ibm security services overview

© 2014 IBM Corporation

IBM Security Services

1 © 2014 IBM Corporation

§ IBM Security Services

§ Intelligence, Integration and Expertise

§ 4/30/15



2

Agenda

§ The evolving threat landscape

§ A new approach to intelligent threat management

§ Solutions designed to keep you ahead of attackers

§ Why IBM?

§ Discussion



3 © 2014 IBM Corporation3

§ The Evolving Threat Landscape



4

Anything that is connected to the Internet can be hacked.Everything is being connected to the Internet



5

Security Reality – We have all been compromised

of all incidents analyzed by IBM Response Services could be considered “noteworthy” (potentially material or significant impact)

of incidents analyzed logged human error as a contributing factor

2014 IBM Cybersecurity Intelligence Team

1 out of 100security compromises are

ever detected

General Keith Alexander, Head of U.S. Cyber Command, in a speech to the American

Enterprise Institute

2014 IBM Cybersecurity Intelligence Team

§ Stolen or lost laptop or mobile device,

§ Mistaken address/disposition/email of SPI,

§ Double clicking (malware), § Poor system hygiene:

failure to patch, configure, or update

§ Failure to delete dormant user accounts, use of default passwords.

1,764,121Represents the number of security events the average organization of 15K employees will capture weekly

324of these events represent actual attacks, per week

2.1 of these attacks will result in an incident, per week, – a 22% annual increase

2014 IBM Cybersecurity Intelligence Index



6

We are in an era of continuous breaches.

Operational sophistication

IBM X-Force declared year of the

security breach

Near daily leaks of sensitive data

40% increase in reported data

breaches and incidents

Relentless use of multiple methods

500,000,000+ records were leaked, while the future

shows no sign of change

2011 2012 2013

Note: Size of circle estimates relative impact of incident in terms of cost to business.

SQL injection

Spear phishing

DDoS Third-party software

Physical access

Malware XSS Watering hole

Undisclosed

Attack types

Source: IBM X-Force Threat Intelligence Quarterly – 1Q 2014

https://www14.software.ibm.com/webapp/iwm/web/signup.do?source=swg-WW_Security_Organic&S_PKG=ov21294&S_TACT=102PW99W





7

Who is attacking your networks?

Attacker

Outsiders

Combination

Malicious Insiders

Inadvertent Actor

Source: 2014 IBM Cybersecurity Intelligence Index



8

What are the attackers after and what is the impact?

Data – the new currency

§ Upwards of 80% of cybercrime

acts are estimated to originate in

some form of organized

activity.

§ Attackers are focused on

harvesting of personal and

financial data, or other forms

of corporate intellectual

property which can be sold on

the black market.

Key take-away:

The cost of a

data breach to

U.S.

organizations is

on the rise and

affecting

customer

retention.

New Data: from the 2014 Ponemon Institute Cost of Data Breach

Study: United States, sponsored by IBM

Available at: www.ibm.com/services/costofbreach

http://www.ibm.com/services/costofbreach



9

Security is a board room discussion, and security leaders are more accountable than ever before


IBM Security

10 10 © 2014 IBM Corporation

§ A new approach to security is needed



11

Ten essential steps to creating an intelligent security management program

10 Manage the digital identity lifecycle

9 Assure data security and privacy

8 Manage third party security compliance

7 Address security complexity of cloud and virtualization

5 Manage IT hygienically

6 Create a secure and resilient network

4 Develop secure products, by design

3 Secure collaboration in social and mobile

workplace

2 Establish intelligent security

operations and rapid threat

response

GOAL: INTELLIGENT CYBER THREAT PROTECTION AND RISK MANAGEMENT

1 Build a risk aware culture and management system

Understand Security Essentials



12

IBM can help you effectively establish your security operations



13

§ Assessing your current security posture

§ Identifying the gaps§ Guidance for making

improvements

IBM Security Services support a customer’s end to end security lifecycle

§ Deliver the best solutions to protect your data, network and infrastructure

§ Provide comprehensive methods, strategies and services

§ Providing you assistance for pro-actively preparing for or responding to cyber attacks

§ Help you recover in the case of an incident, and understand its impact

§ Hosted and cloud-based device management delivers the industry’s most effective security operations and intelligence

§ Managing your security operations through integrated tools, strategies, intelligence, analytics and staff skills



14

IBM Security Services Portfolio

Identity Data Applications Infrastructure

Identity Assessment & Strategy Crown Jewels Discovery & Protection SDLC Program Development Security Optimization

User Provisioning/Access Mgmt Database Security Dynamic and Static Testing Design, Deployment & Migration

