R i i E t i M bilitRe-imagine Enterprise Mobility and Security in the Era of CloudBrendan HanniganGeneral Manager, IBM Security Systems

Re-imagine Enterprise Mobility and Security in the Era of Cloud

LeverageCloud

as a growth engine for

ExploitMobile

to build customer and

84 %91 %

as a growth engine for business

to build customer and employee engagement

rate mobility solutions as a critical area for investment to

84 %Of CIOs

in 2014 is built for cloud delivery

91 % Of net new software

© 2014 IBM Corporation2

critical area for investment to get closer to customers

Re-imagine Enterprise Mobility and Security in the Era of Cloud

Business Process

as a ServiceSoftware

as a ServicePlatform

as a ServiceInfrastructure as a Serviceas a Service

S t S t

IBM Cloud SolutionsSmarter Commerce

SmarterWorkforce

Big Data & Analytics

Watson Solutions

BluemixTM

On Premises Cloud Infrastructure

GBS Cloud Business Solutions

Smarter Cities

y

Software Solutions

Infrastructure Services

Cloud Managed Services

© 2014 IBM Corporation3

Re-imagine Enterprise Mobility and Security in the Era of Cloud

Protect TransformEngageBuild

IBM Mobile Capabilities

‐ Enterprise Mobility Management Software and S i

‐ Mobile App Development Platform

‐ Strategy and Design Services

‐ Infrastructure

‐ Mobile Analytics Software

‐ Strategy andServices‐ Cloud Services

‐ Development and Integration Services

Infrastructure Consulting Services

Strategy and Design Services

© 2014 IBM Corporation4

Integration Services

Yesterday’s security does not workdoes not work

© 2014 IBM Corporation5

Re-imagine Enterprise Mobility and Security in the Era of Cloud

Sophisticated attackers break through safeguards every day2011

Year of the breach2012

40% increase2013

500,000,000+ records breached

SQL i j ti

Watering h l

Physical MalwareThird-party ft

DDoSSpear hi hi

XSS UndisclosedAttack types

injection holeaccesssoftwarephishing

61% of organizations say data theft and cybercrime $3.5M+ average cost

of a data breach

© 2014 IBM Corporation6

61 are their greatest threats 3.5M of a data breach

2012 IBM Global Reputational Risk & IT Study 2014 Cost of Data Breach, Ponemon InstituteIBM X-Force Threat Intelligence Quarterly – 1Q 2014, circle size estimates relative cost to business

8585 security tools from

4545 vendorsIBM client example

© 2014 IBM Corporation7

IBM client example

Cloud and mobile: risk or opportunity?

© 2014 IBM Corporation8

Re-imagine Enterprise Mobility and Security in the Era of Cloud

Cloud and mobile raise security concerns

70% 614%of security executives havecloud and mobile concerns

Mobile malware growthin just one year

Top 3: Data, access, and auditing

© 2014 IBM Corporation9

2013 IBM CISO Survey 2012-2013 Juniper Mobile Threat Report

Re-imagine Enterprise Mobility and Security in the Era of Cloud

Cloud is an opportunity for enhanced security11

IaaS PaaS SaaS

Maintaincloud visibility

Leveragecrowd sourced

Use secure cloud infrastructure

© 2014 IBM Corporation10

cloud visibilityand control

crowd sourcedthreat intelligence

infrastructureand services

Re-imagine Enterprise Mobility and Security in the Era of Cloud

Employ cloud to improve security with IBM solutions

IaaS PaaS SaaS

Maintain cloud Leverage crowd sourced Use secure cloud

A global electronics firm helps protect access to cloud-based

applications for

An international bank reduced phishing attacks by

Maintain cloud visibility and control

Leverage crowd sourced threat intelligence

Use secure cloud infrastructure and services

Streamlined number of user accounts with cloud-delivered

identity and access managementapplications for

employees90%

and phone fraud to almost $0

identity and access management for

8.5Mautomobile customers

and employees

10K

© 2014 IBM Corporation11

to almost $0 and employeesIBM Trusteer Fraud ProtectionIBM Security Access Manager IBM Lighthouse Gateway

Re-imagine Enterprise Mobility and Security in the Era of Cloud

2 Build security into mobile deployments from day one

Security Intelligence

Enterprise Applicationsand Cloud ServicesPersonal Enterprise

2

Content SecurityApplication Security

Transaction Security

Device Security

DATA

Identity, Fraud,and Data Protection

Device Security Transaction SecurityContent Security Application Security

IBM Security Solutions

© 2014 IBM Corporation12

IBM Security AppScan

IBM SecurityAccess Manager

IBM Tealeaf

IBM Trusteer

IBM MobileFirst Platform (includes Worklight)

IBM MaaS360

Re-imagine Enterprise Mobility and Security in the Era of Cloud

Unlock mobile value with new security solutions

Security Intelligence

Enterprise Applicationsand Cloud ServicesPersonal Enterprise

Content SecurityApplication Security

Transaction Security

Device Security

DATA

Discovered and enrolled users migrated

Identity, Fraud,and Data Protection

36 000 70 000+Discovered and enrolled devices in the first

minutes with ability to wipe the device if lost

users migratedin the first month

Help desk calls (< .5%)

36,00060

70,000+

<500

© 2014 IBM Corporation13

IBM CorporationChemical company

Sophisticated Attackers: t diti l d ftraditional defense or a

big data solution?big data solution?

