Upload
xband
View
225
Download
0
Embed Size (px)
Citation preview
IBM SECURITY STRATEGYINTEGRATED SECURITY FOR A NEW ERA
Ahmed Sharaf
2016
Managing Director – Xband Enterprises, Inc.
3 IBM Security
2013800+ Million records
20141+ Billion records
2015Unprecedented Impact
Attackers break through conventional safeguards every day
$7Maverage cost of a U.S. data breachaverage time to identify data breach
201 days
4 IBM Security
Traditional security practices are unsustainable
MILLION unfilled security positions by 20201.585 security tools from 45 vendors
PERCENT of CEOs are reluctant to share incident information externally68
6 IBM Security
How do I get started when all I see is chaos?
IP reputation
Indicators of compromiseThreat sharing
Firewalls
Incident and threat management
Virtual patching
Sandboxing
Network visibility
Malware protection
Antivirus
Data access control Data monitoring
Application security management
Application scanning
Access management
Entitlements and roles
Identity management
Transaction protection
Device management
Content security
Workloadprotection
Cloud accesssecurity brokerAnomaly detection
Log, flow, data analysis
Vulnerability management
Privileged identity management
Incident response
Criminal detection
Fraud protection Endpoint patching and management
7 IBM Security
Threat Intelligence
Security Analytics
Cloud
Identityand
Access
Dataand
Apps
Mobile Advanced Fraud
NetworkEndpoint
Security Ecosystem
An integrated and intelligent security immune system
Criminal detectionFraud protection
Workloadprotection
Cloud accesssecurity broker
Access managementEntitlements and rolesPrivileged identity management
Identity management
Data access control
Application security managementApplication scanning
Data monitoring
Device Management
Transaction protection
Content security
Malware protectionAntivirus
Endpoint patching and management
Virtual patching
FirewallsIncident and threat management
Sandboxing
Network visibility
Vulnerability management Incident response
Log, flow, data analysis Anomaly detection
Indicators of compromiseIP reputation Threat sharing
8 IBM Security
SECURITY TRANSFORMATION SERVICESManagement consulting | Systems integration | Managed security
Threat Intelligence
Security Analytics
Cloud
Identityand
Access
Dataand
Apps
Mobile Advanced Fraud
NetworkEndpoint
Security Ecosystem
IBM has the world’s broadest and deepest security portfolio
App Exchange
MaaS360
INFORMATION RISKAND PROTECTION
Trusteer Mobile
Trusteer Rapport
AppScan
Guardium
Cloud SecurityEnforcer
Privileged Identity ManagerIdentity Governance and Access
Cloud Identity ServiceKey Manager
zSecure
Trusteer PinpointQRadar Vulnerability Manager Resilient Incident Response
X-Force Exchange
QRadar Incident Forensics
SECURITY OPERATIONSAND RESPONSE
BigFix Network Protection XGS
QRadar SIEM QRadar Risk Manager
9 IBM Security
LEADin strategic domains
Security Transformation ServicesManagement Consulting | Systems Integration | Managed Security
Security Research and Threat Intelligence
Security Operations and Response Information Risk and Protection
IBM Security Strategy
Cloud Security Mobile Security
Identity Governance and Access Management
Data Protection
ApplicationSecurity
Advanced Fraud Prevention
Incident Response
Security Intelligence and Analytics
Vulnerability andPatch Management
Endpoint andNetwork Protection
User Behavior Analytics
SUPPORTthe CISO agenda Cloud Mobile and
Internet of ThingsComplianceMandates
SkillsShortage
AdvancedThreats
Cloud CollaborationCognitive
ACCELERATEwith key innovation
10 IBM Security
IBM helps protect against new and complex security challenges
Optimize your security program with skills to address modern day risks
SECURITY TRANSFORMATION
SERVICES
Orchestrate your defenses throughout the entire attack lifecycle
SECURITY OPERATIONS
AND RESPONSE
Keep your critical information protected while accelerating the business
INFORMATIONRISK AND
PROTECTION
11 IBM Security
Enterprise security programs face harsh realities every day
Top questions from leadership:
Are we protected from the latest threats?
