SlideShare ist ein Scribd-Unternehmen logo

Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with Threat Intelligence

IBM Security
IBM Security

In the wake of massive numbers of security breaches in 2014, enterprises are struggling to improve how they consume threat intelligence to better protect their networks. Over 65% of companies use external threat intelligence as part of their security analytics, but are dissatisfied with the time and resources needed to understand and analyze the data available. With a barrage of information coming in to your organization on vulnerabilities, malware, and potentially malicious sites on the Internet, how can you truly make sense of the data and take action when it’s required? During this presentation, you will learn how your enterprise can quickly research threats, integrate actionable intelligence and collaborate with peers using global threat intelligence.

Technologie
1 von 21
Downloaden Sie, um offline zu lesen
© 2015 IBM Corporation IBM Security 1© 2015 IBM Corporation (Security) Ignorance Isn’t Bliss: 5 Ways to Advance Security Decisions with Threat Intelligence Jim Brennan Director of Strategy and Product Management Infrastructure Security & X-Force
© 2015 IBM Corporation IBM Security 2 Agenda  Threat Intelligence Overview  Current Challenges  Solutions  X-Force Exchange  The 5 Things You Can Do  Questions
© 2015 IBM Corporation IBM Security 3 What is threat intelligence? *Gartner, Definition: Threat Intelligence, Rob McMillan, May 2013, refreshed September 3, 2014, G00249251 Evidence-based knowledge, including context, mechanisms, indicators, implications, and actionable advice about an existing or emerging menace or hazard to assets that can be used to inform decisions regarding the subject’s response to that menace or hazard.
© 2015 IBM Corporation IBM Security 4 The Threat Intelligence market is growing … 1 Gartner, Competitive Landscape: Threat Intelligence Services, Worldwide, 2015, October 2014 G00261001 Threat Intelligence Services market size1 SANS Cyber Threat Intelligence Summit 2015 Courses Instructors Disciplines 2014 Courses Instructors Disciplines
© 2015 IBM Corporation IBM Security 5 … and maturing from an industry perspective  Importance as part of any organization’s suite of tools  The criteria for evaluation – Where is it sourced from? – How often is it updated? – Is it vetted by humans? – And many others …
© 2015 IBM Corporation IBM Security 6 Threat intelligence does help Attacks: Increased efficiencies achieved More efficiency in security processing to help clients focus on identified malicious events Events: up 12% year on year to 91m Observable occurrences in a system or network Incidents: up 22% year on year Attacks deemed worthy of deeper investigation Monthly 7,647,121 Security events Annual 16,857 Monthly 1,405 Security attacks Annual 109.37 Monthly 9.11 Security incidents Security Intelligence Correlation and analytics tools Security Intelligence Human security analysts Weekly 1,764,121 Weekly 324 Weekly 2.10 Annual 91,765,453 Utilization of threat intelligence can yield a significant reduction in security incidents, as well as speed to respond
© 2015 IBM Corporation IBM Security 7 Security teams are using multiple sources of intelligence to identify cyber threats, but they come with new challenges 65% of enterprise firms use external threat intelligence to enhance their security decision making1 However, security teams lack critical support to make the most of these resources It takes too long to make information actionable Data is gathered from untrusted sources Analysts can’t separate the signal from the noise 1 Source: ESG Global
© 2015 IBM Corporation IBM Security 8 Ever-increasing proliferation of cyber threat intelligence feeds External Malware Hashes / MD5 Brand abuse phishing indicator s Malware campaigns/ indicators Fraud payment logs Top tier phishing indicators Customer asset / credentials Threat landsca pe intel (TTPs) Intel as a service (IaaS) Staff asset / credentia ls Industry threat intel sharing Public sector threat intel ISAC threat intel Law enforcemt threat intel Passiv e DNS intel OSINT sentiment analysis Undergd dark Web intel IP reputatio n intel Human Intel (HUMINT) Technical Intel (TECHINT) Actor intel/ind icators Internal Firewall logs Proxy logs IDS/IPS logs Web logs Application logs Authent- ication logs Malware detection logs Email logs Network Security logs Building access logs Fraud payment logs CSIRT incidents Vulner- ability patch mgmt DNS/ DHCP logs Call/ IVR logs Endpoi nt security logs Employee directory SSO/ LDAP contex t Application inventory Website marketing analytics Advanced analytics and human intelligence must be applied and integrated into the organization to leverage the value of all the data When shopping for intelligence sources, organizations can be overwhelmed by choices as well as the cost and complexity to operationalize and gain a return on investment Operationalizing it can be costly and complex
© 2015 IBM Corporation IBM Security 9 The bad actors are already collaborating
© 2015 IBM Corporation IBM Security 10 Ideal requirements for key capabilities in a solution  Know everything about the particular observable that starts your investigation, i.e. historical information  Know everything your colleagues in the same industry know about that particular observable  Apply everything you and your colleagues know to the controls that exist in your infrastructure in order to better protect your organization
