ibm security services overview
TRANSCRIPT
© 2014 IBM Corporation
IBM Security Services
1 © 2014 IBM Corporation
§ IBM Security Services
§ Intelligence, Integration and Expertise
§ 4/30/15
© 2014 IBM Corporation
IBM Security Services
2
Agenda
§ The evolving threat landscape
§ A new approach to intelligent threat management
§ Solutions designed to keep you ahead of attackers
§ Why IBM?
§ Discussion
© 2014 IBM Corporation
IBM Security Services
3 © 2014 IBM Corporation3
§ The Evolving Threat Landscape
© 2014 IBM Corporation
IBM Security Services
4
Anything that is connected to the Internet can be hacked.Everything is being connected to the Internet
© 2014 IBM Corporation
IBM Security Services
5
Security Reality – We have all been compromised
of all incidents analyzed by IBM Response Services could be considered “noteworthy” (potentially material or significant impact)
of incidents analyzed logged human error as a contributing factor
2014 IBM Cybersecurity Intelligence Team
1 out of 100security compromises are
ever detected
General Keith Alexander, Head of U.S. Cyber Command, in a speech to the American
Enterprise Institute
2014 IBM Cybersecurity Intelligence Team
§ Stolen or lost laptop or mobile device,
§ Mistaken address/disposition/email of SPI,
§ Double clicking (malware), § Poor system hygiene:
failure to patch, configure, or update
§ Failure to delete dormant user accounts, use of default passwords.
1,764,121Represents the number of security events the average organization of 15K employees will capture weekly
324of these events represent actual attacks, per week
2.1 of these attacks will result in an incident, per week, – a 22% annual increase
2014 IBM Cybersecurity Intelligence Index
© 2014 IBM Corporation
IBM Security Services
6
We are in an era of continuous breaches.
Operational sophistication
IBM X-Force declared year of the
security breach
Near daily leaks of sensitive data
40% increase in reported data
breaches and incidents
Relentless use of multiple methods
500,000,000+ records were leaked, while the future
shows no sign of change
2011 2012 2013
Note: Size of circle estimates relative impact of incident in terms of cost to business.
SQL injection
Spear phishing
DDoS Third-party software
Physical access
Malware XSS Watering hole
Undisclosed
Attack types
Source: IBM X-Force Threat Intelligence Quarterly – 1Q 2014
© 2014 IBM Corporation
IBM Security Services
7
Who is attacking your networks?
Attacker
Outsiders
Combination
Malicious Insiders
Inadvertent Actor
Source: 2014 IBM Cybersecurity Intelligence Index
© 2014 IBM Corporation
IBM Security Services
8
What are the attackers after and what is the impact?
Data – the new currency
§ Upwards of 80% of cybercrime
acts are estimated to originate in
some form of organized
activity.
§ Attackers are focused on
harvesting of personal and
financial data, or other forms
of corporate intellectual
property which can be sold on
the black market.
Key take-away:
The cost of a
data breach to
U.S.
organizations is
on the rise and
affecting
customer
retention.
New Data: from the 2014 Ponemon Institute Cost of Data Breach
Study: United States, sponsored by IBM
Available at: www.ibm.com/services/costofbreach
© 2014 IBM Corporation
IBM Security Services
9
Security is a board room discussion, and security leaders are more accountable than ever before
© 2014 IBM Corporation
IBM Security
10 10 © 2014 IBM Corporation
§ A new approach to security is needed
© 2014 IBM Corporation
IBM Security Services
11
Ten essential steps to creating an intelligent security management program
10 Manage the digital identity lifecycle
9 Assure data security and privacy
8 Manage third party security compliance
7 Address security complexity of cloud and virtualization
5 Manage IT hygienically
6 Create a secure and resilient network
4 Develop secure products, by design
3 Secure collaboration in social and mobile
workplace
2 Establish intelligent security
operations and rapid threat
response
GOAL: INTELLIGENT CYBER THREAT PROTECTION AND RISK MANAGEMENT
1 Build a risk aware culture and management system
Understand Security Essentials
© 2014 IBM Corporation
IBM Security Services
12
IBM can help you effectively establish your security operations
© 2014 IBM Corporation
IBM Security Services
13
§ Assessing your current security posture
§ Identifying the gaps§ Guidance for making
improvements
IBM Security Services support a customer’s end to end security lifecycle
§ Deliver the best solutions to protect your data, network and infrastructure
§ Provide comprehensive methods, strategies and services
§ Providing you assistance for pro-actively preparing for or responding to cyber attacks
