re-i i e t i m bilitimagine enterprise mobility and ... · pdf filespear ddos hi hi xss...
TRANSCRIPT
R i i E t i M bilitRe-imagine Enterprise Mobility and Security in the Era of CloudBrendan HanniganGeneral Manager, IBM Security Systems
Re-imagine Enterprise Mobility and Security in the Era of Cloud
LeverageCloud
as a growth engine for
ExploitMobile
to build customer and
84 %91 %
as a growth engine for business
to build customer and employee engagement
rate mobility solutions as a critical area for investment to
84 %Of CIOs
in 2014 is built for cloud delivery
91 % Of net new software
© 2014 IBM Corporation2
critical area for investment to get closer to customers
Re-imagine Enterprise Mobility and Security in the Era of Cloud
Business Process
as a ServiceSoftware
as a ServicePlatform
as a ServiceInfrastructure as a Serviceas a Service
S t S t
IBM Cloud SolutionsSmarter Commerce
SmarterWorkforce
Big Data & Analytics
Watson Solutions
BluemixTM
On Premises Cloud Infrastructure
GBS Cloud Business Solutions
Smarter Cities
y
Software Solutions
Infrastructure Services
Cloud Managed Services
© 2014 IBM Corporation3
Re-imagine Enterprise Mobility and Security in the Era of Cloud
Protect TransformEngageBuild
IBM Mobile Capabilities
‐ Enterprise Mobility Management Software and S i
‐ Mobile App Development Platform
‐ Strategy and Design Services
‐ Infrastructure
‐ Mobile Analytics Software
‐ Strategy andServices‐ Cloud Services
‐ Development and Integration Services
Infrastructure Consulting Services
Strategy and Design Services
© 2014 IBM Corporation4
Integration Services
Yesterday’s security does not workdoes not work
© 2014 IBM Corporation5
Re-imagine Enterprise Mobility and Security in the Era of Cloud
Sophisticated attackers break through safeguards every day2011
Year of the breach2012
40% increase2013
500,000,000+ records breached
SQL i j ti
Watering h l
Physical MalwareThird-party ft
DDoSSpear hi hi
XSS UndisclosedAttack types
injection holeaccesssoftwarephishing
61% of organizations say data theft and cybercrime $3.5M+ average cost
of a data breach
© 2014 IBM Corporation6
61 are their greatest threats 3.5M of a data breach
2012 IBM Global Reputational Risk & IT Study 2014 Cost of Data Breach, Ponemon InstituteIBM X-Force Threat Intelligence Quarterly – 1Q 2014, circle size estimates relative cost to business
8585 security tools from
4545 vendorsIBM client example
© 2014 IBM Corporation7
IBM client example
Cloud and mobile: risk or opportunity?
© 2014 IBM Corporation8
Re-imagine Enterprise Mobility and Security in the Era of Cloud
Cloud and mobile raise security concerns
70% 614%of security executives havecloud and mobile concerns
Mobile malware growthin just one year
Top 3: Data, access, and auditing
© 2014 IBM Corporation9
2013 IBM CISO Survey 2012-2013 Juniper Mobile Threat Report
Re-imagine Enterprise Mobility and Security in the Era of Cloud
Cloud is an opportunity for enhanced security11
IaaS PaaS SaaS
Maintaincloud visibility
Leveragecrowd sourced
Use secure cloud infrastructure
© 2014 IBM Corporation10
cloud visibilityand control
crowd sourcedthreat intelligence
infrastructureand services
Re-imagine Enterprise Mobility and Security in the Era of Cloud
Employ cloud to improve security with IBM solutions
IaaS PaaS SaaS
Maintain cloud Leverage crowd sourced Use secure cloud
A global electronics firm helps protect access to cloud-based
applications for
An international bank reduced phishing attacks by
Maintain cloud visibility and control
Leverage crowd sourced threat intelligence
Use secure cloud infrastructure and services
Streamlined number of user accounts with cloud-delivered
identity and access managementapplications for
employees90%
and phone fraud to almost $0
identity and access management for
8.5Mautomobile customers
and employees
10K
© 2014 IBM Corporation11
to almost $0 and employeesIBM Trusteer Fraud ProtectionIBM Security Access Manager IBM Lighthouse Gateway
Re-imagine Enterprise Mobility and Security in the Era of Cloud
2 Build security into mobile deployments from day one
Security Intelligence
Enterprise Applicationsand Cloud ServicesPersonal Enterprise
2
Content SecurityApplication Security
Transaction Security
Device Security
DATA
Identity, Fraud,and Data Protection
Device Security Transaction SecurityContent Security Application Security
IBM Security Solutions
© 2014 IBM Corporation12
IBM Security AppScan
IBM SecurityAccess Manager
IBM Tealeaf
IBM Trusteer
IBM MobileFirst Platform (includes Worklight)
IBM MaaS360
Re-imagine Enterprise Mobility and Security in the Era of Cloud
Unlock mobile value with new security solutions
Security Intelligence
Enterprise Applicationsand Cloud ServicesPersonal Enterprise
Content SecurityApplication Security
Transaction Security
Device Security
DATA
Discovered and enrolled users migrated
Identity, Fraud,and Data Protection
36 000 70 000+Discovered and enrolled devices in the first
minutes with ability to wipe the device if lost
users migratedin the first month
Help desk calls (< .5%)
36,00060
70,000+
<500
© 2014 IBM Corporation13
IBM CorporationChemical company
Sophisticated Attackers: t diti l d ftraditional defense or a
big data solution?big data solution?
