IBM Security Strategy Overview

IBM SECURITY STRATEGYINTEGRATED SECURITY FOR A NEW ERA

Ahmed Sharaf

2016

Managing Director – Xband Enterprises, Inc.

2 IBM Security

Today’s security drivers

COMPLIANCEHUMANERROR

SKILLS GAPADVANCEDATTACKS INNOVATION

3 IBM Security

2013800+ Million records

20141+ Billion records

2015Unprecedented Impact

Attackers break through conventional safeguards every day

$7Maverage cost of a U.S. data breachaverage time to identify data breach

201 days

4 IBM Security

Traditional security practices are unsustainable

MILLION unfilled security positions by 20201.585 security tools from 45 vendors

PERCENT of CEOs are reluctant to share incident information externally68

5 IBM Security

Imagine if you could…

PROTECT against tomorrow’s risks, today

6 IBM Security

How do I get started when all I see is chaos?

IP reputation

Indicators of compromiseThreat sharing

Firewalls

Incident and threat management

Virtual patching

Sandboxing

Network visibility

Malware protection

Antivirus

Data access control Data monitoring

Application security management

Application scanning

Access management

Entitlements and roles

Identity management

Transaction protection

Device management

Content security

Workloadprotection

Cloud accesssecurity brokerAnomaly detection

Log, flow, data analysis

Vulnerability management

Privileged identity management

Incident response

Criminal detection

Fraud protection Endpoint patching and management

7 IBM Security

Threat Intelligence

Security Analytics

Cloud

Identityand

Access

Dataand

Apps

Mobile Advanced Fraud

NetworkEndpoint

Security Ecosystem

An integrated and intelligent security immune system

Criminal detectionFraud protection

Workloadprotection

Cloud accesssecurity broker

Access managementEntitlements and rolesPrivileged identity management

Identity management

Data access control

Application security managementApplication scanning

Data monitoring

Device Management

Transaction protection

Content security

Malware protectionAntivirus

Endpoint patching and management

Virtual patching

FirewallsIncident and threat management

Sandboxing

Network visibility

Vulnerability management Incident response

Log, flow, data analysis Anomaly detection

Indicators of compromiseIP reputation Threat sharing

8 IBM Security

SECURITY TRANSFORMATION SERVICESManagement consulting | Systems integration | Managed security

Threat Intelligence

Security Analytics

Cloud

Identityand

Access

Dataand

Apps

Mobile Advanced Fraud

NetworkEndpoint

Security Ecosystem

IBM has the world’s broadest and deepest security portfolio

App Exchange

MaaS360

INFORMATION RISKAND PROTECTION

Trusteer Mobile

Trusteer Rapport

AppScan

Guardium

Cloud SecurityEnforcer

Privileged Identity ManagerIdentity Governance and Access

Cloud Identity ServiceKey Manager

zSecure

Trusteer PinpointQRadar Vulnerability Manager Resilient Incident Response

X-Force Exchange

QRadar Incident Forensics

SECURITY OPERATIONSAND RESPONSE

BigFix Network Protection XGS

QRadar SIEM QRadar Risk Manager

9 IBM Security

LEADin strategic domains

Security Transformation ServicesManagement Consulting | Systems Integration | Managed Security

Security Research and Threat Intelligence

Security Operations and Response Information Risk and Protection

IBM Security Strategy

Cloud Security Mobile Security

Identity Governance and Access Management

Data Protection

ApplicationSecurity

Advanced Fraud Prevention

Incident Response

Security Intelligence and Analytics

Vulnerability andPatch Management

Endpoint andNetwork Protection

User Behavior Analytics

SUPPORTthe CISO agenda Cloud Mobile and

Internet of ThingsComplianceMandates

SkillsShortage

AdvancedThreats

Cloud CollaborationCognitive

ACCELERATEwith key innovation

10 IBM Security

IBM helps protect against new and complex security challenges

Optimize your security program with skills to address modern day risks

SECURITY TRANSFORMATION

SERVICES

Orchestrate your defenses throughout the entire attack lifecycle

SECURITY OPERATIONS

AND RESPONSE

Keep your critical information protected while accelerating the business

INFORMATIONRISK AND

PROTECTION

11 IBM Security

Enterprise security programs face harsh realities every day

Top questions from leadership:

Are we protected from the latest threats?

