ibm canada r&d centre - ysbec...security skills they need tools from vendors 85 45 ibm client...
TRANSCRIPT
© 2014 IBM Corporation
IBM Canada R&D Centre
and the
Southern Ontario Smart Computing and Innovation Platform ( SOSCIP )
+ Cyber Security
IBM CONFIDENTIAL0
© 2014 IBM Corporation
IBM Canada At-a-Glance
Established in 1917
$550M+ in R&D in 2013
Major Market S&D Country: Bromont &
Markham volumes– $2.1B in imports in 2013 / $2.2B in exports in 2013
Ranked #1 Best Corporate Citizen by
Corporate Knights’ in 2010
Ranked Top 5 Most Attractive Employer in
Canada by Randstad in 2011 / 2012 / 2013 /
2014!!!
Certified PAR Gold for Progressive Aboriginal
Relations by the Canadian Council for Aboriginal
Relations for past 5 years
210,000+ hours pledged by IBM Canada
Employees for Charity
$500M new investments in 2012, including R&D
& Canadian Cloud Computing Centre
Canada is home to IBM’s 2nd largest Software
Development Org– Toronto / Ottawa (Cognos) SW Labs largest
locations
– 10 additional Satellite Labs including Montreal and
Victoria
World-class high-tech manufacturing, Bromont,
Que.
National business and technology consulting
expertise– Pacific Development Centre, Burnaby
– Customer Solution Centre, Markham
© 2014 IBM Corporation
© 2014 IBM Corporation
Mobile
Social
Cloud
Internet of Things
The Challenge: Complexity is growing
© 2014 IBM Corporation
2010
Vo
lum
e in
Exa
byte
s
9000
8000
7000
6000
5000
4000
3000
2015
Percentage of
uncertain data
Pe
rce
nt o
f un
ce
rtain
da
ta
100
80
60
40
20
0
Sensors & Devices
VoIP
Enterprise Data
Social Media
We are
here
© 2014 IBM Corporation
The “Big Vs” of Big Data
Volume
Terabytes to exabytes of existing data to process
Velocity
Streaming data, milliseconds to seconds to respond
Variety
Structured, unstructured, text & multimedia
Veracity
Uncertainty from inconsistency, ambiguities, etc.
Vulnerability
Protecting the privacy and integrity of the data
© 2014 IBM Corporation
Skill Needs in the MarketplaceWhat are we hearing from our customers and others?
Analytics
The United States faces a shortage of 140,000 to 190,000 people with analytical expertise
The U.S. Department of Labor forecasts that the number of analytics-based jobs will grow by more than 20 percent between now and 2018
40% of organizations report a skills shortage in the ability to manage information
Sources: IBM Tech Trends report, McKinsey & Company, CompTIA, Enterprise Strategy Group, Dept of Labor
© 2014 IBM Corporation
Explosion of data:
Harness big data to gain insight and develop new offerings
… your students could harness this explosion of dataand use analytics to gain insight and predict outcomes for smarter business— in any environment?
What if…
You could increase customer value with every interaction?
You could anticipate and shape the impact of financial decisions?
You could prevent and minimize losses
stemming from fraud?
