1 #SmarterBiz

Big Data SecurityDon’t Risk it: Gain Trust Worthy Insights with Enterprise Risk Governance

Chris Mallon,Software Business Executive, IBM Canada Middleware Group

chris@ca.ibm.com

2 #SmarterBiz

A new security reality is here

61%

data theft and cybercrimeare their greatest threats2012 IBM Global Reputational Risk & IT Study

of organizations say

Average cost of adata breach

2014 Cost of Data Breach, Ponemon Institute

$3.5M

70%of security

executives have cloud and mobile security concerns2013 IBM CISO Survey

Mobile malware growthin just one year

2012 - 2013 Juniper Mobile Threat Report

614% security tools from

vendors

8545

IBM client example

83%of enterprises

have difficulty finding the security skills they need2012 ESG Research

3 #SmarterBiz

We are in an era of continuous breaches

Near Daily Leaks of Sensitive Data

40% increase in reported data

breaches and incidents

Relentless Use of Multiple Methods

500,000,000+ records were leaked, while the future

shows no sign of change

2011 2012 2013

Note: Size of circle estimates relative impact of incident in terms of cost to business.

SQL injection

Spear phishing

DDoS Third-party software

Physical access

Malware XSS Watering hole

Undisclosed

Attack types

Source: IBM X-Force

Threat Intelligence Quarterly – 1Q 2014

4 #SmarterBiz

Security is a board room discussion, and security leaders are more accountable than ever before

5 #SmarterBiz

ApplicationsSystems

ApplicationsWeb

Applications WEB 2.0 mobileApplications

DATACENTERS PCs LAPTOPS

InfrastructureCLOUDMOBILE NON-TRADITIONALMOBILE

Security challenges are a complex, four-dimensional puzzle…

PeopleEMPLOYEES ATTACKERS OUTSOURCERS SUPPLIERS

CONSULTANTS PARTNES CONSUMERS

Data STRUCTURED Unstructured AT REST IN MOTION

…a holistic approach is needed

CONSUMERS

IN MOTION

mobileApplications

MOBILE

EMPLOYEES

Unstructured

WEB 2.0

CLOUDPCs

OUTSOURCERS

STRUCTURED

SystemsApplications

6 #SmarterBiz

IBM Security strategy• Delivering intelligence, integration and expertise across a comprehensive framework

Advanced threats

Cloud

Mobile

Compliance

Skills shortage

The IBM Security Framework

Security mega trendsCISO’s changing role

7 #SmarterBiz

Security and Compliance Concerns in Big Data Environments

Structured

Unstructured

Streaming

Massive volume of structured data movement• 2.38 TB / Hour load to data warehouse• High-volume load to Hadoop file system

Ingest unstructured data

Integrate streaming data sources

Big Data Platform

Hadoop Cluster

Clients

•Who is running big data requests?

•How is privacy protected?

•Is there an exceptional number of file permission exceptions?

•Are these jobs part of an authorized program list accessing the data?

•Has some new query application been developed that you were previously unaware existed?

8 #SmarterBiz

Data Security• Discover and harden your most valuable assets while enabling access

CLIENT SUCCESS

Identify andClassify Data

RecordEvents

AssessVulnerabilities

ProtectSensitive Data

MonitorPrivileged Users

A global financial services companysecured

2,000 critical databases

and saved

$21Min compliance costs

Protect data at rest,in motion, and in use

IBM Security Solutions

• Guardium DatabaseActivity Monitoring 

• Guardium Encryption Expert

• Guardium / OptimData Masking

• Key Lifecycle Manager

9 #SmarterBiz

Secure and Protect Enterprise Data with the InfoSphere Platform InfoSphere Guardium

InfoSphere Optim

InfoSphere Identity Insight

InfoSphere Business Glossary

InfoSphere Discovery

Holistic Scalable Integrated

Reduce the cost of compliance

Prevent data breaches

Ensure data integrity

The Difference

Completely protects across diverse data environments and types, including big data

Scales across small and large heterogeneous enterprises

Delivers both processes and technologies

Customer streamlines testing and protects test data saving $240K/year in administrative costs

