IBM Security Strategy

1. IBM SECURITY STRATEGY INTEGRATED SECURITY FOR A NEW ERA

2. 2 IBM Security Today’s security drivers COMPLIANCE HUMAN ERROR SKILLS GAP ADVANCED ATTACKS INNOVATION

3. 3 IBM Security 2013 800+ Million records 2014 1+ Billion records 2015 Unprecedented Impact Attackers break through conventional safeguards every day $7M average cost of a U.S. data breachaverage time to identify data breach 201 days

4. 4 IBM Security Traditional security practices are unsustainable MILLION unfilled security positions by 20201.585security tools from 45vendors PERCENT of CEOs are reluctant to share incident information externally68

5. 5 IBM Security Imagine if you could… PROTECT against tomorrow’s risks, today

6. 6 IBM Security How do I get started when all I see is chaos? IP reputation Indicators of compromiseThreat sharing Firewalls Incident and threat management Virtual patching Sandboxing Network visibility Malware protection Antivirus Data access control Data monitoring Application security management Application scanning Access management Entitlements and roles Identity management Transaction protection Device management Content security Workload protection Cloud access security brokerAnomaly detection Log, flow, data analysis Vulnerability management Privileged identity management Incident response Criminal detection Fraud protection Endpoint patching and management

7. 7 IBM Security Threat Intelligence Security Analytics Cloud Identity and Access Data and Apps Mobile Advanced Fraud NetworkEndpoint Security Ecosystem An integrated and intelligent security immune system Criminal detection Fraud protection Workload protection Cloud access security broker Access management Entitlements and roles Privileged identity management Identity management Data access control Application security management Application scanning Data monitoring Device Management Transaction protection Content security Malware protection Antivirus Endpoint patching and management Virtual patching Firewalls Incident and threat management Sandboxing Network visibility Vulnerability management Incident response Log, flow, data analysis Anomaly detection Indicators of compromise IP reputation Threat sharing

8. 8 IBM Security SECURITY TRANSFORMATION SERVICES Management consulting | Systems integration | Managed security Threat Intelligence Security Analytics Cloud Identity and Access Data and Apps Mobile Advanced Fraud NetworkEndpoint Security Ecosystem IBM has the world’s broadest and deepest security portfolio App Exchange MaaS360 INFORMATION RISK AND PROTECTION Trusteer Mobile Trusteer Rapport AppScan Guardium Cloud Security Enforcer Privileged Identity Manager Identity Governance and Access Cloud Identity Service Key Manager zSecure Trusteer Pinpoint QRadar Vulnerability Manager Resilient Incident Response X-Force Exchange QRadar Incident Forensics SECURITY OPERATIONS AND RESPONSE BigFix Network Protection XGS QRadar SIEM QRadar Risk Manager

9. 9 IBM Security LEAD in strategic domains Security Transformation Services Management Consulting | Systems Integration | Managed Security Security Research and Threat Intelligence Security Operations and Response Information Risk and Protection IBM Security Strategy Cloud Security Mobile Security Identity Governance and Access Management Data Protection Application Security Advanced Fraud Prevention Incident Response Security Intelligence and Analytics Vulnerability and Patch Management Endpoint and Network Protection User Behavior Analytics SUPPORT the CISO agenda Cloud Mobile and Internet of Things Compliance Mandates Skills Shortage Advanced Threats Cloud CollaborationCognitive ACCELERATE with key innovation

10. 10 IBM Security IBM helps protect against new and complex security challenges Optimize your security program with skills to address modern day risks SECURITY TRANSFORMATION SERVICES Orchestrate your defenses throughout the entire attack lifecycle SECURITY OPERATIONS AND RESPONSE Keep your critical information protected while accelerating the business INFORMATION RISK AND PROTECTION

11. 11 IBM Security Enterprise security programs face harsh realities every day Top questions from leadership: Are we protected from the latest threats? Have we protected our most critical data? Do we have access to the right skill sets? Are we adapting to changing platforms? Are we operating at an appropriate maturity level for our industry? Are we communicating our risks clearly to our leaders and our board? Are we maximizing the value of our security investments?

12. 12 IBM Security Transform your security program Build strategy that accelerates new IT trends • BYoD, Cloud, Mobile, IoT • SaaS and Cloud based services Access the right skills • Advisors, responders, testers, analysts and engineers • 24x7x365 global expertise Build protected and connected systems • Increase productivity • Grant stakeholders access to the right data without introducing risk Optimize security programs • Modernize Identity and access, application development, privacy policies, data security • Manage and protect against latest threats Gain access to global threat intelligence • Greater control in real time with actionable insights • Improved visibility to manage the threat lifecycle Reduce complexity • Provide programmatic, automated and integrated outcomes • Consolidate point products to an integrated solution

