Upload
john-palfreyman
View
292
Download
0
Tags:
Embed Size (px)
Citation preview
© 2015 IBM Corporation
Agenda
2
Systems of Engagement
Cyber Security Implications
Cyber Security Risk Mitigation
Future Perspective
© 2015 IBM Corporation
Cloud
Drivers
Mission speed and agility
New business models – alternatives to escalating CAPEX
Sample Use Cases
Back office functions (HR, CRM, SCM) as a service
Predictive and analytics functions (e.g. for smart procurement) as a service
4
© 2015 IBM Corporation
Mobile
Drivers
Inherently mobile operations
Business agility and flexibility
Rate of change of technology
Sample Use Cases
Mobile information capture, with
workflow management
Education where & when needed
Case advice to social workers
5
© 2015 IBM Corporation
Big Data / Analytics
Drivers
Masses of sensor data available
Need for intelligence to help
make government / industry
“smarter”
Increasing proportion of
“unreliable” data
Sample Use Cases
Analysis of citizen group
sentiment & need based on their
Social Media usage
Sensor data processing for traffic
& utility prediction
Predictive policing operations
based on historical mission data
analysis & sensor data
6
© 2015 IBM Corporation
Social Business
Drivers
Use of Social Channels by
clients / citizens / bad guys
New recruitment approach –
drive to attract “the best!”
Personnel rotation &
retirement
Sample Use Cases
Citizen (/consumer) sentiment
analysis
Terrorism detection,
investigation & prevention
Knowledge capture and
dissemination
Recruitment, rapid onboarding
& retention of key staff7
© 2015 IBM Corporation
Systems of Engagement
8
Collaborative
Interaction oriented
User centric
Unpredictable
Dynamic
Social
Business
Mobile
Big Data /
AnalyticsCloud
© 2015 IBM Corporation
Case Study – Major European Air Force
Business Challenge
• Support Organisational Transformation
• HQ Task Distribution
• Senior Staff demanding Mobile Access
IBM Solution
• IBM Connections (including Mobile App)
• MS Sharepoint Integration (Doc
Management)
• MaaS 360 based Tablet Security
Benefits
• Improved work efficiency
• Consistent & timely information access
• Secure MODERN tablet
9
© 2015 IBM Corporation
Section Summary
10
1. Cloud, Big Data / Analytics, Social Business & Mobile are all relevant
to, and increasingly used by Industry & Government
2. Most value accrues at the points of intersection = Systems of
Engagement
3. Systems of Engagement can underpin organisational transformation,
enhancing intelligence-led business
© 2015 IBM Corporation
Agenda
11
Systems of Engagement
Cyber Security Implications
Cyber Security Risk Mitigation
Future Perspective
© 2015 IBM Corporation
IBM’s Definition . . .
Cyber Security /–n 1. the protection of an
organisation and its assets from electronic attack
to minimise the risk of business disruption.
12
© 2015 IBM Corporation
The Millennial Generation . . .
13
Expect:
to embrace technology for
improved productivity and
simplicity in their personal lives
tools that seem
made for and by them
freedom of choice, embracing
change and innovation
Innovate in a new way:
Actively involve a large user population
Work at Internet Scale and Speed
Discover the points of value via iteration
Engage the Millennial generation
© 2015 IBM Corporation
Smart Phones (& Tablets) . . .
14
Used in the same way as a personal computer
Ever increasing functionality (app store culture) . . .
. . . and more accessible architectures
Offer “anywhere” banking, social media, e-mail . . .
Include non-PC (!) features Context, MMS, TXT
Emergence of authentication devices
© 2015 IBM Corporation
. . . are harder to defend . . .
15
Anti-virus software missing, or
inadequate
Encryption / decryption drains the
battery
Battery life is always a challenge
Most users disable security features
Stolen or “found” devices information
– and very easy to loose
Malware, mobile spyware, account
impersonation
Need to extend password, encryption
policies
Extends set of attack vectors
© 2015 IBM Corporation
. . . and now mainstream.
16
Bring-your-own device expected
Securing corporate data
Additional complexities
Purpose-specific endpoints
Device Management
© 2015 IBM Corporation
Social Media – Lifestyle Centric Computing
17 www.theconversationprism.com
Different Channels
Web centric
Conversational
Personal
Open
Explosive growth
© 2015 IBM Corporation
Social Business – Relevance for (e.g) Defence
18
Driver How social business can help . . .