Total Authentication Solution Encryption and Data Loss Prevention

Embedded Device TestingStaff Augmentation

Managed/Cloud Identity Mobile Application Testing

Strategy, Risk & Compliance

Security Maturity Benchmarking

Security Strategy & Roadmap Development

Security Risk Assessment & Program Design

Industrial Controls

(NIST, SCADA)PCI Advisory

IBM offers a comprehensive portfolio of security services

Firewall / Unified Threat Management

Intrusion Detection & Prevention

Web Protection & Managed DDoS

Hosted E-Mail & Web

Vulnerability Mgmt

Managed SIEM &

Log Management

Powered by IBM’s Next Generation Threat Monitoring and Analytics Platform

Security Intelligence and Operations Consulting

Security Intelligence Operations Center Design & Build Out Services

Cloud and Managed Services

Built to address the Security Essentials, within context of the integrated Security Framework

Cybersecurity Assessment & Response

Threat Intelligence Advisory X-Force Threat Analysis Penetration Testing Incident Preparation Emergency Response




§ Why Choose IBM?



16

IBM provides unmatched global coverage and security awareness



17

We have a commitment to security research, development, monitoring & analysis

4,300 strategic outsourcing security delivery resources

1,200 professional services security consultants

650 field security specialists

400 security operations analysts

10 security research centers

10 security operations centers (SOCs)

14 security development labs

IBM X-Force Expertise• 150M intrusion attempts monitored daily• 46,000 documented vulnerabilities• 40M unique phishing/spam attacks• Millions of unique malware samples• Billions of analyzed web pages• 1000+ security patents

Managed Services Excellence• Tens of thousands of devices under

management• Thousands of MSS clients worldwide• Billions of events managed per day• Countries monitored in all geographies• Industry-leading research and reports


18

Security Services Market Leadership

Organizations looking for a high-quality vendor that can do it all and manage it afterwards should consider IBM


19


IBM is one of a few study participants whose MSS delivery can be considered truly global, in part because of its ability to integrate MSS and security services globally


20


Enterprises with global service delivery requirements, and those with strategic relationships with IBM, should consider IBM for MSS

You can download the report directly from here.

https://www14.software.ibm.com/webapp/iwm/web/signup.do?source=gts-LITS-WebOrganic-NA&S_PKG=ov23392



21

We have comprehensive support for best-of-breed products from IBM and other leading security vendors

A Vast and Growing Partner Ecosystem



22

Understand Follow Us Explore

Cyber Security

Intelligence Index Twitter Security Intelligence blog

Ponemon Institute 2014 “Cost of a Data Breach” Report Facebook ibm.com

X- Force Trend Report LinkedIn Smarter Planet

IBM has several resources for you to learn more about security and our solutions

hhttp://w3-01.ibm.com/sales/ssi/cgi-bin/ssialias?subtype=WH&infotype=SA&appname=GTSI_SE_TM_USEN_P&htmlfid=SEW03039USEN&attachment=SEW03039USEN.PDF

hhttp://w3-01.ibm.com/sales/ssi/cgi-bin/ssialias?subtype=WH&infotype=SA&appname=GTSI_SE_TM_USEN_P&htmlfid=SEW03039USEN&attachment=SEW03039USEN.PDF

https://twitter.com/ibmsecurity

http://securityintelligence.com/

http://www-935.ibm.com/services/us/en/it-services/security-services/cost-of-data-breach/index.html

http://www-935.ibm.com/services/us/en/it-services/security-services/cost-of-data-breach/index.html

https://www.facebook.com/secintelligence

http://www-935.ibm.com/services/us/en/it-services/security-services.html?lnk=mseIS-secu-usen

http://www-03.ibm.com/security/xforce/

http://www.linkedin.com/company/ibm-security

http://www.ibm.com/smarterplanet/us/en/?ca=v_smarterplanet



23

www.ibm.com/security

© Copyright IBM Corporation 2013. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.

Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.

www.ibm.com/security

© Copyright IBM Corporation 2014. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.

Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.




§ Security Services§ Practices



25

Cloud and Managed Security Services

Portfolio Description Benefits Key Offerings

IBM's Managed, Monitored and Cloud Security Services combine deep security research, the industry's broadest solution portfolio and a cadre of consultative services that address the full lifecycle of enterprise security, incident response and remediation.

§ Keeps you ahead of the threat landscape, and is fueled by a global intelligence-driven operation.

