I går, i dag og i morgen - Security Systems Roadmap, Chris Mallon, IBM US

IBM Security Systems

IBM Security
Intelligence, Integration and Expertise

© 2012 IBM Corporation
1 © 2012 IBM Corporation


The world is becoming more digitized and interconnected,
opening the door to emerging threats and leaks…

The age of Big Data – the explosion of digital
DATA information – has arrived and is facilitated by
EXPLOSION the pervasiveness of applications accessed
from everywhere

With the advent of Enterprise 2.0 and social
CONSUMERIZATION business, the line between personal and
OF IT professional hours, devices and data has
disappeared

Organizations continue to move to new
EVERYTHING
platforms including cloud, virtualization,
IS EVERYWHERE mobile, social business and more

The speed and dexterity of attacks has
ATTACK increased coupled with new actors with new
SOPHISTICATION motivations from cyber crime to terrorism
to state-sponsored intrusions



Targeted Attacks Shake Businesses and Governments

Attack Type Bethesda
Software
SQL Injection

URL Tampering Northrop Italy
Grumman IMF PM
Fox News Site
Spear Phishing X-Factor

3rd Party SW Citigroup
Spanish Nat. Sega
DDoS Police

Secure ID Gmail Booz
Epsilon Accounts
PBS Allen
Hamilton
Unknown
Vanguard
Sony PBS SOCA Defense

Monsanto
Malaysian
Gov. Site Peru
HB Gary RSA Lockheed
Special
Police
Martin
Nintendo
Brazil
Gov.
L3 SK
Communications Sony BMG Communications
Size of circle estimates relative Greece Turkish
Government
Korea
impact of breach AZ Police

US Senate NATO

Feb Mar April May June July Aug

3 IBM Security X-Force® 2011 Midyear Trend and Risk Report September 2011 © 2012 IBM Corporation


IT Security is a board room discussion

Business Brand image Supply chain Legal Impact of Audit risk
results exposure hacktivism

Sony estimates HSBC data Epsilon breach TJX estimates Lulzsec 50-day Zurich
potential $1B breach impacts 100 $150M class hack-at-will Insurance PLc
long term discloses 24K national brands action spree impacts fined £2.275M
impact – private banking settlement in Nintendo, CIA, ($3.8M) for the
$171M / 100 customers release of PBS, UK NHS, loss and
customers* credit / debit UK SOCA, exposure of
card info Sony … 46K customer
records

4 *Sources for all breaches shown in speaker notes © 2012 IBM Corporation


Solving a security issue is a complex, four-dimensional puzzle

People Employees Consultants Hackers Terrorists Outsourcers Customers Suppliers

Data Structured Unstructured At rest In motion

Systems
Applications Web applications Web 2.0 Mobile apps
applications

Infrastructure

It is no longer enough to protect the perimeter –
siloed point products will not secure the enterprise

5


In this “new normal”, organizations need an intelligent view of their
security posture

O
Automated

pt
im

I S
nt ecu
el
iz

lig rity
ed
Optimized

e
Prr
P

nc
Organizations use

e
off
o predictive and
iic i
ci automated security
en
en analytics to drive toward
security intelligence
Basic tt
Ba
Manual

Organizations
Proficient
si

employ perimeter
c

protection, which Security is layered into
regulates access and the IT fabric and
feeds manual reporting business operations
Reactive Proactive



IBM Security: Delivering intelligence, integration and expertise across a
comprehensive framework

 Only vendor in the market with end-to-
end coverage of the security foundation
 6K+ security engineers and consultants
 Award-winning X-Force® research
 Largest vulnerability database in the
industry

Intelligence
Intelligence ●
● Integration
Integration ●● Expertise
Expertise



Intelligence: Leading products and services in every segment



Analysts recognize IBM’s superior products and performance

Domain Report Analyst Recognition

Security Security Information & Event Management (SIEM) 2011 2010
Intelligence,
Analytics and
GRC Enterprise Governance Risk & Compliance Platforms 2011 2011