§ Help you recover in the case of an incident, and understand its impact
§ Hosted and cloud-based device management delivers the industry’s most effective security operations and intelligence
§ Managing your security operations through integrated tools, strategies, intelligence, analytics and staff skills
© 2014 IBM Corporation
IBM Security Services
14
IBM Security Services Portfolio
Identity Data Applications Infrastructure
Identity Assessment & Strategy Crown Jewels Discovery & Protection SDLC Program Development Security Optimization
User Provisioning/Access Mgmt Database Security Dynamic and Static Testing Design, Deployment & Migration
Total Authentication Solution Encryption and Data Loss Prevention
Embedded Device TestingStaff Augmentation
Managed/Cloud Identity Mobile Application Testing
Strategy, Risk & Compliance
Security Maturity Benchmarking
Security Strategy & Roadmap Development
Security Risk Assessment & Program Design
Industrial Controls
(NIST, SCADA)PCI Advisory
IBM offers a comprehensive portfolio of security services
Firewall / Unified Threat Management
Intrusion Detection & Prevention
Web Protection & Managed DDoS
Hosted E-Mail & Web
Vulnerability Mgmt
Managed SIEM &
Log Management
Powered by IBM’s Next Generation Threat Monitoring and Analytics Platform
Security Intelligence and Operations Consulting
Security Intelligence Operations Center Design & Build Out Services
Cloud and Managed Services
Built to address the Security Essentials, within context of the integrated Security Framework
Cybersecurity Assessment & Response
Threat Intelligence Advisory X-Force Threat Analysis Penetration Testing Incident Preparation Emergency Response
© 2014 IBM Corporation
IBM Security Services
16
IBM provides unmatched global coverage and security awareness
© 2014 IBM Corporation
IBM Security Services
17
We have a commitment to security research, development, monitoring & analysis
4,300 strategic outsourcing security delivery resources
1,200 professional services security consultants
650 field security specialists
400 security operations analysts
10 security research centers
10 security operations centers (SOCs)
14 security development labs
IBM X-Force Expertise• 150M intrusion attempts monitored daily• 46,000 documented vulnerabilities• 40M unique phishing/spam attacks• Millions of unique malware samples• Billions of analyzed web pages• 1000+ security patents
Managed Services Excellence• Tens of thousands of devices under
management• Thousands of MSS clients worldwide• Billions of events managed per day• Countries monitored in all geographies• Industry-leading research and reports
IBM Security Services
18
Security Services Market Leadership
Organizations looking for a high-quality vendor that can do it all and manage it afterwards should consider IBM
IBM Security Services
19
Security Services Market Leadership
IBM is one of a few study participants whose MSS delivery can be considered truly global, in part because of its ability to integrate MSS and security services globally
IBM Security Services
20
Security Services Market Leadership
Enterprises with global service delivery requirements, and those with strategic relationships with IBM, should consider IBM for MSS
You can download the report directly from here.
© 2014 IBM Corporation
IBM Security Services
21
We have comprehensive support for best-of-breed products from IBM and other leading security vendors
A Vast and Growing Partner Ecosystem
© 2014 IBM Corporation
IBM Security Services
22
Understand Follow Us Explore
Cyber Security
Intelligence Index Twitter Security Intelligence blog
Ponemon Institute 2014 “Cost of a Data Breach” Report Facebook ibm.com
X- Force Trend Report LinkedIn Smarter Planet
IBM has several resources for you to learn more about security and our solutions
© 2014 IBM Corporation
IBM Security Services
23
www.ibm.com/security
© Copyright IBM Corporation 2013. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.
www.ibm.com/security
© Copyright IBM Corporation 2014. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.
© 2014 IBM Corporation
IBM Security Services
24 24 © 2014 IBM Corporation
§ Security Services§ Practices
© 2014 IBM Corporation
IBM Security Services
25
Cloud and Managed Security Services
Portfolio Description Benefits Key Offerings
IBM's Managed, Monitored and Cloud Security Services combine deep security research, the industry's broadest solution portfolio and a cadre of consultative services that address the full lifecycle of enterprise security, incident response and remediation.
§ Keeps you ahead of the threat landscape, and is fueled by a global intelligence-driven operation.