§ Helps reduce cost by offering flexible consumption models, whether do-it-yourself SaaS or enterprise grade management and monitoring

§ Helps streamline compliance management with regulatory controls

§ Offers a seamless lifecycle of security services, whether month-to-month management and monitoring or consultative services

§ Managed SIEM

§ Advanced Cyber Threat Intelligence

§ X-Force® Threat Analysis

§ Managed Firewall, IDPS, UTM

§ Secure Web Gateway

§ Managed Server Protection

§ Hosted Web & Email Security

§ Web Defense and DDoS Protection

§ Hosted Vulnerability Mgmt and Application Security



26

Security Strategy Risk & Compliance Services

Portfolio Description Benefits Key OfferingsIBM Security Services has developed comprehensive approaches to measure the effectiveness of the IT Risk & Security program, and based on the findings define the strategy and roadmap for improvement. This drives the foundation for broader security program activities including architecture, design, build and manage, which enables the security organization to address the changing landscape of threats and continuously improve.

§ Enhances the organization’s capability to manage and govern information security more effectively and efficiently

§ Assists in effectively meeting both security and regulatory compliance requirements

§ Build a risk aware culture through education and awareness

§ Drives continuous growth and improvement of security and compliance programs through practical measurements

§ Improves operational security for critical infrastructure

§ Security Strategy and Planning

§ Risk Management and Compliance

§ Security Awareness

§ IT GRC Implementations

§ Industrial Controls Systems Security Services



27

Cybersecurity Assessment and Response Services

Portfolio Description Benefits Key Offerings

Security incidents are inevitable, but their impact on your business can be mitigated. Our services are designed to help you prepare for and rapidly respond to an ever-growing variety of security threats.

Our seasoned security consultants can deliver cybersecurity assessments, planning, and response services, with mature methodology and proven expertise from mainframe to mobile.

§ Helps assure always-current security best practices and insight

§ Delivers on-site response time of less than 24 hours to help stop attacks in progress and reduce impact

§ Enables cost savings by potentially reducing business disruption and facilitating regulatory compliance

§ Security review and protection for the “Internet of Things”

§ Emergency Response Service

§ Proactive Planning and Preparation

§ Active Threat Assessment

§ Dynamic and Static Testing for Mobile and Web applications

§ Security Assessments for Smart and Embedded Devices



28

Security Operations Optimization Services

Portfolio Description Benefits Key OfferingsWith a deep portfolio of consulting and implementation services, IBM can help design and deploy an advanced, world-class SOC (Security Operations Center). Modeled after our own industry-leading SOCs, it can provide you the threat management capabilities needed to protect the business, and enable you to leverage the experience of IBM’s global SOC network and threat intelligence collection.

§ Helps establish an optimized SOC within limited budgets

§ Aids in improving security intelligence, integration and reporting

§ Assists in enabling appropriate and timely incident response

§ Helps demonstrate security contributions to organizational objectives

§ Leverages the deep security experience and resources of IBM

§ SOC Workshop

§ SOC Strategy and Assessment

§ SOC Design/Build and Deployment

§ SIEM Optimization



29

Data Security Services

Portfolio Description Benefits Key OfferingsOur services are designed to enable organizations to protect their business information, especially the “crown jewels”, over the full data lifecycle – from acquisition to disposal. Most important, it helps companies and organizations stay current with data security best practices in the constantly evolving threat environment.

§ Supports an effective, maintainable data security and compliance posture

§ Helps reduce the cost of data security and compliance

§ Assists in protecting brand reputation through protection of customer and other sensitive or regulated information

§ Empowers organizations to more effectively avert costly data breaches

§ Data Protection Program Development

§ Database Security Architecture

§ Data Security Solution Implementation

• Data Loss Prevention• Data Encryption• Database Activity Monitoring



30

Identity and Access Management Services

Portfolio Description Benefits Key OfferingsIBM’s Identity and Access Management services provides business and technology consulting to help customers develop a clear, business-driven, strategic roadmap for improving an organization’s Identity and Access Management maturity posture.

§ Standardized IAM and Compliance

§ Secure Cloud, Mobile, Social Collaboration

§ IAM Governance and Insider Threat

§ Strategy consulting

§ Design and implementation

§ Managed Services

§ “Cloud” Identity



31

Assess your security

posture and make it stronger

Protect your critical

assets from being

accessed Respond quickly in an

emergency to fix the

problem Manage your protection around

the clock to provide peace of

mind

IBM Security Services approaches your security utilizing a comprehensive, four-stage model, based on a foundation of security intelligence, innovation and integration.

ibm security services overview

Technology

ibm corporation3

security compromises

security leaders

ibm response services

number of security events

new data

financial data

reported data breaches