Have we protected our most critical data?

Do we have access to the right skill sets?

Are we adapting to changing platforms?

Are we operating at an appropriate maturity level for our industry?

Are we communicating our risks clearly to our leaders and our board?

Are we maximizing the valueof our security investments?

12 IBM Security

Transform your security program

Build strategy that accelerates new IT trends• BYoD , Cloud, Mobile, IoT• SaaS and Cloud based services

Access the right skills• Advisors, responders, testers,

analysts and engineers• 24x7x365 global expertise

Build protected and connected systems• Increase productivity• Grant stakeholders access to the

right data without introducing risk

Optimize security programs• Modernize Identity and access,

application development, privacy policies, data security

• Manage and protect against latest threats

Gain access to global threat intelligence• Greater control in real time

with actionable insights• Improved visibility to manage

the threat lifecycle

Reduce complexity• Provide programmatic, automated

and integrated outcomes• Consolidate point products

to an integrated solution

13 IBM Security

With proven global expertise, IBM Security Transformation Servicesdeploys and manages optimized security programs

• Automate governance, risk and compliance programsSecurity Strategy, Risk and Compliance

• Build security operations and security fusion centersSecurity Intelligence and Operations

• Establish robust security testing and incident management programsCyber Security Assessment and Response

• Modernize identity and access management for the cloud and mobile eraIdentity Governance and Management

• Deploy robust critical data protection programsData and Application Security

• Redefine infrastructure and endpoint solutions with secure software-defined networksInfrastructure and Endpoint Security

SECURITY TRANSFORMATION SERVICES

CEO CIO CISO CRO CCO CLO

Security Strategy, Risk and Compliance

Security Intelligence and Operations

Cyber Security Assessment and Response

Identity Governance and Management

Data and Application Security

Infrastructure and Endpoint Security

SystemsIntegration

ManagementConsulting

ManagedSecurity

14 IBM Security

Why IBM Security Transformation Services?

UnparalleledExpertise

Best-in-class Managed Security Services

IntegratedApproach

• IBM X-Force® Exchange and Threat Research teams providing zero-day threat alerts to clients

• Over 1400 employees serving 130+ countries, with a 95% retention rate

• 35 billion security events analyzed daily across 4,500+ global clients

• Access to a global network of skilled industry experts

• Deep industry service delivery experience across numerous types of operations

• Ability to lead and execute large, transformational projects

• Integrated portfolio of security services and technology

• Open ecosystem with 100+ technology partners and 30+ services partners

• 800+ technical vendor and 150+ professional security certifications

15 IBM Security




SERVICES


SECURITY OPERATIONS

AND RESPONSE


INFORMATIONRISK AND

PROTECTION

16 IBM Security

Today’s attacks require a strategic security approach

• Build multiple perimeters• Protect all systems • Use signature-based methods• Periodically scan for known threats• Shut down systems

Tactical ApproachCompliance-driven, reactionary

Today’s Attacks

• Assume constant compromise• Prioritize high-risk assets• Use behavioral-based methods• Continuously monitor activity• Gather, preserve, retrace evidence

Strategic ApproachIntelligent, orchestrated, automated

Indiscriminate malware,spam and DDoS activity

Advanced, persistent, organized, politically or financially motivated

It takes power and precision to stop adversaries and unknown threats

Yesterday’s Attacks

17 IBM Security

Continuously stop attacks and remediate vulnerabilities

Upgrade your defenses with a coordinated platform to outthink threats

• Disrupt malware and exploits• Discover and patch endpoints• Automatically fix vulnerabilities

Respond to incidents quickly, with precision• Hunt for indicators

using deep forensics• Orchestrate and automate

incident response

Discover unknown threats with advanced analytics• See attacks across the enterprise• Sense abnormal behaviors• Automatically prioritize threats