© 2015 IBM Corporation IBM Security 11 The real value of threat intelligence lies in its application to your business – to turn insight into action Without insight, organizations struggle to understand and stay ahead of the threat.  Potential attacks can be overlooked if the attacker’s methods and motives are unknown  Armed with this intelligence, organizations can take action ahead of threat to proactively adapt security strategy, remediate vulnerabilities and monitor for impact  By applying intelligence upfront, an organization can optimize security resources, increase efficiencies, reduce costs and improve risk management
© 2015 IBM Corporation IBM Security 12 Threat Intelligence sharing  It helps provide insight, context, and confidence with respect to the information that is being observed, i.e. an isolated attack or part of a broader industry-wide attack  It benefits both the organization and the broader community  Ranges from technical information on a particular piece of malware to more strategic, unstructured content
© 2015 IBM Corporation IBM Security 13 The current state of threat intelligence sharing  E-mail and informal gatherings  ISACs – Information Sharing and Analysis Center – Financial Services, National Health, Information Technology  Threat Intelligence Platforms – Dynamic market populated by both established players and startups  Machine Readable Threat Intelligence – STIX - Structured Threat Information Expression – TAXII – Trusted Automated Exchange of Indicator Information
© 2015 IBM Corporation IBM Security 14 Backed by the reputation and scale of IBM X-Force Introducing IBM X-Force Exchange Research and collaboration platform and API Security Analysts and Researchers Security Operations Centers (SOCs) Security Products and Technologies OPEN a robust platform with access to a wealth of threat intelligence data SOCIAL a collaborative platform for sharing threat intelligence ACTIONABLE an integrated solution to help quickly stop threats A new platform to consume, share, and act on threat intelligence IBM X-Force Exchange is:
© 2015 IBM Corporation IBM Security 15 OPEN A robust platform with access to a wealth of threat intelligence data • Over 700 terabytes of machine-generated intelligence from crawler robots, honeypots, darknets, and spamtraps • Multiple third party and partner sources of intelligence • Up to thousands of malicious indicators classified every hour Quickly gain access to threat data from curated sources: Leverage the scale of IBM Security and partner ecosystem Human intelligence adds context to machine- generated data: • Insights from security experts, including industry peers, IBM X-Force, and IBM Security professionals • Collaborative interface to organize and annotate findings, bringing priority information to the forefront
© 2015 IBM Corporation IBM Security 16 IBM Security Network Protection XGS IBM Security QRadar Security Intelligence IBM Security Trusteer Apex Malware Protection ACTIONABLE An integrated solution to help quickly stop threats STIX / TAXII (future feature) API • Integration between IBM Security products and X-Force Exchange- sourced actionable intelligence • Designed for third-party integration with planned future support for STIX and TAXII, the established standard for automated threat intelligence sharing • Leverage the API to connect threat intelligence to security products Push intelligence to enforcement points for timely protection 3rd Party Products
© 2015 IBM Corporation IBM Security 17 SOCIAL A collaborative platform for sharing threat intelligence Add context to threats via peer collaboration • Connect with industry peers to validate findings • Share a collection of Indicators of Compromise (IOCs) to aid in forensic investigations Discovers a new malware domain and marks it as malicious in the X-Force Exchange INCIDENT RESPONDER 1 Finds the domain and applies blocking rules to quickly stop malicious traffic. Shares with his CISO using the Exchange SECURITY ANALYST 2 Adds the domain to a public collection named “Malicious Traffic Sources Targeting Financial Industry” to share with industry peersCISO 3 For the first time, clients can interact with IBM X- Force security researchers and experts directly IBM X-FORCE 4
© 2015 IBM Corporation IBM Security 18 Steps you can take today … on tools Understand your threat intelligence – Relevance – Integration – Efficiency in sharing among products and teams Understand machine readable threat intelligence – STIX – stix.mitre.org – TAXII – taxii.mitre.org – APIs 1 2
© 2015 IBM Corporation IBM Security 19 Steps you can take today … on processes At a security team level – Identify information you have – Collaborate effectively within the organization At a company level – Team with CIO/CISO – Understand and address silos and legal issues At an industry level – Participate in industry security consortiums – Contribute to online threat intelligence sharing communities *Source: Rick Holland, Forrester Research 4 3 5
20 © 2015 IBM Corporation Questions?
© 2015 IBM Corporation IBM Security 21 www.ibm.com/security © Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.