User Provisioning / Administration 2011

Role Management & Access Recertification 2011
People 2010
Enterprise Single Sign-on (ESSO) 2011*

Web Access Management (WAM) 2011*

Data Database Auditing & Real-Time Protection 2011

Static Application Security Testing (SAST) 2010
Applications 2010
Dynamic Application Security Testing (DAST) 2011
Endpoint Network

Network Intrusion Prevention Systems (NIPS) 2010 2010

Infrastructure
EndPoint Protection Platforms (EPP) 2010

Challenger Leader Visionary Niche Player Leader (#1, 2, or 3 in segment)

Leader Strong Performer Contender * Gartner MarketScope



Integration: Increasing security, collapsing silos, and reducing complexity

Increased Awareness and Accuracy
Increased Awareness and Accuracy

 Detect advanced threats with real-time intelligence correlation across security domains
Detect advanced threats with real-time intelligence correlation across security domains

 Increase situational awareness by leveraging real-time feeds of X-Force® Research and global threat
Increase situational awareness by leveraging real-time feeds of X-Force® Research and global threat
intelligence across IBM security products, such as QRadar SIEM and Network Security appliances
intelligence across IBM security products, such as QRadar SIEM and Network Security appliances
 Conduct comprehensive incident investigations with unified identity, database, network and endpoint
 Conduct comprehensive incident investigations with unified identity, database, network and endpoint
activity monitoring and log management
activity monitoring and log management

Ease of Management
Ease of Management
 Simplify risk management and decision-making
 Simplify risk management and decision-making
with automated reporting though a unified console
with automated reporting though a unified console
 Enhance auditing and access capabilities by sharing
 Enhance auditing and access capabilities by sharing
Identity context across multiple IBM security products
Identity context across multiple IBM security products
 Build automated, customized application
 Build automated, customized application
protection policies by feeding AppScan results into
protection policies by feeding AppScan results into
IBM Network Intrusion Prevention Systems
IBM Network Intrusion Prevention Systems

Reduced Cost and Complexity
Reduced Cost and Complexity
 Deliver fast deployment, increased value and
 Deliver fast deployment, increased value and
lower TCO by working with a single strategic partner
lower TCO by working with a single strategic partner



Expertise: Unmatched global coverage and security awareness

Security Operations Centers

Security Research Centers

Security Solution Development Centers

Institute for Advanced Security Branches

World Wide Managed
IBM Research Security Services Coverage

 20,000+ devices under contract
20,000+ devices under contract

 3,700+ MSS clients worldwide
3,700+ MSS clients worldwide

 9B+ events managed per day
9B+ events managed per day

 1,000+ security patents
1,000+ security patents

 133 monitored countries (MSS)
133 monitored countries (MSS)



How is IBM solving complex
security challenges?

12


Data Explosion
IBM is integrating across IT silos with Security Intelligence solutions

Most Accurate &
Sources + Intelligence = Actionable Insight



Solving complex problems that point solutions cannot

Discovered 500 hosts with “Here You
Improving threat
Have” virus, which all other security
detection products missed

Consolidating 2 billion log and events per day reduced
data silos to 25 high priority offenses

Predicting risks Automating the policy monitoring and
against your evaluation process for configuration
business changes in the infrastructure

Addressing Real-time monitoring of all network
regulatory mandates activity, in addition to PCI mandates



Consumerization of IT
IBM is converging traditional endpoint and mobile security management
into a single solution with complementary services

IBM Mobile Security IBM Mobile
Software Security Services

Device Lifecycle Management
Inventory Mobile Enterprise
Services (MES)
Security Policy
Management Endpoint Management
Hosted Mobile Device
Device and Security Management
Data Wipe
Secure Connectivity
Anti-Jailbreak Secure Enterprise
and Anti-Root Smartphone and Tablets



Allowing organizations to innovate with confidence

Saved on deployment time (400K users
Significantly in <6 months) and management costs
Reducing while helping to achieve compliance with
Costs IBM’s end user device IT security policies
(95% of patches applied within 24 hours)

