Upload
ibm
View
63
Download
1
Embed Size (px)
DESCRIPTION
Presentation from IBM Smarter Business Summit: Halifax Sept 10th 2014
Citation preview
1 #SmarterBiz
Big Data SecurityDon’t Risk it: Gain Trust Worthy Insights with Enterprise Risk Governance
Chris Mallon,Software Business Executive, IBM Canada Middleware Group
2 #SmarterBiz
A new security reality is here
61%
data theft and cybercrimeare their greatest threats2012 IBM Global Reputational Risk & IT Study
of organizations say
Average cost of adata breach
2014 Cost of Data Breach, Ponemon Institute
$3.5M
70%of security
executives have cloud and mobile security concerns2013 IBM CISO Survey
Mobile malware growthin just one year
2012 - 2013 Juniper Mobile Threat Report
614% security tools from
vendors
8545
IBM client example
83%of enterprises
have difficulty finding the security skills they need2012 ESG Research
3 #SmarterBiz
We are in an era of continuous breaches
Near Daily Leaks of Sensitive Data
40% increase in reported data
breaches and incidents
Relentless Use of Multiple Methods
500,000,000+ records were leaked, while the future
shows no sign of change
2011 2012 2013
Note: Size of circle estimates relative impact of incident in terms of cost to business.
SQL injection
Spear phishing
DDoS Third-party software
Physical access
Malware XSS Watering hole
Undisclosed
Attack types
Source: IBM X-Force
Threat Intelligence Quarterly – 1Q 2014
4 #SmarterBiz
Security is a board room discussion, and security leaders are more accountable than ever before
5 #SmarterBiz
ApplicationsSYSTEMS
APPLICATIONSWEB
APPLICATIONS WEB 2.0 MOBILEAPPLICATIONS
DATACENTERS PCs LAPTOPS
InfrastructureCLOUDMOBILE NON-TRADITIONALMOBILE
Security challenges are a complex, four-dimensional puzzle…
PeopleEMPLOYEES ATTACKERS OUTSOURCERS SUPPLIERS
CONSULTANTS PARTNES CONSUMERS
Data STRUCTURED UNSTRUCTURED AT REST IN MOTION
…a holistic approach is needed
CONSUMERS
IN MOTION
MOBILEAPPLICATIONS
MOBILE
EMPLOYEES
UNSTRUCTURED
WEB 2.0
CLOUDPCs
OUTSOURCERS
STRUCTURED
SYSTEMSAPPLICATIONS
6 #SmarterBiz
IBM Security strategy• Delivering intelligence, integration and expertise across a comprehensive framework
Advanced threats
Cloud
Mobile
Compliance
Skills shortage
The IBM Security Framework
Security mega trendsCISO’s changing role
7 #SmarterBiz
Security and Compliance Concerns in Big Data Environments
Structured
Unstructured
Streaming
Massive volume of structured data movement• 2.38 TB / Hour load to data warehouse• High-volume load to Hadoop file system
Ingest unstructured data
Integrate streaming data sources
Big Data Platform
Hadoop Cluster
Clients
•Who is running big data requests?
•How is privacy protected?
•Is there an exceptional number of file permission exceptions?
•Are these jobs part of an authorized program list accessing the data?
•Has some new query application been developed that you were previously unaware existed?
8 #SmarterBiz
Data Security• Discover and harden your most valuable assets while enabling access
CLIENT SUCCESS
Identify andClassify Data
RecordEvents
AssessVulnerabilities
ProtectSensitive Data
MonitorPrivileged Users
A global financial services companysecured
2,000 critical databases
and saved
$21Min compliance costs
Protect data at rest,in motion, and in use
IBM Security Solutions
• Guardium DatabaseActivity Monitoring
• Guardium Encryption Expert
• Guardium / OptimData Masking
• Key Lifecycle Manager
9 #SmarterBiz
Secure and Protect Enterprise Data with the InfoSphere Platform InfoSphere Guardium
InfoSphere Optim
InfoSphere Identity Insight
InfoSphere Business Glossary
InfoSphere Discovery
Holistic Scalable Integrated
Reduce the cost of compliance
Prevent data breaches
Ensure data integrity
The Difference
Completely protects across diverse data environments and types, including big data
Scales across small and large heterogeneous enterprises
Delivers both processes and technologies
Customer streamlines testing and protects test data saving $240K/year in administrative costs
Monitoring database activity protects data and provides 239% ROI
Customer saves $1M per month by preventing fraud
© 2014 IBM Corporation
IBM Security
10 10
Saves $1.5M per year on storage costs and reduces compliance costs by $20M
• Eliminated native audit trails
• Developed compensating control for encryption
• Changed the culture – new awareness of data security
• Established new processes to investigate insider threats
• Monitored 2000 database instances from single, centralize location
Major global bank
11 #SmarterBiz
IBM Use
IBM InfoSphere Guardium• Guardium presently monitors a subset of
IBM’s internal applications. The focus of our Guardium deployments is on Sarbanes-Oxley regulatory controlled data, and the primary benefit being derived is privileged user activity monitoring. Internal use of Guardium is set to expand in 2013/2014.
