changing the enterprise security landscape · have a security/risk committee have information...
TRANSCRIPT
© 2013 IBM Corporation
IBM Security Systems
1 © 2013 IBM Corporation
Changing the Enterprise Security Landscape
Glen Gooding Director – IBM Institute for Advanced Security
gg00ding
© 2013 IBM Corporation
IBM Security Systems
2
How do Mobile Applications Treat You?
© 2013 IBM Corporation
IBM Security Systems
3
Threat Landscape is Growing Fast
© 2013 IBM Corporation
IBM Security Systems
4
And…. Becoming Mobile
© 2013 IBM Corporation
IBM Security Systems
5
Other stats to be aware of…
© 2013 IBM Corporation
IBM Security Systems
6
Reported incidents continue to rise
© 2013 IBM Corporation
IBM Security Systems
7
Reported incidents continue to rise
2012 Sampling of Security Incidents by Attack Type, Time and Impact Conjecture of relative breach impact is based on publicly disclosed information regarding leaked records and financial losses
© 2013 IBM Corporation
IBM Security Systems
8
Cloud security is a key concern as customers rethink how IT resources are designed, deployed and consumed
Cloud Computing IBM is investing in solutions to key trends
Regulatory and compliance pressures are mounting as companies store more data and can become susceptible to audit failures
Regulation and Compliance
Sophisticated, targeted attacks designed to gain continuous access to critical information are increasing in severity and occurrence
Advanced Threats
Securing employee-owned devices and connectivity to corporate applications are top of mind as CIOs broaden support for mobility
Mobile Computing
Advanced Persistent Threats Stealth Bots Targeted Attacks Designer Malware Zero-days
Enterprise Customers
© 2013 IBM Corporation
IBM Security Systems
9
Security challenges are a complex, four-dimensional puzzle …
… that requires a new approach
Applications Web
Applications Systems
Applications Web 2.0 Mobile Applications
Infrastructure Datacenters PCs Laptops Mobile Cloud Non-traditional
Data At rest In motion Unstructured Structured
People Hackers Suppliers
Consultants Terrorists
Employees Outsourcers
Customers
Employees
Unstructured
Web 2.0 Systems Applications
Outsourcers
Structured In motion
Customers
Mobile Applications
© 2013 IBM Corporation
IBM Security Systems
10
Applying Security Intelligence to advanced threats
Extensive Data Sources
Deep Intelligence
Exceptionally Accurate and Actionable Insight + =
JK 2012-04-26
High Priority Offenses
Event Correlation
Activity Baselining & Anomaly Detection
Offense Identification
Database Activity
Servers & Hosts
User Activity
Vulnerability Info
Configuration Info
Security Devices
Network & Virtual Activity
Application Activity
A credit card firm simplifies complexity, reduces costs and optimizes resources
50% reduction in cost of deployment, tuning and maintenance vs. competitor
© 2013 IBM Corporation
IBM Security Systems
11
Device Management
Network, Data, and Access Security
Application Layer Security
Security for endpoint device and data
Achieve visibility and adaptive security policies Develop and test applications
A Japanese car manufacturer provides secure mobile access to their “AutoCloud” from any device using Federated Access, Security Intelligence, and Web Service Gateways
© 2013 IBM Corporation
IBM Security Systems
12
Australian Signals Directorate
http://www.dsd.gov.au/infosec/top35mitigationstrategies.htm
85% Targeted intrusions could be mitigated by.. 1. Application whitelisting 2. OS patching 3. Application patching – PDF, MS Office, Java, Flash, Browsers 4. Minimise Privileged Users
..Top 4 Strategies to Mitigate Targeted Cyber Intrusions are mandatory for
Australian Government agencies.
© 2013 IBM Corporation
IBM Security Systems
13
Recent data breach
Telco Western Europe • Customer Names, Addresses, Bank
Account Numbers, Birth dates Don’t worry – phone numbers, CC, Pin’s and passwords are safe….. "This attack could only be carried out with high criminal intent and
insider knowledge and was launched deep inside the IT infrastructure
of the company”
“What can be stated….. is that most if not all security controls have failed at the victim organization,”
“These controls include perimeter security, internal network security, endpoint security, data security and
possibly physical security, based on the comment made regarding possible ‘insider knowledge.”
© 2013 IBM Corporation
IBM Security Systems
14
Influencers • Confident / prepared • Strategic focus Protectors • Less confident • Somewhat strategic • Lack necessary structural
elements Responders • Least confident • Focus on protection and
compliance
have a dedicated CISO
have a security/risk committee
have information security as a board topic use a standard set of security metrics to track their progress
focused on improving enterprise communication/ collaboration
focused on providing education and awareness
How they differ
Source: IBM Center for Applied Insights, Finding a Strategic Voice: Insights from the 2012 IBM Chief Information Security Officer Assessment , May 2012
2012 IBM Study revealed the changing role of the CISO
© 2013 IBM Corporation
IBM Security Systems
15
Topics to consider for panel conversation
Defending your infrastructure – Start simple (SPT), back to basics, Security 101 CIA – Confidentiality (Mobile data) Integrity (Cloud based access) Availability (DDOS) Business plans for ongoing security projects Is Compliance a contributing factor, or will a new business initiative provide funding Skill shortage, how well are you hiring expert staff? Social media, is it driving enterprise security trends? Cyber Insurance, how/who would consume?
© 2013 IBM Corporation
IBM Security Systems
16
ibm.com/security