What if… What if… What if…
© 2014 IBM Corporation
1. Bolster skills and economic development through a ground-breaking collaborative research model focused on important aspects of Canadian society/economics
2. Provide researchers with support and access to a unique High Performance Computing (HPC) platform to expand and accelerate research scope and outcomes
3. Accelerate commercialization of “Made in Canada” new solutions and services, leveraging small-med sized businesses and industry partnerships
- Announced April 10, 2012 …. $210M investment commitment
Cities Agile Computing
Water
Collaborative Research for Smarter Planet and Agile Computing
8
IBM Canada R&D Centre and SOSCIP Consortium
EnergyHealth
© 2014 IBM Corporation
High Performance Computing and Big Data
Collaboration with focus on Research Outcomes
Governance and Cross Team Support
AcademicLeaders
IBM
Simulate Real World Complex system modeling Fast design and prototypingReal time analysis/response
Agile ComputingResearch
Advanced Analytics
Cloud
Canada’s #1
Supercomputer
9
Small-MedEnterprises
ResearchOutcomesResearch
DeliveryFramework
Board of DirectorsScientific Advisory CommitteeAgreements and FrameworksCross Team Collaboration
SOSCIP Assets
© 2014 IBM Corporation
Institution #Projects
McMaster University 3
University of Ottawa 3
Queen’s University 4
University of Ontario 3
University of Toronto 13
University of Waterloo 6
Western University (1 IBM lead Mining) 9
Carleton University (IBM Lead) 1
TOTAL 42
Focus Area #Project
Health 18
Energy (* new Mining) 8
Water 5
Cities 4
Agile 7 +6 multi = 13
Platform #Project
Blue Gene Q 18
Cloud 17
Agile 13
Multi-Platform 6 (1 non SOSCIP)
Phase Focus #Project SME
Phase1 FastStart 7 30%
Phase2 Academic-led 18 70%
Phase3 Industry and
Academic-led
17 78%
10
SOSCIP Projects Progress and Update – 2 Years
* 2 projects deferred pending Sustainability plan + resources
SOSCIP Project Examples
Institution Project SummaryFocusArea
REAL TIME ANALYSIS OF HUMAN BRAIN NETWORKS
Apply stream analytics to functional MRI data to analyze brain activity in near real time to improve patient experience and reduce medical costs and timelines.
SMART METER DATA ANALYTICS
Develop software for small/medium enterprises which will help to identify smart ways to reduce energy consumption.
WATER QUALITY MONITORING
Create a low-cost, easy-to-use, real-time sensor system for water quality monitoring, including biological and chemical contamination detection.
SMART URBAN SYSTEM DESIGN
Research into transportation and urban activity systems in major cities, improving the decision-making ability of urban planning designers.
MAKING CLOUD MORE SECURE
Improve the security of cloud environments by developing defense mechanisms that audit and fix configuration-related vulnerabilities.
PREDICTING LEUKEMIA INHIBITORS (Business Led)
Develop a tool that simulates molecular behaviour to accelerate the selection of drugs for the treatment of leukemia.
© 2014 IBM Corporation
Artemis
1 in 14 babies are born prematurely in Canada.
Approx 17% of babies born in Canada require some form of special care.
Premature babies can be up to 17 weeks early and weigh only 450g.
They can spend 3-4 months in NICU.
Similar conditions apply elsewhere around the world.
Multiple devices are attached to the baby or humidicrib.
Medical devices output via serial port in a range of formats.
Indicative readings are recorded on paper every 30 or 60 minutes.
Cost of care per baby is approx $100-150K not including morbidity related care
He
alt
h
En
erg
y
Wa
ter
Ag
ile
Cit
ies
© 2014 IBM Corporation
SOSCIP Program Commitments and Results
42 projects announced/approved
30+ SME’s engaged (OCE integral)
Three world-class Cloud/HPC platforms installed,
in use and fully supported
Exceeding aggregated jobs commitment
Exceeding $ investment commitment
Sustainability Plan developed and approved to
2018 with additional focal areas and expanded
membership
Short and longer term priorities are:
– New phase for Sustainability
• including new models (client, industry,
pilots)
• Expand focal areas and members
– Execute commercialization strategy
– Expand skills focus to drive new curriculum
and scale
– Model replication and stakeholder
collaboration
Commit to a
