IBM Canada R&D Centre - YSBEC...security skills they need tools from vendors 85 45 IBM client example 70% of security exec’s are concerned about cloud and mobile security Mobile

© 2014 IBM Corporation

IBM Canada R&D Centre

and the

Southern Ontario Smart Computing and Innovation Platform ( SOSCIP )

+ Cyber Security

IBM CONFIDENTIAL0


IBM Canada At-a-Glance

Established in 1917

$550M+ in R&D in 2013

Major Market S&D Country: Bromont &

Markham volumes– $2.1B in imports in 2013 / $2.2B in exports in 2013

Ranked #1 Best Corporate Citizen by

Corporate Knights’ in 2010

Ranked Top 5 Most Attractive Employer in

Canada by Randstad in 2011 / 2012 / 2013 /

2014!!!

Certified PAR Gold for Progressive Aboriginal

Relations by the Canadian Council for Aboriginal

Relations for past 5 years

210,000+ hours pledged by IBM Canada

Employees for Charity

$500M new investments in 2012, including R&D

& Canadian Cloud Computing Centre

Canada is home to IBM’s 2nd largest Software

Development Org– Toronto / Ottawa (Cognos) SW Labs largest

locations

– 10 additional Satellite Labs including Montreal and

Victoria

World-class high-tech manufacturing, Bromont,

Que.

National business and technology consulting

expertise– Pacific Development Centre, Burnaby

– Customer Solution Centre, Markham



Mobile

Social

Cloud

Internet of Things

The Challenge: Complexity is growing


2010

Vo

lum

e in

Exa

byte

s

9000

8000

7000

6000

5000

4000

3000

2015

Percentage of

uncertain data

Pe

rce

nt o

f un

ce

rtain

da

ta

100

80

60

40

20

0

Sensors & Devices

VoIP

Enterprise Data

Social Media

We are

here


The “Big Vs” of Big Data

Volume

Terabytes to exabytes of existing data to process

Velocity

Streaming data, milliseconds to seconds to respond

Variety

Structured, unstructured, text & multimedia

Veracity

Uncertainty from inconsistency, ambiguities, etc.

Vulnerability

Protecting the privacy and integrity of the data


Skill Needs in the MarketplaceWhat are we hearing from our customers and others?

Analytics

The United States faces a shortage of 140,000 to 190,000 people with analytical expertise

The U.S. Department of Labor forecasts that the number of analytics-based jobs will grow by more than 20 percent between now and 2018

40% of organizations report a skills shortage in the ability to manage information

Sources: IBM Tech Trends report, McKinsey & Company, CompTIA, Enterprise Strategy Group, Dept of Labor


Explosion of data:

Harness big data to gain insight and develop new offerings

… your students could harness this explosion of dataand use analytics to gain insight and predict outcomes for smarter business— in any environment?

What if…

You could increase customer value with every interaction?

You could anticipate and shape the impact of financial decisions?

You could prevent and minimize losses

stemming from fraud?

What if… What if… What if…


1. Bolster skills and economic development through a ground-breaking collaborative research model focused on important aspects of Canadian society/economics

2. Provide researchers with support and access to a unique High Performance Computing (HPC) platform to expand and accelerate research scope and outcomes

3. Accelerate commercialization of “Made in Canada” new solutions and services, leveraging small-med sized businesses and industry partnerships

- Announced April 10, 2012 …. $210M investment commitment

Cities Agile Computing

Water

Collaborative Research for Smarter Planet and Agile Computing

8

IBM Canada R&D Centre and SOSCIP Consortium

EnergyHealth


High Performance Computing and Big Data

Collaboration with focus on Research Outcomes

Governance and Cross Team Support

AcademicLeaders

IBM

Simulate Real World Complex system modeling Fast design and prototypingReal time analysis/response

Agile ComputingResearch

Advanced Analytics

Cloud

Canada’s #1

Supercomputer

9

Small-MedEnterprises

ResearchOutcomesResearch

DeliveryFramework

Board of DirectorsScientific Advisory CommitteeAgreements and FrameworksCross Team Collaboration

SOSCIP Assets


Institution #Projects

McMaster University 3

University of Ottawa 3

Queen’s University 4

University of Ontario 3

University of Toronto 13

University of Waterloo 6

Western University (1 IBM lead Mining) 9

Carleton University (IBM Lead) 1

TOTAL 42

Focus Area #Project

Health 18

Energy (* new Mining) 8

Water 5

Cities 4

Agile 7 +6 multi = 13

Platform #Project

Blue Gene Q 18

Cloud 17

Agile 13

Multi-Platform 6 (1 non SOSCIP)

Phase Focus #Project SME

Phase1 FastStart 7 30%

Phase2 Academic-led 18 70%

Phase3 Industry and

Academic-led

17 78%

10

SOSCIP Projects Progress and Update – 2 Years

* 2 projects deferred pending Sustainability plan + resources

SOSCIP Project Examples

Institution Project SummaryFocusArea

REAL TIME ANALYSIS OF HUMAN BRAIN NETWORKS

Apply stream analytics to functional MRI data to analyze brain activity in near real time to improve patient experience and reduce medical costs and timelines.