Have we protected our most critical data?
Do we have access to the right skill sets?
Are we adapting to changing platforms?
Are we operating at an appropriate maturity level for our industry?
Are we communicating our risks clearly to our leaders and our board?
Are we maximizing the valueof our security investments?
12 IBM Security
Transform your security program
Build strategy that accelerates new IT trends• BYoD , Cloud, Mobile, IoT• SaaS and Cloud based services
Access the right skills• Advisors, responders, testers,
analysts and engineers• 24x7x365 global expertise
Build protected and connected systems• Increase productivity• Grant stakeholders access to the
right data without introducing risk
Optimize security programs• Modernize Identity and access,
application development, privacy policies, data security
• Manage and protect against latest threats
Gain access to global threat intelligence• Greater control in real time
with actionable insights• Improved visibility to manage
the threat lifecycle
Reduce complexity• Provide programmatic, automated
and integrated outcomes• Consolidate point products
to an integrated solution
13 IBM Security
With proven global expertise, IBM Security Transformation Servicesdeploys and manages optimized security programs
• Automate governance, risk and compliance programsSecurity Strategy, Risk and Compliance
• Build security operations and security fusion centersSecurity Intelligence and Operations
• Establish robust security testing and incident management programsCyber Security Assessment and Response
• Modernize identity and access management for the cloud and mobile eraIdentity Governance and Management
• Deploy robust critical data protection programsData and Application Security
• Redefine infrastructure and endpoint solutions with secure software-defined networksInfrastructure and Endpoint Security
SECURITY TRANSFORMATION SERVICES
CEO CIO CISO CRO CCO CLO
Security Strategy, Risk and Compliance
Security Intelligence and Operations
Cyber Security Assessment and Response
Identity Governance and Management
Data and Application Security
Infrastructure and Endpoint Security
SystemsIntegration
ManagementConsulting
ManagedSecurity
14 IBM Security
Why IBM Security Transformation Services?
UnparalleledExpertise
Best-in-class Managed Security Services
IntegratedApproach
• IBM X-Force® Exchange and Threat Research teams providing zero-day threat alerts to clients
• Over 1400 employees serving 130+ countries, with a 95% retention rate
• 35 billion security events analyzed daily across 4,500+ global clients
• Access to a global network of skilled industry experts
• Deep industry service delivery experience across numerous types of operations
• Ability to lead and execute large, transformational projects
• Integrated portfolio of security services and technology
• Open ecosystem with 100+ technology partners and 30+ services partners
• 800+ technical vendor and 150+ professional security certifications
15 IBM Security
IBM helps protect against new and complex security challenges
Optimize your security program with skills to address modern day risks
SECURITY TRANSFORMATION
SERVICES
Orchestrate your defenses throughout the entire attack lifecycle
SECURITY OPERATIONS
AND RESPONSE
Keep your critical information protected while accelerating the business
INFORMATIONRISK AND
PROTECTION
16 IBM Security
Today’s attacks require a strategic security approach
• Build multiple perimeters• Protect all systems • Use signature-based methods• Periodically scan for known threats• Shut down systems
Tactical ApproachCompliance-driven, reactionary
Today’s Attacks
• Assume constant compromise• Prioritize high-risk assets• Use behavioral-based methods• Continuously monitor activity• Gather, preserve, retrace evidence
Strategic ApproachIntelligent, orchestrated, automated
Indiscriminate malware,spam and DDoS activity
Advanced, persistent, organized, politically or financially motivated
It takes power and precision to stop adversaries and unknown threats
Yesterday’s Attacks
17 IBM Security
Continuously stop attacks and remediate vulnerabilities
Upgrade your defenses with a coordinated platform to outthink threats
• Disrupt malware and exploits• Discover and patch endpoints• Automatically fix vulnerabilities
Respond to incidents quickly, with precision• Hunt for indicators
using deep forensics• Orchestrate and automate
incident response
Discover unknown threats with advanced analytics• See attacks across the enterprise• Sense abnormal behaviors• Automatically prioritize threats
RESPOND
18 IBM Security
IBM Security offers the industry’s first integrated, end-to-end Security Operations and Response Platform
Security Operations and Incident Response Services
Incident Response
Endpoint andNetwork Protection
Vulnerability and Patch Management
User BehaviorAnalytics
Security Intelligence and Analytics
SECURITY OPERATIONS AND RESPONSE
CEO CISOHR ITLEGAL
IDS | NIPS | AV | DLP | FW | DBs | Apps | …
Prevent, detect, and respond to threats with an intelligent, orchestrated, automated platform
• Find, fix, and secure endpoint threats and vulnerabilitiesIBM BigFix
• Prevent network exploits and limit malware communicationsIBM Security Network Protection
• Use advanced analytics to discover and eliminate threatsIBM QRadar Security Intelligence
• Generate response playbooks and coordinate activityIBM Resilient Incident Response Platform
• Automatically update incident artifacts with threat intelligenceIBM X-Force Exchange
• Deliver operations consulting to help implement processes and response experts when something goes wrongIBM Security Services
19 IBM Security
Why IBM Security Operations and Response?
