

ManagedDetection & Response

Managed Network Security

Critical Data Protection Services

Identity Management Services

X-Force Red

X-Force IRIS

Financial Malware Research

Security Operations ConsultingX-Force Command Centers

X-Force IRIS

Secure SD-WAN

SDLC Consulting

SECURITY ECOSYSTEM

App Exchange

Hybrid Cloud Security Services

Products

Services

Page 10: IBM SECURITY STRATEGY - SecTor 2020 · IBM SECURITY STRATEGY DRIVING INNOVATION WHILE HELPING TO SECURE 17,500+ CUSTOMERS David Millar November 2017 Security Services Executive IBM

10 IBM Security

Asking for the Cash!

Do we already have a

product deployed with

similar or the same

functionality?

Page 11: IBM SECURITY STRATEGY - SecTor 2020 · IBM SECURITY STRATEGY DRIVING INNOVATION WHILE HELPING TO SECURE 17,500+ CUSTOMERS David Millar November 2017 Security Services Executive IBM

11 IBM Security

Asking for the Cash!

Does one of our current

vendors have a product

that integrates better into

our existing environment

than the one you are

recommending?

Page 12: IBM SECURITY STRATEGY - SecTor 2020 · IBM SECURITY STRATEGY DRIVING INNOVATION WHILE HELPING TO SECURE 17,500+ CUSTOMERS David Millar November 2017 Security Services Executive IBM

12 IBM Security

Asking for the Cash!

Does this new

technology have open

API’s that will integrate

into our existing

technology portfolio?

Does it leverage AI to

enhance the skills on our

team?

Page 13: IBM SECURITY STRATEGY - SecTor 2020 · IBM SECURITY STRATEGY DRIVING INNOVATION WHILE HELPING TO SECURE 17,500+ CUSTOMERS David Millar November 2017 Security Services Executive IBM

13 IBM Security

Asking for the Cash!

Is all of our current security

technology currently up to

the latest version, patched,

integrated and fully

optimized? Is there any

opportunity for automation in

our current portfolio?

Page 14: IBM SECURITY STRATEGY - SecTor 2020 · IBM SECURITY STRATEGY DRIVING INNOVATION WHILE HELPING TO SECURE 17,500+ CUSTOMERS David Millar November 2017 Security Services Executive IBM

14 IBM Security

Process

Page 15: IBM SECURITY STRATEGY - SecTor 2020 · IBM SECURITY STRATEGY DRIVING INNOVATION WHILE HELPING TO SECURE 17,500+ CUSTOMERS David Millar November 2017 Security Services Executive IBM

15 IBM Security

NIST Cybersecurity Framework

Identify Protect Detect Respond Recover

Page 16: IBM SECURITY STRATEGY - SecTor 2020 · IBM SECURITY STRATEGY DRIVING INNOVATION WHILE HELPING TO SECURE 17,500+ CUSTOMERS David Millar November 2017 Security Services Executive IBM

16 IBM Security

Page 17: IBM SECURITY STRATEGY - SecTor 2020 · IBM SECURITY STRATEGY DRIVING INNOVATION WHILE HELPING TO SECURE 17,500+ CUSTOMERS David Millar November 2017 Security Services Executive IBM

17 IBM Security

Houston, we have a problem…

1. Get an outside firm on retainer

NOW

2. Use an IR platform to help you

build out, automate and

integrate your tools and

orchestrate your response

3. Practice, practice, practice

Page 18: IBM SECURITY STRATEGY - SecTor 2020 · IBM SECURITY STRATEGY DRIVING INNOVATION WHILE HELPING TO SECURE 17,500+ CUSTOMERS David Millar November 2017 Security Services Executive IBM

18 IBM Security

People

Page 19: IBM SECURITY STRATEGY - SecTor 2020 · IBM SECURITY STRATEGY DRIVING INNOVATION WHILE HELPING TO SECURE 17,500+ CUSTOMERS David Millar November 2017 Security Services Executive IBM

19 IBM Security

There are an estimated 3,000+ open security positions in Canada today.

How are you going to compete for

security resources?

Page 20: IBM SECURITY STRATEGY - SecTor 2020 · IBM SECURITY STRATEGY DRIVING INNOVATION WHILE HELPING TO SECURE 17,500+ CUSTOMERS David Millar November 2017 Security Services Executive IBM

20 IBM Security

You are going to need to be part of the solution in helping to buildout the next generation of Canada’s cyber security skills.

• One Professional Hire

• Current Staff

• Local Colleges and Universities

• Women in Security - Why?

• New Collar Workers

• Selectively Out-Task SecOps, L1/L2, Threat Hunting, Emergency

Response, etc. to an MSSP

Page 21: IBM SECURITY STRATEGY - SecTor 2020 · IBM SECURITY STRATEGY DRIVING INNOVATION WHILE HELPING TO SECURE 17,500+ CUSTOMERS David Millar November 2017 Security Services Executive IBM

21 IBM Security

Please remember, people are human…not machines.

Hours Worked per Week

Pro

du

ctivity

35 hrs/week

45 hrs/week

55 hrs/week

Page 22: IBM SECURITY STRATEGY - SecTor 2020 · IBM SECURITY STRATEGY DRIVING INNOVATION WHILE HELPING TO SECURE 17,500+ CUSTOMERS David Millar November 2017 Security Services Executive IBM

22 IBM Security

Ramp up your SOC to detect and respond to advanced threats with…

AUGMENTED People

ORCHESTRATED Processes

INTEGRATED Technology

Page 23: IBM SECURITY STRATEGY - SecTor 2020 · IBM SECURITY STRATEGY DRIVING INNOVATION WHILE HELPING TO SECURE 17,500+ CUSTOMERS David Millar November 2017 Security Services Executive IBM

ibm.com/security

securityintelligence.com

xforce.ibmcloud.com

@ibmsecurity

youtube/user/ibmsecuritysolutions

© Copyright IBM Corporation 2017. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind,

express or implied. Any statement of direction represents IBM's current intent, is subject to change or withdrawal, and represent only goals and objectives. IBM, the IBM logo, and other IBM products

and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service

marks of others.

Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your

enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others.

No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems,

products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products

or services to be most effective. IBM does not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party.

FOLLOW US ON:

THANK YOU