SMART METER DATA ANALYTICS

Develop software for small/medium enterprises which will help to identify smart ways to reduce energy consumption.

WATER QUALITY MONITORING

Create a low-cost, easy-to-use, real-time sensor system for water quality monitoring, including biological and chemical contamination detection.

SMART URBAN SYSTEM DESIGN

Research into transportation and urban activity systems in major cities, improving the decision-making ability of urban planning designers.

MAKING CLOUD MORE SECURE

Improve the security of cloud environments by developing defense mechanisms that audit and fix configuration-related vulnerabilities.

PREDICTING LEUKEMIA INHIBITORS (Business Led)

Develop a tool that simulates molecular behaviour to accelerate the selection of drugs for the treatment of leukemia.


Artemis

1 in 14 babies are born prematurely in Canada.

Approx 17% of babies born in Canada require some form of special care.

Premature babies can be up to 17 weeks early and weigh only 450g.

They can spend 3-4 months in NICU.

Similar conditions apply elsewhere around the world.

Multiple devices are attached to the baby or humidicrib.

Medical devices output via serial port in a range of formats.

Indicative readings are recorded on paper every 30 or 60 minutes.

Cost of care per baby is approx $100-150K not including morbidity related care

He

alt

h

En

erg

y

Wa

ter

Ag

ile

Cit

ies


SOSCIP Program Commitments and Results

42 projects announced/approved

30+ SME’s engaged (OCE integral)

Three world-class Cloud/HPC platforms installed,

in use and fully supported

Exceeding aggregated jobs commitment

Exceeding $ investment commitment

Sustainability Plan developed and approved to

2018 with additional focal areas and expanded

membership

Short and longer term priorities are:

– New phase for Sustainability

• including new models (client, industry,

pilots)

• Expand focal areas and members

– Execute commercialization strategy

– Expand skills focus to drive new curriculum

and scale

– Model replication and stakeholder

collaboration

Commit to a

path of

constant and

continuous

transformation

Cultivate public

and private

partnerships

Convert Big

Data into

solutions using

analytics with

real-world

benefits


SOSCIP Phase 2 Opportunities

4 New Members announced: York U, Ryerson, Carlton, Laurier (soon others

including Seneca College)

4 New Areas of focus added:

– Digital Media

– Advanced Manufacturing

– Mining

– Cyber Security * (attached view)

_________________________________________________________

Linkage with other Innovation Partnerships

– Nova Scotia Analytics Consortium

– C2MI – Quebec Microelectronics

– Ocean Networks – BC Analytics

– Memorial University – Healthcare analytics

…… more to come


IBM Security Systems

15 IBM Security Systems © 2013 IBM Corporation

Cyber SecurityProtecting your data from cyber attack

Oct 2014


Bring your own IT

Social business

Cloud and virtualization

1 billion mobile workers

1 trillion connected

objects

Innovative technology changes everything


Motivations and sophistication are rapidly evolving

National

Security

Nation-state actorsStuxnet

Espionage,

Activism

Competitors and HacktivistsAurora

Monetary

Gain

Organized crimeZeus

Revenge,

Curiosity

Insiders and Script-kiddiesCode Red


IBM has tracked a massive rise in advanced and other attacks

2012 Sampling of Security Incidents by Attack Type, Time and ImpactConjecture of relative breach impact is based on publicly disclosed information regarding leaked records and financial losses


1. Number of Attacks have increased Significantly

2. Sophistication of attacks have become more complex

3. Lack of IT Security skills in the industry contributing to security risks

IT Security threats come from many sources and in many ways.


83%

of enterpriseshave difficulty finding the security skills they need

tools from

vendors

8545

IBM client example

70%

of security exec’sare concerned about

cloud and mobile security

Mobile malware grew

155%in 2011

614%

from March 2012 to March 2013

in one year

61%

Data theft and cybercrimeare the greatest threatsto their reputation

of organizations say

Average U.S.

breach cost

$7million+2013 Cost of Cyber Crime Study

Ponemon Institute 2013 Juniper Mobile Threat Report

2012 IBM Global Reputational Risk & IT Study 2013 IBM CISO Survey 2012 ESG Research

The changing IT Security landscape 2014


Security challenges are a complex, four-dimensional puzzle …

… that requires a new approach

ApplicationsWeb

ApplicationsSystems

ApplicationsWeb 2.0 Mobile

Applications

Infrastructure

Datacenters PCs Laptops Mobile Cloud Non-traditional

Data At rest In motionUnstructuredStructured

PeopleHackers Suppliers

Consultants Terrorists

Employees Outsourcers

Customers

Employees

Unstructured

Web 2.0Systems Applications

Outsourcers

Structured In motion

Customers

Mobile

Applications


Attackers are using sophisticated techniques to bypass defenses

“Advanced Persistent Threat” is the approach

often used by State-Sponsored Entities

Source: IBM X-Force Research and Development


Attackers follow a 5-Stage attack chain

1

Break-inSpear phishing and remote

exploits to gain access

Command

& Control (CnC)