Cognitive Analytics Open Ecosystem Deep Threat Intelligence
• IBM Security App Exchange provides access to apps from leading security partners
• Out-of-the-box integrations for 500+ third-party security products
• Open APIs allow for custom integrations and apps
• QRadar Sense Analytics allows you to inspect events, flows, users, and more
• Speed analysis with visuals, query, and auto-discovery across the platform
• Get ready to augment your analysts with Watson for Cyber Security
• IBM X-Force Exchange helps you stay ahead of the latest threats and attacks
• Powered by the X-Force Research team and 700TB+ of threat data
• Share data with a collaborative portal and STIX / TAXII standards
20 IBM Security
IBM helps protect against new and complex security challenges
Optimize your security program with skills to address modern day risks
SECURITY TRANSFORMATION
SERVICES
Orchestrate your defenses throughout the entire attack lifecycle
SECURITY OPERATIONS
AND RESPONSE
Keep your critical information protected while accelerating the business
INFORMATIONRISK AND
PROTECTION
21 IBM Security
Data
Applications
Connectivity to more users, devices, and data than ever before
Web Applications
Systems Applications APIs Mobile
Applications
Infrastructure and Devices
Datacenters PCs Mobile Cloud Services IoT
On Premises Off PremisesUnstructuredStructured
UsersAuditors Suppliers
Consultants Contractors
Employees Partners
Customers
Systems Applications
Partners
Structured
Laptops
It’s time to expand from infrastructure to information-centric security
Employees
Unstructured
APIs
Off Premises
Customers
Mobile Applications
22 IBM Security
Protect your information, contain the risk
Gain control • Govern all users and their privileges• Protect data usage across enterprise and cloud• Improve DevOps security• Secure mobile devices and apps
Identify risks• Discover and classify business critical data and apps • Expose over privileges with identity analytics• Analyze cloud app usage and activity • Detect web fraud with real time alerts
Safeguard interactions• Deploy adaptive access and web app protection• Federate to and from the cloud• Maintain data compliance and stop attacks• Secure mobile collaboration
IDENTITY
CLOUD
FRAUD
APP
DATA
MOBILE
23 IBM Security
IBM Security has the industry’s most comprehensive solution forInformation Risk and Protection
Keep your information protected while securely interacting with employees and consumers
• Deliver visibility, control and protection of cloud appsIBM Cloud Security
• Mobile productivity and enterprise security without compromiseIBM MaaS360
• Govern and enforce context-based access to critical assetsIBM Identity Governance and Access Management
• Protect crown jewels across the enterprise and cloudIBM Guardium
• Scan and remediate vulnerabilities in modern applicationsIBM AppScan
• Stop financial and phishing fraud, and account takeoversIBM Trusteer
• Deliver governance, risk and compliance consulting, systems integration and managed security servicesIBM Security Services
LOB RISK AUDITCISO IT
INFORMATION RISK AND PROTECTION
Governance, Risk and Compliance Services
Identity Governance and Access Management
Cloud Security Mobile Security
ApplicationSecurity
Data Protection
AdvancedFraud Protection
24 IBM Security
Why IBM Information Risk and Protection?