Empfohlen

Luncheon - 2016-05-19 IBM Security - Threat Intelligence by Michael Montecillo
Luncheon - 2016-05-19 IBM Security - Threat Intelligence by Michael MontecilloLuncheon - 2016-05-19 IBM Security - Threat Intelligence by Michael Montecillo
Luncheon - 2016-05-19 IBM Security - Threat Intelligence by Michael MontecilloNorth Texas Chapter of the ISSA
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligencemohamed nasri
 
Cyber Security Trends for 2020 to Keep an Eye On
Cyber Security Trends for 2020 to Keep an Eye OnCyber Security Trends for 2020 to Keep an Eye On
Cyber Security Trends for 2020 to Keep an Eye OnTyrone Systems
 
Threat Intelligence in Cyber Risk Programs
Threat Intelligence in Cyber Risk ProgramsThreat Intelligence in Cyber Risk Programs
Threat Intelligence in Cyber Risk ProgramsRahul Neel Mani
 
Whitepaper Avira about Artificial Intelligence to cyber security
Whitepaper Avira about Artificial Intelligence to cyber securityWhitepaper Avira about Artificial Intelligence to cyber security
Whitepaper Avira about Artificial Intelligence to cyber securityGopiRajan4
 
The Cyber Threat Intelligence Matrix
The Cyber Threat Intelligence MatrixThe Cyber Threat Intelligence Matrix
The Cyber Threat Intelligence MatrixFrode Hommedal
 
Global Cyber Threat Intelligence
Global Cyber Threat IntelligenceGlobal Cyber Threat Intelligence
Global Cyber Threat IntelligenceNTT Innovation Institute Inc.
 
CYBER THREAT FORCAST 2016
CYBER THREAT FORCAST 2016 CYBER THREAT FORCAST 2016
CYBER THREAT FORCAST 2016 Bolaji James Bankole CCSS,CEH,MCSA,MCSE,MCP,CCNA,
 

Empfohlen

Luncheon - 2016-05-19 IBM Security - Threat Intelligence by Michael Montecillo
Luncheon - 2016-05-19 IBM Security - Threat Intelligence by Michael MontecilloLuncheon - 2016-05-19 IBM Security - Threat Intelligence by Michael Montecillo
Luncheon - 2016-05-19 IBM Security - Threat Intelligence by Michael MontecilloNorth Texas Chapter of the ISSA
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligencemohamed nasri
 
Cyber Security Trends for 2020 to Keep an Eye On
Cyber Security Trends for 2020 to Keep an Eye OnCyber Security Trends for 2020 to Keep an Eye On
Cyber Security Trends for 2020 to Keep an Eye OnTyrone Systems
 
Threat Intelligence in Cyber Risk Programs
Threat Intelligence in Cyber Risk ProgramsThreat Intelligence in Cyber Risk Programs
Threat Intelligence in Cyber Risk ProgramsRahul Neel Mani
 
Whitepaper Avira about Artificial Intelligence to cyber security
Whitepaper Avira about Artificial Intelligence to cyber securityWhitepaper Avira about Artificial Intelligence to cyber security
Whitepaper Avira about Artificial Intelligence to cyber securityGopiRajan4
 
The Cyber Threat Intelligence Matrix
The Cyber Threat Intelligence MatrixThe Cyber Threat Intelligence Matrix
The Cyber Threat Intelligence MatrixFrode Hommedal
 
Global Cyber Threat Intelligence
Global Cyber Threat IntelligenceGlobal Cyber Threat Intelligence
Global Cyber Threat IntelligenceNTT Innovation Institute Inc.
 