RESPOND

18 IBM Security

IBM Security offers the industry’s first integrated, end-to-end Security Operations and Response Platform

Security Operations and Incident Response Services

Incident Response

Endpoint andNetwork Protection

Vulnerability and Patch Management

User BehaviorAnalytics

Security Intelligence and Analytics

SECURITY OPERATIONS AND RESPONSE

CEO CISOHR ITLEGAL

IDS | NIPS | AV | DLP | FW | DBs | Apps | …

Prevent, detect, and respond to threats with an intelligent, orchestrated, automated platform

• Find, fix, and secure endpoint threats and vulnerabilitiesIBM BigFix

• Prevent network exploits and limit malware communicationsIBM Security Network Protection

• Use advanced analytics to discover and eliminate threatsIBM QRadar Security Intelligence

• Generate response playbooks and coordinate activityIBM Resilient Incident Response Platform

• Automatically update incident artifacts with threat intelligenceIBM X-Force Exchange

• Deliver operations consulting to help implement processes and response experts when something goes wrongIBM Security Services

19 IBM Security

Why IBM Security Operations and Response?

Cognitive Analytics Open Ecosystem Deep Threat Intelligence

• IBM Security App Exchange provides access to apps from leading security partners

• Out-of-the-box integrations for 500+ third-party security products

• Open APIs allow for custom integrations and apps

• QRadar Sense Analytics allows you to inspect events, flows, users, and more

• Speed analysis with visuals, query, and auto-discovery across the platform

• Get ready to augment your analysts with Watson for Cyber Security

• IBM X-Force Exchange helps you stay ahead of the latest threats and attacks

• Powered by the X-Force Research team and 700TB+ of threat data

• Share data with a collaborative portal and STIX / TAXII standards

20 IBM Security




SERVICES


SECURITY OPERATIONS

AND RESPONSE


INFORMATIONRISK AND

PROTECTION

21 IBM Security

Data

Applications

Connectivity to more users, devices, and data than ever before

Web Applications

Systems Applications APIs Mobile

Applications

Infrastructure and Devices

Datacenters PCs Mobile Cloud Services IoT

On Premises Off PremisesUnstructuredStructured

UsersAuditors Suppliers

Consultants Contractors

Employees Partners

Customers

Systems Applications

Partners

Structured

Laptops

It’s time to expand from infrastructure to information-centric security

Employees

Unstructured

APIs

Off Premises

Customers

Mobile Applications

22 IBM Security

Protect your information, contain the risk

Gain control • Govern all users and their privileges• Protect data usage across enterprise and cloud• Improve DevOps security• Secure mobile devices and apps

Identify risks• Discover and classify business critical data and apps • Expose over privileges with identity analytics• Analyze cloud app usage and activity • Detect web fraud with real time alerts

Safeguard interactions• Deploy adaptive access and web app protection• Federate to and from the cloud• Maintain data compliance and stop attacks• Secure mobile collaboration

IDENTITY

CLOUD

FRAUD

APP

DATA

MOBILE

23 IBM Security

IBM Security has the industry’s most comprehensive solution forInformation Risk and Protection

Keep your information protected while securely interacting with employees and consumers

• Deliver visibility, control and protection of cloud appsIBM Cloud Security

• Mobile productivity and enterprise security without compromiseIBM MaaS360

• Govern and enforce context-based access to critical assetsIBM Identity Governance and Access Management

• Protect crown jewels across the enterprise and cloudIBM Guardium

• Scan and remediate vulnerabilities in modern applicationsIBM AppScan

• Stop financial and phishing fraud, and account takeoversIBM Trusteer

• Deliver governance, risk and compliance consulting, systems integration and managed security servicesIBM Security Services

LOB RISK AUDITCISO IT

INFORMATION RISK AND PROTECTION

Governance, Risk and Compliance Services


Cloud Security Mobile Security

ApplicationSecurity

Data Protection

AdvancedFraud Protection

24 IBM Security

Why IBM Information Risk and Protection?