path of
constant and
continuous
transformation
Cultivate public
and private
partnerships
Convert Big
Data into
solutions using
analytics with
real-world
benefits
© 2014 IBM Corporation
SOSCIP Phase 2 Opportunities
4 New Members announced: York U, Ryerson, Carlton, Laurier (soon others
including Seneca College)
4 New Areas of focus added:
– Digital Media
– Advanced Manufacturing
– Mining
– Cyber Security * (attached view)
_________________________________________________________
Linkage with other Innovation Partnerships
– Nova Scotia Analytics Consortium
– C2MI – Quebec Microelectronics
– Ocean Networks – BC Analytics
– Memorial University – Healthcare analytics
…… more to come
© 2013 IBM Corporation
IBM Security Systems
15 IBM Security Systems © 2013 IBM Corporation
Cyber SecurityProtecting your data from cyber attack
Oct 2014
© 2014 IBM Corporation
Bring your own IT
Social business
Cloud and virtualization
1 billion mobile workers
1 trillion connected
objects
Innovative technology changes everything
© 2014 IBM Corporation
Motivations and sophistication are rapidly evolving
National
Security
Nation-state actorsStuxnet
Espionage,
Activism
Competitors and HacktivistsAurora
Monetary
Gain
Organized crimeZeus
Revenge,
Curiosity
Insiders and Script-kiddiesCode Red
© 2014 IBM Corporation
IBM has tracked a massive rise in advanced and other attacks
2012 Sampling of Security Incidents by Attack Type, Time and ImpactConjecture of relative breach impact is based on publicly disclosed information regarding leaked records and financial losses
© 2014 IBM Corporation
1. Number of Attacks have increased Significantly
2. Sophistication of attacks have become more complex
3. Lack of IT Security skills in the industry contributing to security risks
IT Security threats come from many sources and in many ways.
© 2014 IBM Corporation
83%
of enterpriseshave difficulty finding the security skills they need
tools from
vendors
8545
IBM client example
70%
of security exec’sare concerned about
cloud and mobile security
Mobile malware grew
155%in 2011
614%
from March 2012 to March 2013
in one year
61%
Data theft and cybercrimeare the greatest threatsto their reputation
of organizations say
Average U.S.
breach cost
$7million+2013 Cost of Cyber Crime Study
Ponemon Institute 2013 Juniper Mobile Threat Report
2012 IBM Global Reputational Risk & IT Study 2013 IBM CISO Survey 2012 ESG Research
The changing IT Security landscape 2014
© 2014 IBM Corporation
Security challenges are a complex, four-dimensional puzzle …
… that requires a new approach
ApplicationsWeb
ApplicationsSystems
ApplicationsWeb 2.0 Mobile
Applications
Infrastructure
Datacenters PCs Laptops Mobile Cloud Non-traditional
Data At rest In motionUnstructuredStructured
PeopleHackers Suppliers
Consultants Terrorists
Employees Outsourcers
Customers
Employees
Unstructured
Web 2.0Systems Applications
Outsourcers
Structured In motion
Customers
Mobile
Applications
© 2014 IBM Corporation
Attackers are using sophisticated techniques to bypass defenses
“Advanced Persistent Threat” is the approach
often used by State-Sponsored Entities
Source: IBM X-Force Research and Development
© 2014 IBM Corporation
Attackers follow a 5-Stage attack chain
1
Break-inSpear phishing and remote
exploits to gain access
Command
& Control (CnC)
2
Latch-onMalware and backdoors
installed to establish a foothold
3
ExpandReconnaissance and
lateral movement to increase
access and maintain a presence
4Gather
Acquisition and aggregation
of confidential data
Command
& Control (CnC)
5
ExfiltrateData exfiltration to
external networks
© 2014 IBM Corporation
© 2014 IBM Corporation
IBM’s unique approach to security
Leader in security software and services – recognized by Gartner, Forrester and IDC
Solutions deployed at the largest banks, retailers, and government agencies worldwide
World class research that finds
threats before they impact you
Apply
Insight
Robust controls built into IT
fabric, relying on leading
IBM technologies across
12+ critical security domains
Control
MonitorBig data analytics
applied to security
© 2014 IBM Corporation
Logs
Events Alerts
Configuration
information
System
audit trails
External
threat feeds
E-mail and
social activity
Network flows
and anomalies