Coalition operations the
norm
Find and connect with experts other coalition members
Demonstrate clear coalition value to stakeholders
Budgetary pressures Improved efficiencies through use of social media
platform
Develop critical skills by virtual training
Ever more complex
missions
Tap into mission expertise and lessons learnt
Use jams, blogs & wikis to solve problems
Cyber security threat Secure hosted social media platform
Analysis of threat social media activity
Technology driven
change
Promote technology usage through blogs, jams
Information & education on mission value of technology
Unknown asymmetric
threat
Supplement intelligence on threat by monitoring social
media usage
Collaborate cross department on specific threats
© 2015 IBM Corporation
Internal Amnesia, External Ignorance – Case Study
19
Client’s Challenges• Silo’d Organisation• Lack of Consistent Methodology• External Ignorance• Internal AmnesiaMonitor bad guys • Early Warning of events / incident• Information to CommanderAlternatives to• Workflow Centric Analysis• Traditional Intelligence SourcesIBM Solution• IBM Connections• Analysis Software• GBS Integration & Configuration
© 2015 IBM Corporation
Social Media - Special Security Challenges
Too much information
Online impersonation
Trust / Social
Engineering / PSYOP
Targeting
20
Source: Digital Shadows, Sophos, Facebook
© 2015 IBM Corporation
Section Summary
21
1. Social Business and Mobile are underpinning organisational
transformation
2. Millennial Generation expect technologies in the workplace
3. Introduce new vulnerabilities – understand to contain
© 2015 IBM Corporation
Agenda
22
Systems of Engagement
Cyber Security Implications
Cyber Security Risk Mitigation
Future Perspective
© 2015 IBM Corporation
Balance
Technical Mitigation
Better firewalls
Improved anti-virus
Advanced Crypto
23
People Mitigation
Leadership
Education
Culture
Process
© 2015 IBM Corporation
Risk Management Approach
24
Monitor threats
Understand (your) systems
Assess Impact & Probability
Design containment mechanisms
Don’t expect perfect defences
Containment & quarantine planning
Learn & improve
Maturity-based approach
Proactive
Au
tom
ate
dM
an
ua
l
Reactive
© 2015 IBM Corporation
Securing a Mobile Device
Device Security
• Enrolment & access control
• Security Policy enforcement
• Secure data container
• Remote wipe
Transaction Security
• Allow transactions on individual basis
• Device monitoring & event detection
• Sever based risk engine – allow,
restrict, flag for review
Software & Application
• Endpoint management – software
• Application: secure by design
• Application scanning for vulnerabilities
Access Control
• Enforce access policies
• Approved devices and users
• Context aware authorisation
25
© 2015 IBM Corporation
Secure, Social Business
26
Leadership
• More senior, most impact
• Important to leader, important to all
• Setting “tone” for culture
Culture
• Everyone knows importance AND risk
• Full but SAFEusage
• Mentoring
Process
• What’s allowed, what’s not
• Internal & external usage
• Smart, real time black listing
Education
• Online education (benefits, risks)
• Annual recertification
• For all, at all levels
© 2015 IBM Corporation
Security Intelligence > Smart Analysis of too much data!
* Truthfulness, accuracy or precision, correctness
Volume Velocity Veracity*Variety
Data at Rest
Terabytes to exabytes of
existing data to process
Data in Motion
Streaming data, milliseconds to
seconds to respond
Data in Many Forms
Structured, unstructured, text,
multimedia
Data in Doubt
Uncertainty due to data inconsistency& incompleteness,
ambiguities, latency, deception, model approximations
© 2015 IBM Corporation
Data ingest
Insights
IBM Security QRadar
• Hadoop-based• Enterprise-grade• Any data / volume• Data mining• Ad hoc analytics
• Data collection and enrichment
• Event correlation• Real-time analytics• Offense prioritization
Big Data Platform
Custom AnalyticsAdvanced Threat Detection
Traditional data sources
IBM InfoSphere BigInsights
Non-traditional
Security Intelligence Platform
Integrated Approach
© 2015 IBM Corporation
Section Summary
29
1. Containment is possible with correct approach
2. Need for a business / mission based (not technology) viewpoint
3. Holistic, balanced, risk centric approach
© 2015 IBM Corporation
Agenda
30
Systems of Engagement
Cyber Security Implications
Cyber Security Risk Mitigation
Future Perspective
© 2015 IBM Corporation
Generation 3 Cloud Challenges . . .
32
Static, Perimeter Controls
Cloud 1.0 Cloud 2.0
Cloud 3.0
Static Perimeter controls
Reactive, Defence in Depth
Adaptive, Contextual Security
Attackers exploit platform shifts to launch new attacks on
high value workloads and
data
Challenge 1 Challenge 2 Challenge 3
Fragmented and complex security controls
Sophisticated threats and attackers
Increased attack surface due to agile and composablesystems
© 2015 IBM Corporation
Contextual, Adaptive Security
33
Monitorand Distill
Correlate and Predict
Adapt and Pre-empt
Security 3.0
Risk Prediction and Defence Planning
Encompassing event correlation, risk prediction,
business impact assessment and defensive
strategy formulation
Multi-level monitoring &big data analytics
Ranging from Active, in device to passive monitoring
Adaptive and optimized response
Adapt network architecture, access protocols / privileges to maximize attacker
workload
© 2014 IBM Corporation
Cyber Security – Fitness for Purpose?
1. Are you ready to respond to a security incident and
quickly remediate?
2. Do you have the visibility and analytics needed to
monitor threats?
3. Do you know where your corporate crown jewels are
and are they adequately protected?
4. Can you manage your endpoints from servers to
mobile devices and control network access?
5. Do you build security in and continuously test all
critical web/mobile applications?
6. Can you automatically manage and limit the
identities and access of your employees, partners
and vendors to your enterprise?
7. Do you have a risk aware culture and management
system that can ensure compliance?
34
Maturity-based approach
Proactive
Au
tom
ate
dM
an
ua
l
Reactive
© 2014 IBM Corporation
Section Summary
35
1. Systems of Insight further extend business / mission value
2. Delivered on (secure) “generation 3” Cloud
3. Cyber Security must be designed in, evolving
© 2014 IBM Corporation
Summary
36
1. Systems of Engagement (& Insight) help organisations transform,
maintain information advantage
2. Social Business & Mobile drive much value, but new vulnerabilities
need to be understood to be mitigated
3. Cyber security approach needs to be balanced, risk management
based and “designed in”.