Monitoring database activity protects data and provides 239% ROI

Customer saves $1M per month by preventing fraud

© 2014 IBM Corporation

IBM Security

10 10

Saves $1.5M per year on storage costs and reduces compliance costs by $20M

• Eliminated native audit trails

• Developed compensating control for encryption

• Changed the culture – new awareness of data security

• Established new processes to investigate insider threats

• Monitored 2000 database instances from single, centralize location

Major global bank

11 #SmarterBiz

IBM Use

IBM InfoSphere Guardium• Guardium presently monitors a subset of

IBM’s internal applications. The focus of our Guardium deployments is on Sarbanes-Oxley regulatory controlled data, and the primary benefit being derived is privileged user activity monitoring. Internal use of Guardium is set to expand in 2013/2014.

IBM Key Lifecycle Manager• IBM HR has been using its Key Lifecycle

Manager product for 6 years, to manage the keys for tape encryption. They are a public reference for this product.

11

Examples of IBM Internal Use of the IBM Security portfolio

Identify andClassify Data

RecordEvents

AssessVulnerabilities

ProtectSensitive Data

MonitorPrivileged Users

Protect data at rest,in motion, and in use

IBM Security Solutions

• Guardium DatabaseActivity Monitoring 

• Guardium Encryption Expert

• Guardium / OptimData Masking

• Key Lifecycle Manager

12 #SmarterBiz

IBM Security market-changing milestones

Mainframeand server

security

SOA management and security

Network intrusion prevention

Access management

Application securityRisk management Data management

1976

1999

2006

2007

2008

2009

2010

2005

2013

2002

Identity managementDirectory integration

2011

2012

Enterprisesingle-

sign-on

Database monitoring and protection

Applicationsecurity

Endpoint managementand securityInformation

and analyticsmanagement

Securityintelligence

Secure mobile management

Advanced fraud protection

• 6,000+ IBM Security experts worldwide

• 3,000+ IBM security patents

• 4,000+ IBM managed security services clients worldwide

• 25 IBM Security labs worldwide

IBM Securityis created

13 #SmarterBiz

IBM Security• Integrated capabilities delivered across a comprehensive security framework

QRadar

Trusteer

Identity and Access Management

InfoSphere Guardium

AppScan

Network andEndpoint Protection

IBM X-ForceMonitor and evaluate today’s threats

Detect, analyze, and prioritize threats

Reduce fraud and malware

Manage users and their access

Discover and harden valuable assets

Secure critical business applications

Protect infrastructure against attacks

The IBM Security Framework

14 #SmarterBiz

IBM Security latest industry rankings

15 #SmarterBiz

At IBM, the world is our security lab

16 #SmarterBiz

IBM X-Force® Research and DevelopmentExpert analysis and data sharing on the global threat landscape

The IBM X-Force Mission Monitor and evaluate the rapidly changing threat landscape

Research new attack techniques and develop protection for tomorrow’s security challenges

Educate our customers and the general public

Integrate and distribute Threat Protection and Intelligence to make IBM solutions smarter

VulnerabilityProtection

IPReputation

Anti-Spam

MalwareAnalysis

WebApplication

Control

URL / WebFiltering

Zero-dayResearchZero-dayResearch

17 #SmarterBiz

IBM Security: Delivering intelligence, integration and expertise across a comprehensive framework

Intelligence

Integration

Expertise

18 #SmarterBiz

Potential next steps

Schedule a Client Value Engagement (CVE) at no cost to you• Business and IT: Narrow the communication gap• Easy to follow programmatic client-centric approach – determine possible benefits from solution• Fast time to completion: Less than 2 weeks – deliverables easy to follow and understand

Visit a lab for a deeper dive with our Product Managers and R&D teams• In-depth technical discussions & product demonstrations• Product roadmap discussions; get the latest on innovations and research• Collaborate with our best experts on your problems and potential solutions

Visit the web for more about InfoSphere solutions • Understanding and selecting data masking solutions• Understanding encryption requirements of PCI DSS• Managing compliance to protect enterprise data• Top tips for security big data environments• Three guiding principals to improve data security• Gartner Magic Quadrant Data Masking Technology

19 #SmarterBiz

www.ibm.com/security

© Copyright IBM Corporation 2014. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.

Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.

20 #SmarterBiz