IBM Canada: Strategic Cloud Security

© 2014 IBM Corporation

IBM Security

1© 2014 IBM Corporation

IBM Security

Strategic Approach to Securing the

CloudSteven LeoBusiness Unit Executive

IBM Security [email protected]

2 © 2014 IBM Corporation

The evolving threat landscape and the IBM approach


IBM Security

3

Success in today’s dynamic, data driven global marketplace requires effective enterprise IT security management


IBM Security

4


IBM Security

5

2014: 25% more records leaked than 2013/ insane!

Source: IBM X-Force® Threat Intelligence Quarterly, 1Q 2015

$5.85M average cost

of a U.S. data breach

$201 average cost

per compromised U.S. record

Source: 2014 ‘Cost of Data Breach Study: Global Analysis’, Ponemon Institute


IBM Security

6

New technologies introduce new risks/

83%of enterprises have difficulty

finding the security skills they need2012 ESG Research

85 security tools from

45 vendorsIBM client example

� and traditional security practices are unsustainable

of security executives have

cloud and mobile concerns2013 IBM CISO Survey

70%mobile devicesIBM X-Force Threat Intelligence Quarterly 1Q 2015,

11.6MMobile malware is affecting


IBM Security

7

Security leaders are more accountable than ever before

Loss of market

share and

reputation

Legal exposure

Business

continuity

Audit failure

Fines and

enforcement

impact

Financial loss

Impact to data

and systems,

(confidentiality,

integrity and /

or availability)

Violation of

employee

privacy

Loss of

customer trust

Loss of brand

reputation

CEO CFO / COO CIO CHRO / CDO CMO

The Board and CEO demand a strategy

© 2014 IBM Corporation8

OUR APPROACH


IBM Security

9

IBM Security Strategy

MEGATRENDS

AdvancedThreats

Cloud Mobile / IoTCompliance and

PrivacySkills

Shortage

BUYERS

CISO CIO Line-of-Business

Deliver a broad portfolio of solutions differentiated

through their integration and innovation to address the latest trends

Support the CISO agenda1

Innovate around key trends2

Consulting and Managed Services Integrated Security Technologies

Security Intelligence and Operations Security Intelligence and Analytics

Strategy,Risk and Compliance

Cloud and Managed Services

Advanced Fraud Protection

Identity and Access

ManagementServices

Data andApplication

Security Services

Cybersecurity Assessment

and Response

Identity and

Access Mgmt

DataSecurity

Application Security

Network, Endpoint and

Mobile Security

Advanced Threat and Security Research

Lead in selected segments3


IBM Security

10

IBM helps protect against new, complex security challenges

Protect critical assets

Use context-aware controls to prevent unauthorized access and data loss

Optimize the security program

Use experts to modernize security, reduce complexity, and lower costs

Stop advanced threatsUse analytics and insights for smarter

and more integrated defense

Safeguard cloud and mobileUse IT transformation to build a new,

stronger security posture


IBM Security

11


IBM Security

12

IBM Security offers a comprehensive product portfolio

Security Intelligence and Operations (SIOC)

AdvancedFraud Protection

(CSAR)

Identity and Access Management (IAM)

Data Security (App & Data)

Application Security (App & Data)

Network, Mobile andEndpoint Protection

(Infrastructure)

• Trusteer Rapport

• Trusteer Pinpoint Malware Detection

• Trusteer Pinpoint ATO Detection

• Trusteer MobileRisk Engine

• Identity Governance

• Identity Manager

• Privileged IdentityManager

• Security Access Manager (for Weband Mobile)

• Federated Identity Manager

• Directory Integrator / Directory Server

• Guardium DatabaseActivity Monitoring

• Guardium DataEncryption

• Optim Data Privacy

• Key Lifecycle Manager

• AppScan Source

• AppScan Standard

• AppScan Enterprise

• DataPower Web Security Gateway

• Security PolicyManager

• Network Intrusion Prevention (GX)

• Next Generation Network Protection (XGS)

• SiteProtector Threat Management

• Trusteer Apex

• IBM MaaS360 (Fiberlink)

• Endpoint Manager

• zSecure

IBM X-Force® Research

• QRadar Log Manager

• QRadar Security Intelligence

• QRadar Risk Manager

• QRadar Vulnerability Manager

• QRadar Incident Forensics


IBM Security

13

IBM Security Services portfolio – External View

SIOC

Security Intelligence and Operations Consulting ***

CSAR

Cyber Security Assessment and Response

Data / App

Application and Data Security

IES

Infrastructure and Endpoint Security

SSRC

Security Strategy, Risk and Compliance

IAM

Identity and Access Management

Security Essentials and Maturity Consulting

Security Strategyand Planning

Security Architecture and Program Design

Critical Infrastructure Security Services

PCI Compliance Advisory Services

Security Framework and Risk Assessments

Integrated Account Security Management

Information Security Assessment (ISA)

Cloud Security Strategy

Security Operations Consulting

SIEM Design and Deploy

Managed SIEM

Security Intelligence Analyst

Hosted Security Event and Log Management

IBM X-Force Hosted

Threat Analysis

Service

Emergency Response Service

Incident Response Planning

Active Threat Assessment

Penetration Testing

Application Security Assessment

Application Source Code Security Assessment

Smart and Embedded Device Security

Identity and Access Strategy and Assessment

Managed Identity

Access Management Design and Deploy

Identity Governance and Administration, Design, and Deploy

Multi-factor Authentication Design and Deploy

Identity and Access Solution Migration

Cloud Identity

Critical Data Protection Program

Data Discovery and Classification

Data Security Strategy and Architecture

Encryption and DLP

Hosted Application Security Management

Firewall Management

Managed Protection Services (MPS)