2

Latch-onMalware and backdoors

installed to establish a foothold

3

ExpandReconnaissance and

lateral movement to increase

access and maintain a presence

4Gather

Acquisition and aggregation

of confidential data

Command

& Control (CnC)

5

ExfiltrateData exfiltration to

external networks



IBM’s unique approach to security

Leader in security software and services – recognized by Gartner, Forrester and IDC

Solutions deployed at the largest banks, retailers, and government agencies worldwide

World class research that finds

threats before they impact you

Apply

Insight

Robust controls built into IT

fabric, relying on leading

IBM technologies across

12+ critical security domains

Control

MonitorBig data analytics

applied to security


Logs

Events Alerts

Configuration

information

System

audit trails

External

threat feeds

E-mail and

social activity

Network flows

and anomalies

Identity

context

Business

process data

Malware

information

Now: Intelligence

• Real-time monitoring

• Context-aware anomaly

detection

• Automated correlation and

analytics

Then: Collection

• Log collection

• Signature-based detection

Security intelligence

Traditional Security

Operations and

Technology

Big Data

Analytics


IBM’s approach to defending against attacks

Security Analytics

Leverage Security

Intelligence to

correlate and

analyze activity

across the entire

enterprise…

Extend with Big Data

capabilities for

analyzing

unstructured data…

Utilize Emergency

Response Services

for breach or for

assessment of risk

Break-in1Network and Endpoint Security Use adaptive

threat protection and endpoint management to

reduce risks and fend off attacks

Latch-on2Network Security Use SIEM and adaptive

threat protection to help identify and stop

attackers from gaining a foothold

Expand3Secure Users Leverage strong identity

management to enforce access policies and

monitor for suspicious behavior

Gather4Data Security Embed security deep into data

repositories with data activity monitoring; apply

fine-grained access controls

Exfiltrate5Network Security Proactively monitor network

traffic for common exfiltration tactics; block in

real-time


Security Intelligence: Integrating across IT silos

Extensive Data Sources

Deep Intelligence

Exceptionally Accurate and Actionable Insight+ =

JK

2012-0

4-2

6

High Priority Offenses

Event Correlation

Activity Baselining &

Anomaly Detection

Offense Identification

Database Activity

Servers & Hosts

User Activity

Vulnerability Info

Configuration Info

Security Devices

Network & Virtual Activity

Application Activity


Advanced Analytics: Leverage advanced analytics across all stages of the attack

Monitor everythingLogs, network traffic, user activity

Correlate intelligentlyConnect the dots of disparate activity

Detect anomaliesUnusual yet hidden behavior

Prioritize for actionAttack high-priority incidents


Collaborate: IBM teams monitor and analyze the latest threats

Coverage

20,000+ devices

under contract

3,700+ managed

clients worldwide

13B+ events

managed per day

133 monitored

countries (MSS)

1,000+ security

related patents

Depth

14B analyzed

web pages & images

40M spam &

phishing attacks

64K documented

vulnerabilities

Billions of intrusion

attempts daily

Millions of unique

malware samples


What to do if you have been breached

1. Call IBM Emergency Response Services (24x7):

2. Proactively assess risk and reduce future breach likelihood:

Key Features

24x7x365 Hotline for clients to call from anywhere worldwide for assistance if they believe they are experiencing an incident

Incident Case Managers who maintain calm, focus, and manage the incident and environment to completion and satisfaction

Advanced tools, expertise and scale for any platform, size client, and location worldwide

Globally collected intelligence applied to each engagement to improve outcomes and efficiencies

Unlimited emergency declarations

– Cyber Incident response training and simulated

exercises to determine level of preparedness

– Incident Response Program gap assessment

to ensure enterprise readiness and

responsiveness when an incident occurs

– Active Threat Assessment as a preemptive

service to determine weaknesses requiring

remediation

– X-Force threat analysis service is available

from IBM experts 24x7


Security

Intelligence,

Analytics &

GRC

People

Data

Applications

Infrastructure

Intelligent solutions provide the DNA to secure a Smarter Planet


Striving to improve the innovation scorecard in Canada

Feedback is very positive, emphasizing the importance of building collaborative

partnerships.

Creation of new partnership opportunities with:

Corporations, both large and small, that want to invest

and join the industry led innovation model.

Governments that want to broaden their partnerships

with new approaches and programs.

Universities/Colleges and Hospitals from across all

regions of Canada who want to expand their research.

New Companies being formed with leadership

analytics

Canada can lead by building foundational skills for the future.

Documents

IBM Canada R&D Centre - YSBEC...security skills they need tools from vendors 85 45 IBM client example 70% of security exec’s are concerned about cloud and mobile security Mobile