IBM Key Lifecycle Manager• IBM HR has been using its Key Lifecycle
Manager product for 6 years, to manage the keys for tape encryption. They are a public reference for this product.
11
Examples of IBM Internal Use of the IBM Security portfolio
Identify andClassify Data
RecordEvents
AssessVulnerabilities
ProtectSensitive Data
MonitorPrivileged Users
Protect data at rest,in motion, and in use
IBM Security Solutions
• Guardium DatabaseActivity Monitoring
• Guardium Encryption Expert
• Guardium / OptimData Masking
• Key Lifecycle Manager
12 #SmarterBiz
IBM Security market-changing milestones
Mainframeand server
security
SOA management and security
Network intrusion prevention
Access management
Application securityRisk management Data management
1976
1999
2006
2007
2008
2009
2010
2005
2013
2002
Identity managementDirectory integration
2011
2012
Enterprisesingle-
sign-on
Database monitoring and protection
Applicationsecurity
Endpoint managementand securityInformation
and analyticsmanagement
Securityintelligence
Secure mobile management
Advanced fraud protection
• 6,000+ IBM Security experts worldwide
• 3,000+ IBM security patents
• 4,000+ IBM managed security services clients worldwide
• 25 IBM Security labs worldwide
IBM Securityis created
13 #SmarterBiz
IBM Security• Integrated capabilities delivered across a comprehensive security framework
QRadar
Trusteer
Identity and Access Management
InfoSphere Guardium
AppScan
Network andEndpoint Protection
IBM X-ForceMonitor and evaluate today’s threats
Detect, analyze, and prioritize threats
Reduce fraud and malware
Manage users and their access
Discover and harden valuable assets
Secure critical business applications
Protect infrastructure against attacks
The IBM Security Framework
14 #SmarterBiz
IBM Security latest industry rankings
15 #SmarterBiz
At IBM, the world is our security lab
16 #SmarterBiz
IBM X-Force® Research and DevelopmentExpert analysis and data sharing on the global threat landscape
The IBM X-Force Mission Monitor and evaluate the rapidly changing threat landscape
Research new attack techniques and develop protection for tomorrow’s security challenges
Educate our customers and the general public
Integrate and distribute Threat Protection and Intelligence to make IBM solutions smarter
VulnerabilityProtection
IPReputation
Anti-Spam
MalwareAnalysis
WebApplication
Control
URL / WebFiltering
Zero-dayResearchZero-dayResearch
17 #SmarterBiz
IBM Security: Delivering intelligence, integration and expertise across a comprehensive framework
Intelligence
Integration
Expertise
18 #SmarterBiz
Potential next steps
Schedule a Client Value Engagement (CVE) at no cost to you• Business and IT: Narrow the communication gap• Easy to follow programmatic client-centric approach – determine possible benefits from solution• Fast time to completion: Less than 2 weeks – deliverables easy to follow and understand
Visit a lab for a deeper dive with our Product Managers and R&D teams• In-depth technical discussions & product demonstrations• Product roadmap discussions; get the latest on innovations and research• Collaborate with our best experts on your problems and potential solutions
Visit the web for more about InfoSphere solutions • Understanding and selecting data masking solutions• Understanding encryption requirements of PCI DSS• Managing compliance to protect enterprise data• Top tips for security big data environments• Three guiding principals to improve data security• Gartner Magic Quadrant Data Masking Technology
19 #SmarterBiz
www.ibm.com/security
© Copyright IBM Corporation 2014. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.
20 #SmarterBiz