© 2014 IBM Corporation14

Re-imagine Enterprise Mobility and Security in the Era of Cloud

For sophisticated attacks, traditional defenses are not enough

UEasy

Customer Accounts

Users

© 2014 IBM Corporation15 Easy

Re-imagine Enterprise Mobility and Security in the Era of Cloud

Security is a big data and analytics problem

Logs Events Alerts

Traditional Security Operations and Technology

Configuration information

System

Identity contextSystem

audit trails

Externalth t f d

Network flows and anomalies

Malwarethreat feeds Malware information E-mail and

social activityBusiness process data

© 2014 IBM Corporation16

Full packet and DNS captures

Big DataAnalytics

Re-imagine Enterprise Mobility and Security in the Era of Cloud

Stop advanced threats with security intelligence3

Detect advanced threats

3

Detect advanced threats with security intelligence

Protect against fraud and targeted attacks

Deploy integrated security

© 2014 IBM Corporation17

security

Re-imagine Enterprise Mobility and Security in the Era of Cloud

Threat Protection System: Integrated advanced threat defense

Endpoint Protection Security Intelligence Incident Forensics

Emergency Response ServicesNetwork Protection

XGS

Open Global Threat

© 2014 IBM Corporation18

Integrations Intelligence

Helping clients stop advanced threatsRe-imagine Enterprise Mobility and Security in the Era of Cloud

An International An International A MajorAn InternationalEnergy Firm

An International Commodities Exchange

A MajorHealth Care Provider

Analyzed2B+

Maintained systemuptimes of

Monitors 25K+ d i t2B

events per day to find20-25

potential offenses

uptimes of99.9%+ with 0reported breaches

in 3 years

25K endpointsand blocked

200+ high risk infections in the first 6 months

© 2014 IBM Corporation19

potential offenses to investigate

y in the first 6 months

Leverage intelligence to help prevent fraudRe-imagine Enterprise Mobility and Security in the Era of Cloud

g g p pComprehensive solution built upon real-time intelligence and adaptable protection

ReduceOperational Impact

Prevent “Root Cause” of Fraud

AdvancedFraud

Prevention

Improve YourCustomer Experience

Utilize Real-time Intelligence Service

© 2014 IBM Corporation20

IBM Security SolutionsIBM Security Solutions

21 © 2014 IBM Corporation

Re-imagine Enterprise Mobility and Security in the Era of Cloud

IBM Security Portfolio

Consulting and Managed Services Integrated Security Technologies

IBM Security Portfolio

Security Intelligence and Operations Security Intelligence and Analytics

Strategy,Risk and Compliance

Cloud and Managed Services

Advanced Fraud Protection

Identity and Access Management

Services

Data andApplication

Security Services

Cybersecurity Assessment

and Response

Identity and Access

ManagementData

SecurityApplication

SecurityInfrastructure

and Threat Protection

Advanced Threat and Security ResearchAdvanced Threat and Security Research

Key Security Trends

© 2014 IBM Corporation22

Advanced Threats

Skills Shortage

Cloud Adoption

Mobile Concerns

Compliance Mandates

Re-imagine Enterprise Mobility and Security in the Era of Cloud

Cloud is an opportunity for enhanced i1

Build security into mobile deployments

security

2

1Build security into mobile deployments from day one2Stop advanced threats with security intelligence3

© 2014 IBM Corporation23

Re-imagine Enterprise Mobility and Security in the Era of Cloud

IBM has global breadth and scale in Cloud, Mobile and Security

1,700+100+

Cloud Mobile Security

3,000 ,security patents

25global sec rit labs

SaaS offerings

1,500clo d patents

,mobile experts

18M bil Fi t t di global security labs

15B+security events monitored

cloud patents

40K+cloud experts

MobileFirst studios

8mobile acquisitions

© 2014 IBM Corporation24

security events monitored daily in 130 countries

cloud experts mobile acquisitions

Visit us at…

New Cloud Services and Apps in a Fraction

of the Time

MadeWithIBM

IBMEngagement

Zoneof the Time

Wednesday @ 10:15 amDolphin, Southern 2

Booth 10Expo

IBMZone

Dolphin HotelLobby

Join us at the IBM Cloud Café – Yacht and Beach Club

© 2014 IBM Corporation25

Join us at the IBM Cloud Café Yacht and Beach ClubSchedule your own IBM-supported hackathon. Develop apps in the time it takes to order a latte.

#THINKTech

Learn moreRe-imagine Enterprise Mobility and Security in the Era of Cloud

IBM Security IBM MobileFirst

IBM Security Website IBM MobileFirst Website

Watch our videos Download the IBV Mobile Study

Sign up for a free MobileRead our blog Sign up for a free Mobile Agenda Workshop

© 2014 IBM Corporation26

@ibmsecurity @ibmmobile

Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to

fbe part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.

www.ibm.com/security

© Copyright IBM Corporation 2014. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software.

f

© 2014 IBM Corporation27

References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.