Smarter Cyber Security

© 2015 IBM Corporation

Cyber Security, Cyber Crime . .

. . and the meteoric rise in the usage of smartphones and social media

V2, 21 May 15

John Palfreyman, IBM

© 2015 IBM Corporation 2

1. Cyber Security & Cyber Crime in Context

2. Technology & Business Landscape

3. A Smarter Approach

4. Future : Safer through Data / Analytics

Agenda


Cyber Security – IBM Definition

Cyber Security /–n 1. the protection of an organisation and its assets from electronic attack to minimise the risk of business disruption.


Cyber Security - Expanded

Hacking

Malware

Botnets

Denial of Service

Trojans

Cyber-dependent crimes

Source : UK Home Office – Cyber Crime: a review of the evidence Oct 13


Cyber Crime

Hacking

Malware

Botnets

Denial of Service

Trojans

Cyber-dependent crime

Fraud

Bullying

Theft

Sexual Offences

Trafficking

Drugs

Cyber-enabled crime

Source : UK Home Office – Cyber Crime: a review of the evidence Oct 13


Cyber Threat

M O

T I

V A

T I

O N

S O P H I S T I C A T I O N

National Security, Economic Espionage

Notoriety, Activism, Defamation

HacktivistsLulzsec, Anonymous

Monetary Gain

Organized crimeZeus, ZeroAccess, Blackhole Exploit Pack

Nuisance,Curiosity

Insiders, Spammers, Script-kiddiesNigerian 419 Scams, Code Red

Nation-state actors, APTsStuxnet, Aurora, APT-1


A new type of threat

Attacker genericMalware / Hacking / DDoS

IT Infrastructure

Traditional

Advanced PersistentThreat

Critical data /infrastructure

Attacker

!!


Technology & Business Landscape

New opportunities for cyber crime!


Smarter Planet

Instrumented – Interconnected - Intelligent


Systems of Engagement

Mobile SocialCloud

Big Data / Analytics

BUSINESS VALUE


The Millennial Generation

EXPECT . . .

to embrace technology for improved productivity and simplicity in their personal lives

tools that seem made for and by them

freedom of choice, embracing change and innovation

INNOVATE . . .

•Actively involve a large user population

•Work at Internet Scale and Speed

•Discover the points of value via iteration

•Engage the Millennial generation


Smart Phones (& Tablets) . . .

12

Used in the same way as a personal computer

Ever increasing functionality (app store culture) . . .

. . . and often more accessible architectures

Offer “anywhere” banking, social media, e-mail . . .

Include non-PC (!) features Context, MMS, TXT

Harder to defend?

Bring Your Own Device Expected


Social Media – Lifestyle Centric Computing

13www.theconversationprism.com

Different Channels

Web centric

Conversational

Personal

Open

Explosive growth


A Smarter Approach

to countering cyber crime


Balance

Technical Mitigation

Better firewalls

Improved anti-virus

Advanced Crypto

People Mitigation

Leadership

Education

Culture

Process


Securing a Mobile Device

DEVICE

•Enrolment & access control

•Security Policy enforcement

•Secure data container

•Remote wipe

TRANSACTION

•Allow transactions on individual basis

•Device monitoring & event detection

•Sever risk engine – allow, restrict, flag for

review

APPLICATION

•Endpoint management – software

•Application: secure by design

•Application scanning for vulnerabilities

ACCESS

•Enforce access policies

•Approved devices and users

•Context aware authorisation16


Secure, Social Business

17

LEADERSHIP

•More senior, most impact

•Important to leader, important to all

•Setting “tone” for culture

CULTURE

•Everyone knows importance AND risk

•Full but SAFE usage

•Mentoring

PROCESS

•What’s allowed, what’s not

•Internal & external usage

•Smart, real time black listing

EDUCATION

•Online education (benefits, risks)

•Annual recertification

•For all, at all levels


Future : Safer through Data / Analytics

Getting ahead of demand . . .


Near Daily Leaks of Sensitive Data

40% increase in reported data

breaches and incidents

Relentless Use of Multiple Methods

500,000,000+ records were leaked, while the future

shows no sign of change

2011 2012 2013

Note: Size of circle estimates relative impact of incident in terms of cost to business.

SQL injection Spear phishing

DDoS Third-party software

Physical access

Malware XSS Watering hole Undisclosed

Attack types

Source: IBM X-Force Threat Intelligence Quarterly – 1Q 2014

Continuous Attack


Future Security

Monitor& Distill

Correlate & Predict

Adapt &Pre-empt

Correlate events

Predict risk

Business impact

Defense strategies

Cognitive Planning

Active

In-device

Near Field

Passive

Contextual Insights

Adaptive Response

Controls Management Agents Active

Security 3.0


1. Many Similarities – Cyber Crime vs Security – Threat Sophistication

2. Social Business & Mobile offer transformational value

3. New vulnerabilities need to be understood to be mitigated

4. Mitigation - balanced, risk management based and “designed in”

5. Future safety demands smarter use of data

Summary


Questions?

John Palfreyman, IBM

[email protected]