CYBER THREAT FORCAST 2016
CYBER THREAT FORCAST 2016 CYBER THREAT FORCAST 2016
CYBER THREAT FORCAST 2016 Bolaji James Bankole CCSS,CEH,MCSA,MCSE,MCP,CCNA,
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsUlf Mattsson
 
Actionable Threat Intelligence
Actionable Threat IntelligenceActionable Threat Intelligence
Actionable Threat IntelligenceOWASP Delhi
 
The State Of Information and Cyber Security in 2016
The State Of Information and Cyber Security in 2016The State Of Information and Cyber Security in 2016
The State Of Information and Cyber Security in 2016Shannon G., MBA
 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence pptKumar Gaurav
 
Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016InfinIT - Innovationsnetværket for it
 
Cyber Intelligence Operations Center
Cyber Intelligence Operations CenterCyber Intelligence Operations Center
Cyber Intelligence Operations CenterBill Ross
 
Cybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already KnowCybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already Knowjxyz
 
Symantec Intelligence Report - October 2014
Symantec Intelligence Report - October 2014Symantec Intelligence Report - October 2014
Symantec Intelligence Report - October 2014Symantec
 
Top 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS SolutionTop 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS SolutionIBM Security
 
Security Trend Report, 2017
Security Trend Report, 2017Security Trend Report, 2017
Security Trend Report, 2017Bill Chamberlin
 
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...Netpluz Asia Pte Ltd
 
Cyber Security 2017 Challenges
Cyber Security 2017 ChallengesCyber Security 2017 Challenges
Cyber Security 2017 ChallengesLeandro Bennaton
 
Enterprise Cyber Security 2016
Enterprise Cyber Security 2016Enterprise Cyber Security 2016
Enterprise Cyber Security 2016Supply Chain Coalition
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...IBM Security
 
NTXISSACSC2 - Top Ten Trends in TRM by Jon Murphy
NTXISSACSC2 - Top Ten Trends in TRM by Jon MurphyNTXISSACSC2 - Top Ten Trends in TRM by Jon Murphy
NTXISSACSC2 - Top Ten Trends in TRM by Jon MurphyNorth Texas Chapter of the ISSA
 
Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019PECB
 
M-Trends® 2013: Attack the Security Gap
M-Trends® 2013: Attack the Security GapM-Trends® 2013: Attack the Security Gap
M-Trends® 2013: Attack the Security GapFireEye, Inc.
 
Strategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity RisksStrategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity RisksMatthew Rosenquist
 
Key Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence IndexKey Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence IndexIBM Security
 
Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016InfinIT - Innovationsnetværket for it
 
Putting Technology into your business plan
Putting Technology into your business planPutting Technology into your business plan
Putting Technology into your business planLinda Kuppersmith
 
Managing Your Email040312
Managing Your Email040312Managing Your Email040312
Managing Your Email040312Linda Kuppersmith
 

Weitere ähnliche Inhalte

Was ist angesagt?

Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsUlf Mattsson
 
Actionable Threat Intelligence
Actionable Threat IntelligenceActionable Threat Intelligence
Actionable Threat IntelligenceOWASP Delhi
 
The State Of Information and Cyber Security in 2016
The State Of Information and Cyber Security in 2016The State Of Information and Cyber Security in 2016
The State Of Information and Cyber Security in 2016Shannon G., MBA
 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence pptKumar Gaurav
 
Cyber Intelligence Operations Center
Cyber Intelligence Operations CenterCyber Intelligence Operations Center
Cyber Intelligence Operations CenterBill Ross
 
Cybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already KnowCybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already Knowjxyz
 
Symantec Intelligence Report - October 2014
Symantec Intelligence Report - October 2014Symantec Intelligence Report - October 2014
Symantec Intelligence Report - October 2014Symantec
 
Top 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS SolutionTop 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS SolutionIBM Security
 
Security Trend Report, 2017
Security Trend Report, 2017Security Trend Report, 2017
Security Trend Report, 2017Bill Chamberlin
 
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...Netpluz Asia Pte Ltd
 
Cyber Security 2017 Challenges
Cyber Security 2017 ChallengesCyber Security 2017 Challenges
Cyber Security 2017 ChallengesLeandro Bennaton
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...IBM Security
 
Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019PECB
 
M-Trends® 2013: Attack the Security Gap
M-Trends® 2013: Attack the Security GapM-Trends® 2013: Attack the Security Gap
M-Trends® 2013: Attack the Security GapFireEye, Inc.
 
Strategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity RisksStrategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity RisksMatthew Rosenquist
 
Key Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence IndexKey Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence IndexIBM Security
 

Was ist angesagt? (20)

Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & Recommendations
 
Actionable Threat Intelligence
Actionable Threat IntelligenceActionable Threat Intelligence
Actionable Threat Intelligence
 
The State Of Information and Cyber Security in 2016
The State Of Information and Cyber Security in 2016The State Of Information and Cyber Security in 2016
The State Of Information and Cyber Security in 2016
 
Cyber threat intelligence ppt
Cyber threat intelligence pptCyber threat intelligence ppt
Cyber threat intelligence ppt
 
Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016
 
Cyber Intelligence Operations Center
Cyber Intelligence Operations CenterCyber Intelligence Operations Center
Cyber Intelligence Operations Center
 
Cybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already KnowCybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already Know
 
Symantec Intelligence Report - October 2014
Symantec Intelligence Report - October 2014Symantec Intelligence Report - October 2014
Symantec Intelligence Report - October 2014
 
Top 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS SolutionTop 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS Solution
 
Security Trend Report, 2017
Security Trend Report, 2017Security Trend Report, 2017
Security Trend Report, 2017
 
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
 
Cyber Security 2017 Challenges
Cyber Security 2017 ChallengesCyber Security 2017 Challenges
Cyber Security 2017 Challenges
 
Enterprise Cyber Security 2016
Enterprise Cyber Security 2016Enterprise Cyber Security 2016
Enterprise Cyber Security 2016
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
 
NTXISSACSC2 - Top Ten Trends in TRM by Jon Murphy
NTXISSACSC2 - Top Ten Trends in TRM by Jon MurphyNTXISSACSC2 - Top Ten Trends in TRM by Jon Murphy
NTXISSACSC2 - Top Ten Trends in TRM by Jon Murphy
 
Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019
 
M-Trends® 2013: Attack the Security Gap
M-Trends® 2013: Attack the Security GapM-Trends® 2013: Attack the Security Gap
M-Trends® 2013: Attack the Security Gap
 
Strategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity RisksStrategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity Risks
 
Key Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence IndexKey Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence Index
 
Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016
 

Andere mochten auch

Putting Technology into your business plan
Putting Technology into your business planPutting Technology into your business plan
Putting Technology into your business planLinda Kuppersmith
 
Road map for actionable threat intelligence
Road map for actionable threat intelligenceRoad map for actionable threat intelligence
Road map for actionable threat intelligenceabhisheksinghcs
 
IntelFlow: Toward adding Cyber Threat Intelligence to Software Defined Networ...
IntelFlow: Toward adding Cyber Threat Intelligence to Software Defined Networ...IntelFlow: Toward adding Cyber Threat Intelligence to Software Defined Networ...
IntelFlow: Toward adding Cyber Threat Intelligence to Software Defined Networ...Open Networking Perú (Opennetsoft)
 
Cyber Threat Intelligence Solution Demonstration
Cyber Threat Intelligence Solution DemonstrationCyber Threat Intelligence Solution Demonstration
Cyber Threat Intelligence Solution DemonstrationSurfWatch Labs
 
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...BAKOTECH
 

Andere mochten auch (6)

Putting Technology into your business plan
Putting Technology into your business planPutting Technology into your business plan
Putting Technology into your business plan
 
Managing Your Email040312
Managing Your Email040312Managing Your Email040312
Managing Your Email040312
 
Road map for actionable threat intelligence
Road map for actionable threat intelligenceRoad map for actionable threat intelligence
Road map for actionable threat intelligence
 
IntelFlow: Toward adding Cyber Threat Intelligence to Software Defined Networ...
IntelFlow: Toward adding Cyber Threat Intelligence to Software Defined Networ...IntelFlow: Toward adding Cyber Threat Intelligence to Software Defined Networ...
IntelFlow: Toward adding Cyber Threat Intelligence to Software Defined Networ...
 