Deployed Tivoli Endpoint Manager to 1K
Time-to-Value & endpoints in days, reduced the software
update and patching process from 20 to
Performance 1 person, remediation time from weeks
Improvements to hours, and call volumes from 100 to
less than 20 calls per day

Combining power, patch and lifecycle
management along with security and
Ecosystem compliance, Fiberlink was able to grow
Value Creation its cloud-based, mobile device
management business by 25% annually
over the last 5 years



Everything is Everywhere
IBM is helping clients adopt cloud with flexible, layered security solutions

Identity Web Application Virtualization Network Image & Patch Database
Federation Scanning Security Security Management Monitoring

IBM Security Intelligence



Enabling security for new business models and delivery methods

Worldwide Enabled security for access to public
European
SaaS applications – including Google
Energy access to SaaS Apps and Salesforce.com – using cloud-
Company applications enabled federation

Best-in-class Integrated security in a multi-tenant
Infrastructure-as-a-Service environment
security for a using flexible, virtualized security
cloud provider managed from the cloud

Rapid Identity Delivered identity and access
management capabilities quickly and
solution easily using a SaaS-deployed Tivoli
deployment solution



Attack Sophistication
IBM is helping clients combat advanced threats with pre- and post-exploit
intelligence and action

Are we configured
What are the external What is happening
to protect against What was the impact?
and internal threats? right now?
these threats?

Prediction & Prevention Reaction & Remediation
Risk Management. Vulnerability Management. Network and Host Intrusion Prevention.
Configuration and Patch Management. Network Anomaly Detection. Packet Forensics.
X-Force Research and Threat Intelligence. Database Activity Monitoring. Data Leak Prevention.
Compliance Management. Reporting and Scorecards. SIEM. Log Management. Incident Response.

IBM Security Intelligence



Identifying and protecting against sophisticated attacks

Deployed solutions to identify threats and
Securing across vulnerabilities with protection across the
the enterprise entire infrastructure – from network to
ecosystem desktops in the customers’ showrooms
and remote offices

Luxury Detecting Cross-correlated identity, access, and
Brand application data to identify trusted insider
insider fraud stealing and destroying key data
Retailer

Outsourced security management for
End-to-end critical credit card holding systems (318
monitoring and network devices and servers), security-
managed protection event log monitoring and reporting
through a SaaS-based customer portal
services to detect and prevent attacks



Security Intelligence is enabling progress to optimized security

Security Intelligence:
Information and event management
Security Advanced correlation and deep analytics
Intelligence External threat research

Optimized Advanced network
Role based analytics Secure app monitoring
Identity governance Data flow analytics engineering
processes Forensics / data
Privileged user Data governance mining
controls Fraud detection
Secure systems

Virtualization security
User provisioning Application firewall
Access monitoring Asset mgmt
Proficient Access mgmt Source code
Data loss prevention Endpoint / network
Strong authentication scanning
security management

Encryption Perimeter security
Basic Centralized directory Application scanning
Access control Anti-virus

People Data Applications Infrastructure


Intelligent solutions provide the DNA to secure a Smarter Planet

Security
Intelligence,
Analytics &
GRC

People

Data

Applications

Infrastructure


Comments or Questions?

Come see the Security Systems Team
in the Expo area:

Jesper Glahn Marcus Eriksson Sven-Erik Vestergaard
Denmark Sales Leader Sales Leader, ISS Sara Anwar
Security Architect
& Qradar Nordic Sales



ibm.com/security

© Copyright IBM Corporation 2012. All rights reserved. The information contained in these materials is provided for informational purposes
only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use
of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any
warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement
governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in
all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole
discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any
way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United
24 States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. © 2012 IBM Corporation

I går, i dag og i morgen - Security Systems Roadmap, Chris Mallon, IBM US

Recomendados

Recomendados

Más contenido relacionado

Destacado

Destacado (18)

Más de IBM Danmark

Más de IBM Danmark (20)

Último

Último (20)

I går, i dag og i morgen - Security Systems Roadmap, Chris Mallon, IBM US

Notas del editor