13. 13 IBM Security With proven global expertise, IBM Security Transformation Services deploys and manages optimized security programs • Security Strategy, Risk and Compliance Automate governance, risk and compliance programs • Security Intelligence and Operations Build security operations and security fusion centers • Cyber Security Assessment and Response Establish robust security testing and incident management programs • Identity Governance and Management Modernize identity and access management for the cloud and mobile era • Data and Application Security Deploy robust critical data protection programs • Infrastructure and Endpoint Security Redefine infrastructure and endpoint solutions with secure software-defined networks SECURITY TRANSFORMATION SERVICES CEO CIO CISO CRO CCO CLO Security Strategy, Risk and Compliance Security Intelligence and Operations Cyber Security Assessment and Response Identity Governance and Management Data and Application Security Infrastructure and Endpoint Security Systems Integration Management Consulting Managed Security

14. 14 IBM Security Why IBM Security Transformation Services? Unparalleled Expertise Best-in-class Managed Security Services Integrated Approach • IBM X-Force® Exchange and Threat Research teams providing zero-day threat alerts to clients • Over 1400 employees serving 130+ countries, with a 95% retention rate • 35 billion security events analyzed daily across 4,500+ global clients • Access to a global network of skilled industry experts • Deep industry service delivery experience across numerous types of operations • Ability to lead and execute large, transformational projects • Integrated portfolio of security services and technology • Open ecosystem with 100+ technology partners and 30+ services partners • 800+ technical vendor and 150+ professional security certifications

16. 16 IBM Security Today’s attacks require a strategic security approach • Build multiple perimeters • Protect all systems • Use signature-based methods • Periodically scan for known threats • Shut down systems Tactical Approach Compliance-driven, reactionary Today’s Attacks • Assume constant compromise • Prioritize high-risk assets • Use behavioral-based methods • Continuously monitor activity • Gather, preserve, retrace evidence Strategic Approach Intelligent, orchestrated, automated Indiscriminate malware, spam and DDoS activity Advanced, persistent, organized, politically or financially motivated It takes power and precision to stop adversaries and unknown threats Yesterday’s Attacks

17. 17 IBM Security Continuously stop attacks and remediate vulnerabilities Upgrade your defenses with a coordinated platform to outthink threats • Disrupt malware and exploits • Discover and patch endpoints • Automatically fix vulnerabilities Respond to incidents quickly, with precision • Hunt for indicators using deep forensics • Orchestrate and automate incident response Discover unknown threats with advanced analytics • See attacks across the enterprise • Sense abnormal behaviors • Automatically prioritize threats RESPOND

18. 18 IBM Security IBM Security offers the industry’s first integrated, end-to-end Security Operations and Response Platform Security Operations and Incident Response Services Incident Response Endpoint and Network Protection Vulnerability and Patch Management User Behavior Analytics Security Intelligence and Analytics SECURITY OPERATIONS AND RESPONSE CEO CISOHR ITLEGAL IDS | NIPS | AV | DLP | FW | DBs | Apps | … Prevent, detect, and respond to threats with an intelligent, orchestrated, automated platform • IBM BigFix Find, fix, and secure endpoint threats and vulnerabilities • IBM Security Network Protection Prevent network exploits and limit malware communications • IBM QRadar Security Intelligence Use advanced analytics to discover and eliminate threats • IBM Resilient Incident Response Platform Generate response playbooks and coordinate activity • IBM X-Force Exchange Automatically update incident artifacts with threat intelligence • IBM Security Services Deliver operations consulting to help implement processes and response experts when something goes wrong

19. 19 IBM Security Why IBM Security Operations and Response? Cognitive Analytics Open Ecosystem Deep Threat Intelligence • IBM Security App Exchange provides access to apps from leading security partners • Out-of-the-box integrations for 500+ third-party security products • Open APIs allow for custom integrations and apps • QRadar Sense Analytics allows you to inspect events, flows, users, and more • Speed analysis with visuals, query, and auto-discovery across the platform • Get ready to augment your analysts with Watson for Cyber Security • IBM X-Force Exchange helps you stay ahead of the latest threats and attacks • Powered by the X-Force Research team and 700TB+ of threat data • Share data with a collaborative portal and STIX / TAXII standards

21. 21 IBM Security Data Applications Connectivity to more users, devices, and data than ever before Web Applications Systems Applications APIs Mobile Applications Infrastructure and Devices Datacenters PCs Mobile Cloud Services IoT On Premises Off PremisesUnstructuredStructured Users Auditors Suppliers Consultants Contractors Employees Partners Customers Systems Applications Partners Structured Laptops It’s time to expand from infrastructure to information-centric security Employees Unstructured APIs Off Premises Customers Mobile Applications

22. 22 IBM Security Protect your information, contain the risk Gain control • Govern all users and their privileges • Protect data usage across enterprise and cloud • Improve DevOps security • Secure mobile devices and apps Identify risks • Discover and classify business critical data and apps • Expose over privileges with identity analytics • Analyze cloud app usage and activity • Detect web fraud with real time alerts Safeguard interactions • Deploy adaptive access and web app protection • Federate to and from the cloud • Maintain data compliance and stop attacks • Secure mobile collaboration IDENTITY CLOUD FRAUD APP DATA MOBILE