Unified Threat Management

Intrusion Detection and Prevention System Management

Managed Web Defense

Secure Web Gateway Management

Hosted E-mail and Web Security

Hosted Vulnerability Management

Malware Defense Management

Deployment and Migration

Staff Augmentation Service

14 © 2014 IBM Corporation

Strategic Approach to Securing the Cloud


IBM Security

15

Cloud is rapidly transforming the enterprise

Infrastructure-as-a-Service (IaaS),

Platform-as-a-Service (PaaS), Software-

as-a-Service (SaaS)

External StakeholdersTraditional Enterprise IT

Public CloudPrivate Cloud

PaaSDevelopment services

SaaSBusinessapplications

IaaSInfrastructureservices

100+ IBM Offerings

HR,CRM, SCM

Data archive

App development

100+ IBM Offerings

Online website


IBM Security

16

Cloud Adoption Practices Priorities Survey 2015, Cloud Security Alliance CSA, All Rights Reserved.


IBM Security

17

At the same time, Cloud is an opportunity to transform security

Cloud- enhanced SecurityStandardized, automated,

customizable, and elastic

Traditional SecurityManual, static,

and reactive

Cloud security is an opportunity

to improve defenses and reduce risk


IBM Security

18

ProficientSecurity is layered into the IT

fabric and business operations.

To an extent – this is the state

customers wish to attain from

outsourcing to cloud

OptimizedOrganizations use predictive and

automated security analytics to drive

toward security intelligence.

This is the target state to which

customer cloud strategies must

evolve towards

BasicOrganizations

employ perimeter

protection, which

regulates access and

feeds manual

reporting

Optimizing security = minimize time and cost to respond to risk


IBM Security

19

Your approach to cloud security needs to be:

Comprehensive – spanning all aspects

of technology, process and people

Proactive – discover vulnerabilities and

strive to remediate and mitigate ahead of

the threat

Intelligent – driven by integrating security

data, threat intelligence and analysis

Robust – managed 24 x 7 by qualified

experts


IBM Security

20

Your strategy begins by assessing compliance and controls

SDLC, binary analysis, scanners,

webapp firewalls, transactional sec.

DLP, CMR, database activity

monitoring, encryption

GRC, IAM, VA/VM, patch

management, configuration

management, monitoring

NIDS/NIPS, firewalls, DPI, anti-

DDoS, QoS, DNSSEC, OAuth

Hardware & Software RoT & API’s

Host-based firewalls, HIDS/HIPS,

integrity & file/log management,

encryption, masking

Physical plant security, CCTV,

guards

� Firewalls

� Code review

� WAF

� Encryption

� Unique user IDs

� Anti-virus

� Monitoring/IDS/IPS

� Patch/vulnerability management

� Physical access control

� Two-factor authentication

Source: The Cloud Security Alliance

Example: PCI Compliance


IBM Security

21I

B

Security Controls IaaS PaaS SaaS IBM Security

Customer

Security Management: Governance, Risk and

Compliance

Security Monitoring, Threat Intelligence,

Response, Mitigation/Remediation

Application Security

Data/Information Protection

Perimeter Network Security

Cloud Operations: Availability, Continuity and

Recovery

Compute and Storage Security

Trusted Computing

Physical Security

Owns Fulfillment Shared or Partial Fulfillment No Fulfillment

Next, know your – and your provider’s – responsibilities at each cloud layer


IBM Security

22

Then, manage with analytics, intelligence and integrated solutions

MSS provides solutions to

help customer consolidate

threat monitoring across

multi-vendor, multi-cloud

and on-prem DCs

Global data centers

Data capture Analysis

Threat intelligence database

Unified threat dashboard (VSOC Portal)


IBM Security

23


IBM Security

24

IBM’s Managed Security Services map to each cloud layer and function

Software as a Service

� Application security testing and management

� Web Defense (Web App Firewall and DDoS Protection)

� Email and Content Security

Platform as a Service

� Identity and access management for cloud (Lighthouse)

� Data security (encryption and monitoring)

Infrastructure as a Service

� Firewall/Unified Threat Management and Monitoring

� Network intrusion detection & prevention

� Security event and log management

� Vulnerability scanning and management

� Host-based intrusion detection & prevention for servers

� Managed Security Information and Event Management

Available now

Em

erg

en

cy R

esp

on

se S

erv

ice

s (E

RS

) for S

oftla

ye

r


IBM Security

25

IBM SecurityIntelligence. Integration. Expertise.

133 countries where IBM delivers

managed security services

20 industry analyst reports rank

IBM Security as a LEADER

TOP 3 enterprise security software vendor in total revenue

10K clients protected including�

24 of the top 33 banks in Japan,

North America, and Australia

Learn more about IBM Security

Visit our website

IBM Security Website

Watch our videos

IBM Security YouTube Channel

Read new blog posts

SecurityIntelligence.com

Follow us on Twitter

@ibmsecurity


IBM Security

26

NEXT STEPS:

1. Visit me in the Social Hub/ Let’s Talk & Tweet #SmarterBiz

2. See our Security Representative in the Tech Showcase for detailed demonstrations

3. Please Sign up for MaaS360: http://www.maas360.com/

AppScan: http://www-03.ibm.com/software/products/en/appscan

4. For Additional Information

or type this URL into your browser: ibm.biz/sbs2015


IBM Security

27

www.ibm.com/security

© Copyright IBM Corporation 2014. All rights reserved. The information contained in these materials is provided for informational purposes

only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use

of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any

warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement

governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in

all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole

discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any

way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United

States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.

Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response

to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated

or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure

and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to

be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems,

products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE

MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.

Technology

IBM Canada: Strategic Cloud Security