Risk-based Intelligence Multi-layer Integrations Designed for Cloud & Mobile• United controls to span
employees, business partners and customers
• Built with open standards to speed integration and interoperability
• Cross segment integrations to protect against threats
• Business focused analytics to make decisions and meet regulations
• X-Force and Trusteer intelligence to stay ahead of the latest threats
• Machine learning algorithms to spot unusual behaviors and vulnerabilities
• Largest SaaS portfolio across fraud protection, application, cloud, and mobile security
• Flexible deployment andout-of-the-box connectors for the most popular cloud services
• Safeguarding mobile andconsumer interactions
25 IBM Security
COGNITIVE, CLOUD,and COLLABORATION
The next era of security
INTELLIGENCEand INTEGRATION
PERIMETER CONTROLS
26 IBM Security
Cognitive: Revolutionizing how security analysts work Natural language processing with security that understands, reasons, and learns
Watson determines the specific campaign (Locky),discovers more infected endpoints, and sends results to the incident response team
27 IBM Security
CloudMonitor and enforce cloud usage
IBM Security Cloud Enforcer
RISKYAPPS
APPROVEDAPPS
MOBILE
BYOD
ON PREM
EMPLOYEES
28 IBM Security
CollaborationCrowd-sourced information sharing based on 700+TB of threat intelligence
https://exchange.xforce.ibmcloud.com
29 IBM Security
CollaborationApplication extensions to enhance visibility and productivity
https://exchange.xforce.ibmcloud.com
30 IBM Security
IBM Security invests in best-of-breed solutions
Incidentresponse
Cloud-enabledidentity managementIdentity governance
Application securityRisk management Data management
Security services and network security
Database monitoringand protection Application security
SOA management and security
“…IBM Security is making all the right moves...”Forbes
2011 2012 2013 2014 2015 20162005 2006 2007 2008 2009 20102002
IBM SecuritySystems
IBM SecurityServices
Identity managementDirectory integration
Enterprisesingle-sign-on
Endpoint managementand security
Security Intelligence
Advanced fraud protectionSecure mobile mgmt.
CyberTap
31 IBM Security
Industry analysts rank IBM SecurityDOMAIN SEGMENT MARKET SEGMENT / REPORT ANALYST
RANKINGS
Security Operations and Response
Security Intelligence Security Information and Event Management (SIEM) LEADER
Network and Endpoint Protection
Intrusion Prevention Systems (IPS) LEADER
Endpoint: Client Management Tools LEADER
Endpoint Protection Platforms (EPP) Strong Performer
Information Riskand Protection
Identity Governance and Access Management
Federated Identity Management and Single Sign-On LEADER
Identity and Access Governance LEADER
Identity and Access Management as a Service (IDaaS) LEADER
Web Access Management (WAM) LEADER
Mobile Access Management LEADER
Identity Provisioning Management LEADER
Data Security Data Masking LEADER
Application Security Application Security Testing (dynamic and static) LEADER
Mobile Protection Enterprise Mobility Management (MaaS360) LEADER
Fraud Protection Web Fraud Detection (Trusteer) LEADER
Security Transformation Services
Consulting and Managed Services
Managed Security Services (MSS) LEADER
Information Security Consulting Services LEADER
V2016-06-16Note: This is a collective view of top analyst rankings, compiled as of July, 2016
32 IBM Security
Adaptive integration with ecosystem partners
Ready for IBM Security IntelligenceIBM PartnerWorld100+ ecosystem partners, 500+ QRadar integrations
33 IBM Security
A Global Leader in Enterprise Security
• #1 in enterprise security software and services*
• 7,500+ people
• 12,000+ customers
• 133 countries
• 3,500+ security patents
• 15 acquisitions since 2005*According to Technology Business Research, Inc. (TBR) 2016
© Copyright IBM Corporation 2016. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. Any statement of direction represents IBM's current intent, is subject to change or withdrawal, and represent only goals and objectives. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM does not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party.
ibm.com/security
securityintelligence.com
xforce.ibmcloud.com
@ibmsecurity
youtube/user/ibmsecuritysolutions
FOLLOW US ON:
THANK YOU