§ Helps reduce cost by offering flexible consumption models, whether do-it-yourself SaaS or enterprise grade management and monitoring
§ Helps streamline compliance management with regulatory controls
§ Offers a seamless lifecycle of security services, whether month-to-month management and monitoring or consultative services
§ Managed SIEM
§ Advanced Cyber Threat Intelligence
§ X-Force® Threat Analysis
§ Managed Firewall, IDPS, UTM
§ Secure Web Gateway
§ Managed Server Protection
§ Hosted Web & Email Security
§ Web Defense and DDoS Protection
§ Hosted Vulnerability Mgmt and Application Security
© 2014 IBM Corporation
IBM Security Services
26
Security Strategy Risk & Compliance Services
Portfolio Description Benefits Key OfferingsIBM Security Services has developed comprehensive approaches to measure the effectiveness of the IT Risk & Security program, and based on the findings define the strategy and roadmap for improvement. This drives the foundation for broader security program activities including architecture, design, build and manage, which enables the security organization to address the changing landscape of threats and continuously improve.
§ Enhances the organization’s capability to manage and govern information security more effectively and efficiently
§ Assists in effectively meeting both security and regulatory compliance requirements
§ Build a risk aware culture through education and awareness
§ Drives continuous growth and improvement of security and compliance programs through practical measurements
§ Improves operational security for critical infrastructure
§ Security Strategy and Planning
§ Risk Management and Compliance
§ Security Awareness
§ IT GRC Implementations
§ Industrial Controls Systems Security Services
© 2014 IBM Corporation
IBM Security Services
27
Cybersecurity Assessment and Response Services
Portfolio Description Benefits Key Offerings
Security incidents are inevitable, but their impact on your business can be mitigated. Our services are designed to help you prepare for and rapidly respond to an ever-growing variety of security threats.
Our seasoned security consultants can deliver cybersecurity assessments, planning, and response services, with mature methodology and proven expertise from mainframe to mobile.
§ Helps assure always-current security best practices and insight
§ Delivers on-site response time of less than 24 hours to help stop attacks in progress and reduce impact
§ Enables cost savings by potentially reducing business disruption and facilitating regulatory compliance
§ Security review and protection for the “Internet of Things”
§ Emergency Response Service
§ Proactive Planning and Preparation
§ Active Threat Assessment
§ Dynamic and Static Testing for Mobile and Web applications
§ Security Assessments for Smart and Embedded Devices
© 2014 IBM Corporation
IBM Security Services
28
Security Operations Optimization Services
Portfolio Description Benefits Key OfferingsWith a deep portfolio of consulting and implementation services, IBM can help design and deploy an advanced, world-class SOC (Security Operations Center). Modeled after our own industry-leading SOCs, it can provide you the threat management capabilities needed to protect the business, and enable you to leverage the experience of IBM’s global SOC network and threat intelligence collection.
§ Helps establish an optimized SOC within limited budgets
§ Aids in improving security intelligence, integration and reporting
§ Assists in enabling appropriate and timely incident response
§ Helps demonstrate security contributions to organizational objectives
§ Leverages the deep security experience and resources of IBM
§ SOC Workshop
§ SOC Strategy and Assessment
§ SOC Design/Build and Deployment
§ SIEM Optimization
© 2014 IBM Corporation
IBM Security Services
29
Data Security Services
Portfolio Description Benefits Key OfferingsOur services are designed to enable organizations to protect their business information, especially the “crown jewels”, over the full data lifecycle – from acquisition to disposal. Most important, it helps companies and organizations stay current with data security best practices in the constantly evolving threat environment.
§ Supports an effective, maintainable data security and compliance posture
§ Helps reduce the cost of data security and compliance
§ Assists in protecting brand reputation through protection of customer and other sensitive or regulated information
§ Empowers organizations to more effectively avert costly data breaches
§ Data Protection Program Development
§ Database Security Architecture
§ Data Security Solution Implementation
• Data Loss Prevention• Data Encryption• Database Activity Monitoring
© 2014 IBM Corporation
IBM Security Services
30
Identity and Access Management Services
Portfolio Description Benefits Key OfferingsIBM’s Identity and Access Management services provides business and technology consulting to help customers develop a clear, business-driven, strategic roadmap for improving an organization’s Identity and Access Management maturity posture.
§ Standardized IAM and Compliance
§ Secure Cloud, Mobile, Social Collaboration
§ IAM Governance and Insider Threat
§ Strategy consulting
§ Design and implementation
§ Managed Services
§ “Cloud” Identity
© 2014 IBM Corporation
IBM Security Services
31
Assess your security
posture and make it stronger
Protect your critical
assets from being
accessed Respond quickly in an
emergency to fix the
problem Manage your protection around
the clock to provide peace of
mind
IBM Security Services approaches your security utilizing a comprehensive, four-stage model, based on a foundation of security intelligence, innovation and integration.