Identity
context
Business
process data
Malware
information
Now: Intelligence
• Real-time monitoring
• Context-aware anomaly
detection
• Automated correlation and
analytics
Then: Collection
• Log collection
• Signature-based detection
Security intelligence
Traditional Security
Operations and
Technology
Big Data
Analytics
© 2014 IBM Corporation
IBM’s approach to defending against attacks
Security Analytics
Leverage Security
Intelligence to
correlate and
analyze activity
across the entire
enterprise…
Extend with Big Data
capabilities for
analyzing
unstructured data…
Utilize Emergency
Response Services
for breach or for
assessment of risk
Break-in1Network and Endpoint Security Use adaptive
threat protection and endpoint management to
reduce risks and fend off attacks
Latch-on2Network Security Use SIEM and adaptive
threat protection to help identify and stop
attackers from gaining a foothold
Expand3Secure Users Leverage strong identity
management to enforce access policies and
monitor for suspicious behavior
Gather4Data Security Embed security deep into data
repositories with data activity monitoring; apply
fine-grained access controls
Exfiltrate5Network Security Proactively monitor network
traffic for common exfiltration tactics; block in
real-time
© 2014 IBM Corporation
Security Intelligence: Integrating across IT silos
Extensive Data Sources
Deep Intelligence
Exceptionally Accurate and Actionable Insight+ =
JK
2012-0
4-2
6
High Priority Offenses
Event Correlation
Activity Baselining &
Anomaly Detection
Offense Identification
Database Activity
Servers & Hosts
User Activity
Vulnerability Info
Configuration Info
Security Devices
Network & Virtual Activity
Application Activity
© 2014 IBM Corporation
Advanced Analytics: Leverage advanced analytics across all stages of the attack
Monitor everythingLogs, network traffic, user activity
Correlate intelligentlyConnect the dots of disparate activity
Detect anomaliesUnusual yet hidden behavior
Prioritize for actionAttack high-priority incidents
© 2014 IBM Corporation
Collaborate: IBM teams monitor and analyze the latest threats
Coverage
20,000+ devices
under contract
3,700+ managed
clients worldwide
13B+ events
managed per day
133 monitored
countries (MSS)
1,000+ security
related patents
Depth
14B analyzed
web pages & images
40M spam &
phishing attacks
64K documented
vulnerabilities
Billions of intrusion
attempts daily
Millions of unique
malware samples
© 2014 IBM Corporation
What to do if you have been breached
1. Call IBM Emergency Response Services (24x7):
2. Proactively assess risk and reduce future breach likelihood:
Key Features
24x7x365 Hotline for clients to call from anywhere worldwide for assistance if they believe they are experiencing an incident
Incident Case Managers who maintain calm, focus, and manage the incident and environment to completion and satisfaction
Advanced tools, expertise and scale for any platform, size client, and location worldwide
Globally collected intelligence applied to each engagement to improve outcomes and efficiencies
Unlimited emergency declarations
– Cyber Incident response training and simulated
exercises to determine level of preparedness
– Incident Response Program gap assessment
to ensure enterprise readiness and
responsiveness when an incident occurs
– Active Threat Assessment as a preemptive
service to determine weaknesses requiring
remediation
– X-Force threat analysis service is available
from IBM experts 24x7
© 2014 IBM Corporation
Security
Intelligence,
Analytics &
GRC
People
Data
Applications
Infrastructure
Intelligent solutions provide the DNA to secure a Smarter Planet
© 2014 IBM Corporation
Striving to improve the innovation scorecard in Canada
Feedback is very positive, emphasizing the importance of building collaborative
partnerships.
Creation of new partnership opportunities with:
Corporations, both large and small, that want to invest
and join the industry led innovation model.
Governments that want to broaden their partnerships
with new approaches and programs.
Universities/Colleges and Hospitals from across all
regions of Canada who want to expand their research.
New Companies being formed with leadership
analytics
Canada can lead by building foundational skills for the future.