23. 23 IBM Security IBM Security has the industry’s most comprehensive solution for Information Risk and Protection Keep your information protected while securely interacting with employees and consumers • IBM Cloud Security Deliver visibility, control and protection of cloud apps • IBM MaaS360 Mobile productivity and enterprise security without compromise • IBM Identity Governance and Access Management Govern and enforce context-based access to critical assets • IBM Guardium Protect crown jewels across the enterprise and cloud • IBM AppScan Scan and remediate vulnerabilities in modern applications • IBM Trusteer Stop financial and phishing fraud, and account takeovers • IBM Security Services Deliver governance, risk and compliance consulting, systems integration and managed security services LOB RISK AUDITCISO IT INFORMATION RISK AND PROTECTION Governance, Risk and Compliance Services Identity Governance and Access Management Cloud Security Mobile Security Application Security Data Protection Advanced Fraud Protection

24. 24 IBM Security Why IBM Information Risk and Protection? Risk-based Intelligence Multi-layer Integrations Designed for Cloud & Mobile • United controls to span employees, business partners and customers • Built with open standards to speed integration and interoperability • Cross segment integrations to protect against threats • Business focused analytics to make decisions and meet regulations • X-Force and Trusteer intelligence to stay ahead of the latest threats • Machine learning algorithms to spot unusual behaviors and vulnerabilities • Largest SaaS portfolio across fraud protection, application, cloud, and mobile security • Flexible deployment and out-of-the-box connectors for the most popular cloud services • Safeguarding mobile and consumer interactions

25. 25 IBM Security COGNITIVE, CLOUD, and COLLABORATION The next era of security INTELLIGENCE and INTEGRATION PERIMETER CONTROLS

26. 26 IBM Security IBM Security invests in best-of-breed solutions Incident response Cloud-enabled identity management Identity governance Application security Risk management Data management Security services and network security Database monitoring and protection Application security SOA management and security “…IBM Security is making all the right moves...” Forbes 2011 2012 2013 2014 2015 20162005 2006 2007 2008 2009 20102002 IBM Security Systems IBM Security Services Identity management Directory integration Enterprise single-sign-on Endpoint management and security Security Intelligence Advanced fraud protection Secure mobile mgmt. CyberTap

27. 27 IBM Security Industry analysts rank IBM Security DOMAIN SEGMENT MARKET SEGMENT / REPORT ANALYST RANKINGS Security Operations and Response Security Intelligence Security Information and Event Management (SIEM) LEADER Network and Endpoint Protection Intrusion Prevention Systems (IPS) LEADER Endpoint: Client Management Tools LEADER Endpoint Protection Platforms (EPP) Strong Performer Information Risk and Protection Identity Governance and Access Management Federated Identity Management and Single Sign-On LEADER Identity and Access Governance LEADER Identity and Access Management as a Service (IDaaS) LEADER Web Access Management (WAM) LEADER Mobile Access Management LEADER Identity Provisioning Management LEADER Data Security Data Masking LEADER Application Security Application Security Testing (dynamic and static) LEADER Mobile Protection Enterprise Mobility Management (MaaS360) LEADER Fraud Protection Web Fraud Detection (Trusteer) LEADER Security Transformation Services Consulting and Managed Services Managed Security Services (MSS) LEADER Information Security Consulting Services LEADER V2016-06-16Note: This is a collective view of top analyst rankings, compiled as of July, 2016

28. 28 IBM Security Adaptive integration with ecosystem partners Ready for IBM Security Intelligence IBM PartnerWorld 100+ ecosystem partners, 500+ QRadar integrations

29. 29 IBM Security A Global Leader in Enterprise Security • #1 in enterprise security software and services* • 7,500+ people • 12,000+ customers • 133 countries • 3,500+ security patents • 15 acquisitions since 2005 *According to Technology Business Research, Inc. (TBR) 2016

30. © Copyright IBM Corporation 2016. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. Any statement of direction represents IBM's current intent, is subject to change or withdrawal, and represent only goals and objectives. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM does not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party. ibm.com/security securityintelligence.com xforce.ibmcloud.com @ibmsecurity youtube/user/ibmsecuritysolutions FOLLOW US ON: THANK YOU

31. 31 IBM Security Cognitive: Revolutionizing how security analysts work Natural language processing with security that understands, reasons, and learns Watson determines the specific campaign (Locky), discovers more infected endpoints, and sends results to the incident response team

32. 32 IBM Security Cloud Monitor and enforce cloud usage IBM Security Cloud Enforcer RISKY APPS APPROVED APPS MOBILE BYOD ON PREM EMPLOYEES

33. 33 IBM Security Collaboration Crowd-sourced information sharing based on 700+TB of threat intelligence https://exchange.xforce.ibmcloud.com

34. 34 IBM Security Collaboration Application extensions to enhance visibility and productivity https://exchange.xforce.ibmcloud.com

IBM Security Strategy

IBM Security Strategy

Recomendados

Más contenido relacionado

Was ist angesagt?

Was ist angesagt?(20)

Similar a IBM Security Strategy

Similar a IBM Security Strategy(20)

Más de Camilo Fandiño Gómez

Más de Camilo Fandiño Gómez(9)

Último

Último(20)

IBM Security Strategy