Risk-based Intelligence Multi-layer Integrations Designed for Cloud & Mobile• United controls to span

employees, business partners and customers

• Built with open standards to speed integration and interoperability

• Cross segment integrations to protect against threats

• Business focused analytics to make decisions and meet regulations

• X-Force and Trusteer intelligence to stay ahead of the latest threats

• Machine learning algorithms to spot unusual behaviors and vulnerabilities

• Largest SaaS portfolio across fraud protection, application, cloud, and mobile security

• Flexible deployment andout-of-the-box connectors for the most popular cloud services

• Safeguarding mobile andconsumer interactions

25 IBM Security

COGNITIVE, CLOUD,and COLLABORATION

The next era of security

INTELLIGENCEand INTEGRATION

PERIMETER CONTROLS

26 IBM Security

Cognitive: Revolutionizing how security analysts work Natural language processing with security that understands, reasons, and learns

Watson determines the specific campaign (Locky),discovers more infected endpoints, and sends results to the incident response team

27 IBM Security

CloudMonitor and enforce cloud usage

IBM Security Cloud Enforcer

RISKYAPPS

APPROVEDAPPS

MOBILE

BYOD

ON PREM

EMPLOYEES

28 IBM Security

CollaborationCrowd-sourced information sharing based on 700+TB of threat intelligence

https://exchange.xforce.ibmcloud.com

29 IBM Security

CollaborationApplication extensions to enhance visibility and productivity

https://exchange.xforce.ibmcloud.com

30 IBM Security

IBM Security invests in best-of-breed solutions

Incidentresponse

Cloud-enabledidentity managementIdentity governance

Application securityRisk management Data management

Security services and network security

Database monitoringand protection Application security

SOA management and security

“…IBM Security is making all the right moves...”Forbes

2011 2012 2013 2014 2015 20162005 2006 2007 2008 2009 20102002

IBM SecuritySystems

IBM SecurityServices

Identity managementDirectory integration

Enterprisesingle-sign-on

Endpoint managementand security

Security Intelligence

Advanced fraud protectionSecure mobile mgmt.

CyberTap

31 IBM Security

Industry analysts rank IBM SecurityDOMAIN SEGMENT MARKET SEGMENT / REPORT ANALYST

RANKINGS

Security Operations and Response

Security Intelligence Security Information and Event Management (SIEM) LEADER

Network and Endpoint Protection

Intrusion Prevention Systems (IPS) LEADER

Endpoint: Client Management Tools LEADER

Endpoint Protection Platforms (EPP) Strong Performer

Information Riskand Protection


Federated Identity Management and Single Sign-On LEADER

Identity and Access Governance LEADER

Identity and Access Management as a Service (IDaaS) LEADER

Web Access Management (WAM) LEADER

Mobile Access Management LEADER

Identity Provisioning Management LEADER

Data Security Data Masking LEADER

Application Security Application Security Testing (dynamic and static) LEADER

Mobile Protection Enterprise Mobility Management (MaaS360) LEADER

Fraud Protection Web Fraud Detection (Trusteer) LEADER

Security Transformation Services

Consulting and Managed Services

Managed Security Services (MSS) LEADER

Information Security Consulting Services LEADER

V2016-06-16Note: This is a collective view of top analyst rankings, compiled as of July, 2016

32 IBM Security

Adaptive integration with ecosystem partners

Ready for IBM Security IntelligenceIBM PartnerWorld100+ ecosystem partners, 500+ QRadar integrations

33 IBM Security

A Global Leader in Enterprise Security

• #1 in enterprise security software and services*

• 7,500+ people

• 12,000+ customers

• 133 countries

• 3,500+ security patents

• 15 acquisitions since 2005*According to Technology Business Research, Inc. (TBR) 2016

© Copyright IBM Corporation 2016. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. Any statement of direction represents IBM's current intent, is subject to change or withdrawal, and represent only goals and objectives. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM does not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party.

ibm.com/security

securityintelligence.com

xforce.ibmcloud.com

@ibmsecurity

youtube/user/ibmsecuritysolutions

FOLLOW US ON:

THANK YOU