© 2014 IBM Corporation14
Re-imagine Enterprise Mobility and Security in the Era of Cloud
For sophisticated attacks, traditional defenses are not enough
UEasy
Customer Accounts
Users
© 2014 IBM Corporation15 Easy
Re-imagine Enterprise Mobility and Security in the Era of Cloud
Security is a big data and analytics problem
Logs Events Alerts
Traditional Security Operations and Technology
Configuration information
System
Identity contextSystem
audit trails
Externalth t f d
Network flows and anomalies
Malwarethreat feeds Malware information E-mail and
social activityBusiness process data
© 2014 IBM Corporation16
Full packet and DNS captures
Big DataAnalytics
Re-imagine Enterprise Mobility and Security in the Era of Cloud
Stop advanced threats with security intelligence3
Detect advanced threats
3
Detect advanced threats with security intelligence
Protect against fraud and targeted attacks
Deploy integrated security
© 2014 IBM Corporation17
security
Re-imagine Enterprise Mobility and Security in the Era of Cloud
Threat Protection System: Integrated advanced threat defense
Endpoint Protection Security Intelligence Incident Forensics
Emergency Response ServicesNetwork Protection
XGS
Open Global Threat
© 2014 IBM Corporation18
Integrations Intelligence
Helping clients stop advanced threatsRe-imagine Enterprise Mobility and Security in the Era of Cloud
An International An International A MajorAn InternationalEnergy Firm
An International Commodities Exchange
A MajorHealth Care Provider
Analyzed2B+
Maintained systemuptimes of
Monitors 25K+ d i t2B
events per day to find20-25
potential offenses
uptimes of99.9%+ with 0reported breaches
in 3 years
25K endpointsand blocked
200+ high risk infections in the first 6 months
© 2014 IBM Corporation19
potential offenses to investigate
y in the first 6 months
Leverage intelligence to help prevent fraudRe-imagine Enterprise Mobility and Security in the Era of Cloud
g g p pComprehensive solution built upon real-time intelligence and adaptable protection
ReduceOperational Impact
Prevent “Root Cause” of Fraud
AdvancedFraud
Prevention
Improve YourCustomer Experience
Utilize Real-time Intelligence Service
© 2014 IBM Corporation20
IBM Security SolutionsIBM Security Solutions
21 © 2014 IBM Corporation
Re-imagine Enterprise Mobility and Security in the Era of Cloud
IBM Security Portfolio
Consulting and Managed Services Integrated Security Technologies
IBM Security Portfolio
Security Intelligence and Operations Security Intelligence and Analytics
Strategy,Risk and Compliance
Cloud and Managed Services
Advanced Fraud Protection
Identity and Access Management
Services
Data andApplication
Security Services
Cybersecurity Assessment
and Response
Identity and Access
ManagementData
SecurityApplication
SecurityInfrastructure
and Threat Protection
Advanced Threat and Security ResearchAdvanced Threat and Security Research
Key Security Trends
© 2014 IBM Corporation22
Advanced Threats
Skills Shortage
Cloud Adoption
Mobile Concerns
Compliance Mandates
Re-imagine Enterprise Mobility and Security in the Era of Cloud
Cloud is an opportunity for enhanced i1
Build security into mobile deployments
security
2
1Build security into mobile deployments from day one2Stop advanced threats with security intelligence3
© 2014 IBM Corporation23
Re-imagine Enterprise Mobility and Security in the Era of Cloud
IBM has global breadth and scale in Cloud, Mobile and Security
1,700+100+
Cloud Mobile Security
3,000 ,security patents
25global sec rit labs
SaaS offerings
1,500clo d patents
,mobile experts
18M bil Fi t t di global security labs
15B+security events monitored
cloud patents
40K+cloud experts
MobileFirst studios
8mobile acquisitions
© 2014 IBM Corporation24
security events monitored daily in 130 countries
cloud experts mobile acquisitions
Visit us at…
New Cloud Services and Apps in a Fraction
of the Time
MadeWithIBM
IBMEngagement
Zoneof the Time
Wednesday @ 10:15 amDolphin, Southern 2
Booth 10Expo
IBMZone
Dolphin HotelLobby
Join us at the IBM Cloud Café – Yacht and Beach Club
© 2014 IBM Corporation25
Join us at the IBM Cloud Café Yacht and Beach ClubSchedule your own IBM-supported hackathon. Develop apps in the time it takes to order a latte.
#THINKTech
Learn moreRe-imagine Enterprise Mobility and Security in the Era of Cloud
IBM Security IBM MobileFirst
IBM Security Website IBM MobileFirst Website
Watch our videos Download the IBV Mobile Study
Sign up for a free MobileRead our blog Sign up for a free Mobile Agenda Workshop
© 2014 IBM Corporation26
@ibmsecurity @ibmmobile
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to
fbe part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.
www.ibm.com/security
© Copyright IBM Corporation 2014. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software.
f
© 2014 IBM Corporation27
References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.