Change isn’t coming. It’s already here. More devices. More access points. More valuable data in the cloud. In this new digital era, perimeter controls and traditional security practices are not enough to safeguard your enterprise. You need security for the way the world works. Security intelligence and integrated controls are today’s essentials to gain visibility and get to a higher level of maturity. Learn how cloud, collaboration and cognitive will define the next era of security to help you outthink attackers and proactively protect your most critical assets.

1. Security in the Cognitive Era
Shelley Westman
Vice President, IBM Security

2. 2 IBM Security2 IBM Security

3. 3 IBM Security3 IBM Security
Paradigm shift in crime

4. 4 IBM Security4 IBM Security
800+ Million
records breached
1+ Billion
records breached
Unprecedented
high-value targets breached
2013 2014 2015
$7M
average cost of a U.S. data breachaverage time to identify data breach
201 days

5. What are the little things causing
today’s big issues?

6. 6 IBM Security6 IBM Security
• Insider risk, human error
and negligence
• Infected BYOD
• Falling for phishing
• Unpatched vulnerabilities
and delayed patches
• Weak passwords
Cyber Butterfly Effect
Key issues:

7. 7 IBM Security7 IBM Security

8. 8 IBM Security8 IBM Security
Culture change needed
• Adding another tool
• Hoping it’s not me
• Building more
barricades
• Skipping the basics
• Ignoring privileges
• Checking audit boxes
• Betting on BYOS
Culture change
needed to fight the
Cyber Butterfly Effect
What we’re still seeing:

9. We need a new approach
to security

10. 10 IBM Security10 IBM Security
An integrated and intelligent security immune system
Threat
Intelligence
Security
Analytics
Cloud
Identity
and
Access
Data
and
Apps
Mobile
Advanced
Fraud
NetworkEndpoint
Security
Ecosystem
Criminal detection
Fraud protection
Workload
protection
Cloud access
security broker
Access management
Entitlements and roles
Privileged identity management
Identity management
Data access control
Application security management
Application scanning
Data monitoring
Device Management
Transaction protection
Content security
Malware protection
Antivirus
Endpoint patching
and management
Virtual patching
Firewalls
Incident and threat management
Sandboxing
Network visibility
Vulnerability management Incident response
Log, flow, data analysis Anomaly detection
Indicators of compromise
IP reputation Threat sharing

11. 11 IBM Security11 IBM Security
COGNITIVE, CLOUD,
and COLLABORATION
Innovation to contain the cyber butterfly effect
INTELLIGENCE
and INTEGRATION
PERIMETER
CONTROLS

12. Stay ahead of the threat with
collaborative platforms to share
intelligence and take action
COLLABORATION

13. 13 IBM Security13 IBM Security
ATTACKERS are more collaborative than ever
Global data sharing
Marketplace for products and services
Trusting relationships and networks
Organized cyber gangs
Criminal Boss
Underboss
Campaign
Managers
Affiliation
Networks
Stolen
Data
Resellers

14. 14 IBM Security14 IBM Security
IBM X-Force Exchange
Global scale
• 700+ TB of threat data
• 15B+ events / day
• 270M+ endpoints
covered
• 25B+ web pages and
images
• 8M+ spam / phishing
attacks
• 1M+ malicious IP
addresses
Sourced from
2,000 organizations
across 16 industries
SECURITY
ANALYST
CISO IBM
X-FORCE
INCIDENT
RESPONDER
Social community
for sharing threat
intelligence

15. 15 IBM Security15 IBM Security
IBM App Exchange
• 10k+ visits
• 1,200+ downloads
• 40+ available apps
• 20+ more partners through
ecosystem training
Online marketplace
share and download apps
based on IBM security
technologies
Collaborative
defense with a
partner ecosystem

16. Safely move workloads and data
to the cloud, and quickly consume
security from the cloud
CLOUD

17. 17 IBM Security17 IBM Security
Access, data and visibility are top cloud priorities
Governance
and policy
Identity
and access Authentication and
Single Sign-On
MANAGE
ACCESS
Data
protection
Application
security
Threat
prevention
Fraud
and malware
PROTECT
DATA
Cloud app
usage
Global threat
analysis
Mobile
security
Security
intelligence
GAIN
VISIBILITY

18. Outthink threats with security
technology that understands,
reasons, and learns
COGNITIVE

19. 19 IBM Security19 IBM Security
Most security knowledge is untapped…
Traditional
Security Data
Human Generated
Knowledge
• Security events and alerts
• Logs and configuration data
• User and network activity
• Threat and vulnerability feeds
• Threat intelligence
• Research documents
• Industry publications
• Forensic information
• Conference presentations
• Analyst reports
• Blogs
• Webpages
• Wikis
• News sources
• Wikis
• Newsletters
• Tweets
A universe of security knowledge dark to your defenses

20. 20 IBM Security20 IBM Security
The world’s first Cognitive
analytics solution using core
Watson technology to
understand, reason, and
learn about security topics
and threats
Watson for Cyber Security
Unlocking new possibilities

21. 21 IBM Security21 IBM Security
Teaching Watson the language of cyber security
BACKDOOR
BAD
ACTOR
VIRUS

22. 22 IBM Security22 IBM Security
Fast and accurate analysis to enhance security decision making
SECURITY ANALYST and WATSONSECURITY ANALYST
!!!
Enterprise
Security Analytics
Cognitive techniques to mimic human
intuition around advanced threats
Human
Generated
Security
Knowledge
HELPING THE ANALYST:
• Quickly make outside
data actionable
• Gain powerful
insights
• Uncover new trends
and patterns
• Analyze threats
with accuracy
• Save time
and resources

23. How could we
have prevented this?

24. 24 IBM Security24 IBM Security

25. ibm.com/security
securityintelligence.com
xforce.ibmcloud.com
@ibmsecurity
youtube/user/ibmsecuritysolutions
© Copyright IBM Corporation 2016. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind,
express or implied. Any statement of direction represents IBM's current intent, is subject to change or withdrawal, and represent only goals and objectives. IBM, the IBM logo, and other IBM products
and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service
marks of others.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your
enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others.
No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems,
products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products
or services to be most effective. IBM does not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party.
FOLLOW US ON:
THANK YOU
ibm.com/security
@ibmsecurity
youtube/user/ibmsecuritysolutions
© Copyright IBM Corporation 2016. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind,
express or implied. Any statement of direction represents IBM's current intent, is subject to change or withdrawal, and represent only goals and objectives. IBM, the IBM logo, and other IBM products
and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service
marks of others.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your
enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others.
No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems,
products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products
or services to be most effective. IBM does not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party.
FOLLOW US ON:
THANK YOU