Upload
ibm-events
View
3.737
Download
1
Tags:
Embed Size (px)
DESCRIPTION
http://ibm.com/interconnect
Citation preview
© 2013 IBM Corporation
IBM Security Intelligence Less Threat. More Intelligence. Brendan Hannigan General Manager, IBM Security Systems
© 2013 IBM Corporation
3
Evolving Threat Landscape
Evolving CISO Landscape
4
CISO Challenge: Competing priorities
83% of enterprises have difficulty filling security roles
increase in Web application vulnerabilities from 2011 to 2012
14%
Increase in compliance mandates
Common Vulnerabilities and Exposures
5
CISO Challenge: Inadequate tools
85 tools from
0 out of 46 vendors detected
malware
45 vendors
Source: IBM client example
6
CISO Challenge: Business pressures
of CISOs are concerned about Cloud and mobile security
of organizations are using at least one cloud platform
70%
75%+
7
stolen from bank accounts in Operation High Roller
of C-level execs say that negligent insiders are their biggest concern
increase in critical
web browser vulnerabilities
59%
43%
INTERNAL EXTERNAL PAYOFFS
$78M
CISO Challenge: Evolving Threats
8
Advantage: Attacker
9
1 2 3
Innovation Intelligence Focus
10
Focus
USERS
ASSETS TRANSACTIONS
11
USERS
60,000 employees Provisioning took up to 2 weeks No monitoring of privileged users
Focus on users, not devices
Implement identity intelligence
Pay special attention to trusted insiders
Privilege Identity Management
Monitoring and same-day de-provisioning
for 100+ privileged users Source: IBM client example
12
ASSETS
critical databases $21M Saved
2,000 Secured
in compliance costs
Database Access and Monitoring
Thousands of databases containing HR, ERP, credit card, and other PII
in a world where 98% of breaches hit databases
Discover critical business data
Harden and secure repositories
Monitor and prevent unauthorized access
Source: IBM client example
13
30 Million customers in an industry where $3.4B industry losses from online fraud
85% of breaches go undetected
TRANSACTIONS
Identify most critical transactions
Monitor sessions, access, and devices
Look for anomalies and attacks
Advanced Fraud Protection
Zero instances of fraud on over 1 million customer endpoints
reported Source: IBM client example
14
Intelligence
ANALYTICS
VISIBILITY INTEGRATION
15
Context, clustering, baselining, machine learning, and heuristics
Identify entire classes of Mutated threats
by analyzing 250+ protocols and file types ANALYTICS
Pattern matching
Don’t rely on signature detection
Use baselines and reputation
Identify outliers
16
Reduce 2 Billion logs and events per day
to 25 high priority offenses
Get full coverage, No more blind spots
Reduce and prioritize alerts
Continuous monitoring
VISIBILITY
Source: IBM client example
17
Integrated Platforms
Eliminate silos and point solutions
Build upon a common platform
Share information between controls
Monitor threats across 8 Million subscribers
with an integrated Platform INTEGRATION
Siloed Point Products
Source: IBM client example
18
CLOUD
MOBILE
Innovation
19
Cloud-enhanced Security Automated, customizable,
and elastic
Cloud is an opportunity for enhanced security
Traditional Security Manual
and static
20
Mobility is the opportunity to get security right
Network and Access
Control
Fraud Protection
Application and Data Security
Endpoint Management
21
Intelligence
Integration
Expertise
IBM Security Framework
Professional, Managed, and Cloud Services
22
Advanced Threat Protection Staying ahead of sophisticated attacks
Defense Strategy Attack Chain IBM Capabilities and Services
QRadar Security Intelligence X-Force Threat Intelligence
Emergency Response Services
Network Protection InfoSphere Guardium Trusteer Apex
QRadar Vulnerability Manager Endpoint Manager AppScan
23
CISO: Checkmate!
Analytics-powered security Leaning forward.
Felix Mohan Bharti Airtel Limited
© 2013 IBM Corporation
25
Align. Make intelligent.
Third-party risk
Advanced attacks Regulatory compliance
Voice to data shift Competitive pressure
Disruptive technologies
Automation
Optimization
Culture
Competency
Communication
Intelligence
Aggravators
Concerns
Align. Make
intelligent.
Business-aligned
Analytics-driven
26
Airtel intelligence structure.
Technology Interaction
Information Integration
Analytics
Context Security devices
Network devices
Events
Flows
Contextual assessments Better risk management Prioritized and actionable intelligence
Broader and deeper vulnerability insight Better protection from advanced attacks
Quicker response
QFlow and VFlow Collector Vulnerability Manager
Risk Manager
SIEM QRadar
X-Force external threat feed
Trusteer* (2014) Openpages*, BigInsights* (2015-16)
27
Understand. Prioritize. Act. Advanced threat protection
Risk management
Compliance Resource optimization
Fraud protection
Simulate “what ifs” for risk impact Remediate zero-days and new security threats Monitor asset profiles & behaviour continuously Visualize traffic patterns and connections Comply with regulatory mandates and policies Prioritize vulnerability remediation Protect transactions Carry out advanced incident analysis & forensics Optimize resources and efforts
We are moving from dousing fires to ensuring they don’t happen in the first place!
Vulnerability scan data
Configuration data
Event data Activity
data Context
Network topology
#IBMINTERCONNECT
© 2013 IBM Corporation
Thank You
29
10+ demos 5 appliances
• Visit the Security Intelligence area in the Solution Center
• Meet experts from the IBM Security Singapore Lab
• Solution Center Sessions: Enhancing IBM Security solutions with Trusteer fraud detection capabilities
• Technical Session: Dedicated Security track featuring Identity and Access Management, Security Intelligence, Mobile Security, and more
Don’t miss partner & client speakers including YaData and Asian Paints
Don’t miss…
All
Day 2
Day 3
© 2013 IBM Corporation