Cyber Threat Intelligence Solution Demonstration
Cyber Threat Intelligence Solution DemonstrationCyber Threat Intelligence Solution Demonstration
Cyber Threat Intelligence Solution Demonstration
 
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
 

Ähnlich wie Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with Threat Intelligence

IBM Security Products: Intelligence, Integration, Expertise
IBM Security Products: Intelligence, Integration, ExpertiseIBM Security Products: Intelligence, Integration, Expertise
IBM Security Products: Intelligence, Integration, ExpertiseShwetank Jayaswal
 
Ibm security products portfolio
Ibm security products portfolioIbm security products portfolio
Ibm security products portfolioPatrick Bouillaud
 
PCM Vision 2019 Breakout: IBM | Red Hat
PCM Vision 2019 Breakout: IBM | Red HatPCM Vision 2019 Breakout: IBM | Red Hat
PCM Vision 2019 Breakout: IBM | Red HatPCM
 
4 Ways to Build your Immunity to Cyberthreats
4 Ways to Build your Immunity to Cyberthreats4 Ways to Build your Immunity to Cyberthreats
4 Ways to Build your Immunity to CyberthreatsIBM Security
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceIBM Security
 
Securing Systems of Engagement
Securing Systems of EngagementSecuring Systems of Engagement
Securing Systems of EngagementJohn Palfreyman
 
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data AnalyticsSecurity Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data AnalyticsIBM Security
 
IBM X-Force: Insights from the 1Q 2015 X-Force Threat Intelligence Quarterly
IBM X-Force: Insights from the 1Q 2015 X-Force Threat Intelligence QuarterlyIBM X-Force: Insights from the 1Q 2015 X-Force Threat Intelligence Quarterly
IBM X-Force: Insights from the 1Q 2015 X-Force Threat Intelligence QuarterlyIBM Security
 
Segurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSegurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSantiago Cavanna
 
Cyber crime in a Smart Phone & Social Media Obsessed World
Cyber crime in a Smart Phone & Social Media Obsessed WorldCyber crime in a Smart Phone & Social Media Obsessed World
Cyber crime in a Smart Phone & Social Media Obsessed WorldJohn Palfreyman
 
Top Cyber Threat Intelligence Tools in 2021.pdf
Top Cyber Threat Intelligence Tools in 2021.pdfTop Cyber Threat Intelligence Tools in 2021.pdf
Top Cyber Threat Intelligence Tools in 2021.pdfinfosec train
 
A New Remedy for the Cyber Storm Approaching
A New Remedy for the Cyber Storm ApproachingA New Remedy for the Cyber Storm Approaching
A New Remedy for the Cyber Storm ApproachingSPI Conference
 
IBM - IAM Security and Trends
IBM - IAM Security and TrendsIBM - IAM Security and Trends
IBM - IAM Security and TrendsIBM Sverige
 
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...IBM Security
 
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...IBM Security
 
Cybersecurity - Needs and Barriers of SMEs
Cybersecurity - Needs and Barriers of SMEsCybersecurity - Needs and Barriers of SMEs
Cybersecurity - Needs and Barriers of SMEsCyber Watching
 
Outsmarting the Attackers A Deep Dive into Threat Intelligence.docx
Outsmarting the Attackers A Deep Dive into Threat Intelligence.docxOutsmarting the Attackers A Deep Dive into Threat Intelligence.docx
Outsmarting the Attackers A Deep Dive into Threat Intelligence.docxmanas23pgdm157
 

Ähnlich wie Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with Threat Intelligence (20)

IBM Security Products: Intelligence, Integration, Expertise
IBM Security Products: Intelligence, Integration, ExpertiseIBM Security Products: Intelligence, Integration, Expertise
IBM Security Products: Intelligence, Integration, Expertise
 
Ibm security products portfolio
Ibm security products portfolioIbm security products portfolio
Ibm security products portfolio
 
IBM X-Force Research
IBM X-Force ResearchIBM X-Force Research
IBM X-Force Research
 
PCM Vision 2019 Breakout: IBM | Red Hat
PCM Vision 2019 Breakout: IBM | Red HatPCM Vision 2019 Breakout: IBM | Red Hat
PCM Vision 2019 Breakout: IBM | Red Hat
 
4 Ways to Build your Immunity to Cyberthreats
4 Ways to Build your Immunity to Cyberthreats4 Ways to Build your Immunity to Cyberthreats
4 Ways to Build your Immunity to Cyberthreats
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
 
Securing Systems of Engagement
Securing Systems of EngagementSecuring Systems of Engagement
Securing Systems of Engagement
 
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data AnalyticsSecurity Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
 
IBM X-Force: Insights from the 1Q 2015 X-Force Threat Intelligence Quarterly
IBM X-Force: Insights from the 1Q 2015 X-Force Threat Intelligence QuarterlyIBM X-Force: Insights from the 1Q 2015 X-Force Threat Intelligence Quarterly
IBM X-Force: Insights from the 1Q 2015 X-Force Threat Intelligence Quarterly
 
Segurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSegurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago Cavanna
 
Cyber crime in a Smart Phone & Social Media Obsessed World
Cyber crime in a Smart Phone & Social Media Obsessed WorldCyber crime in a Smart Phone & Social Media Obsessed World
Cyber crime in a Smart Phone & Social Media Obsessed World
 
IBM X-Force Research
IBM X-Force ResearchIBM X-Force Research
IBM X-Force Research
 
Top Cyber Threat Intelligence Tools in 2021.pdf
Top Cyber Threat Intelligence Tools in 2021.pdfTop Cyber Threat Intelligence Tools in 2021.pdf
Top Cyber Threat Intelligence Tools in 2021.pdf
 
A New Remedy for the Cyber Storm Approaching
A New Remedy for the Cyber Storm ApproachingA New Remedy for the Cyber Storm Approaching
A New Remedy for the Cyber Storm Approaching
 
IBM - IAM Security and Trends
IBM - IAM Security and TrendsIBM - IAM Security and Trends
IBM - IAM Security and Trends
 
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
 
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
 
IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,
 
Cybersecurity - Needs and Barriers of SMEs
Cybersecurity - Needs and Barriers of SMEsCybersecurity - Needs and Barriers of SMEs
Cybersecurity - Needs and Barriers of SMEs
 
Outsmarting the Attackers A Deep Dive into Threat Intelligence.docx
Outsmarting the Attackers A Deep Dive into Threat Intelligence.docxOutsmarting the Attackers A Deep Dive into Threat Intelligence.docx
Outsmarting the Attackers A Deep Dive into Threat Intelligence.docx
 

Mehr von IBM Security

Automation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsAutomation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsIBM Security
 
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...IBM Security
 
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...IBM Security
 
Integrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIntegrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIBM Security
 
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...IBM Security
 
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...IBM Security
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackAccelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackIBM Security
 
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent OrchestrationHow to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent OrchestrationIBM Security
 
Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?IBM Security
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...IBM Security
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...IBM Security
 
WannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowWannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowIBM Security
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsIBM Security
 
Mobile Vision 2020
Mobile Vision 2020Mobile Vision 2020
Mobile Vision 2020IBM Security
 
Retail Mobility, Productivity and Security
Retail Mobility, Productivity and SecurityRetail Mobility, Productivity and Security
Retail Mobility, Productivity and SecurityIBM Security
 
Close the Loop on Incident Response
Close the Loop on Incident ResponseClose the Loop on Incident Response
Close the Loop on Incident ResponseIBM Security
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats IBM Security
 
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...IBM Security
 
See How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile MetricsSee How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile MetricsIBM Security
 

Mehr von IBM Security (20)

Automation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsAutomation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOps
 
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
 
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
 
Integrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIntegrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM Resilient
 
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
 
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackAccelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon Black
 
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent OrchestrationHow to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
 
Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
 
WannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowWannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do Now
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security Operations
 
IBM QRadar UBA
IBM QRadar UBA IBM QRadar UBA
IBM QRadar UBA
 
Mobile Vision 2020
Mobile Vision 2020Mobile Vision 2020
Mobile Vision 2020
 
Retail Mobility, Productivity and Security
Retail Mobility, Productivity and SecurityRetail Mobility, Productivity and Security
Retail Mobility, Productivity and Security
 
Close the Loop on Incident Response
Close the Loop on Incident ResponseClose the Loop on Incident Response
Close the Loop on Incident Response
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats
 
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
 
See How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile MetricsSee How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile Metrics
 

Kürzlich hochgeladen

My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 

Kürzlich hochgeladen (20)

My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 

Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with Threat Intelligence

  • 1. © 2015 IBM Corporation IBM Security 1© 2015 IBM Corporation (Security) Ignorance Isn’t Bliss: 5 Ways to Advance Security Decisions with Threat Intelligence Jim Brennan Director of Strategy and Product Management Infrastructure Security & X-Force
  • 2. © 2015 IBM Corporation IBM Security 2 Agenda  Threat Intelligence Overview  Current Challenges  Solutions  X-Force Exchange  The 5 Things You Can Do  Questions
  • 3. © 2015 IBM Corporation IBM Security 3 What is threat intelligence? *Gartner, Definition: Threat Intelligence, Rob McMillan, May 2013, refreshed September 3, 2014, G00249251 Evidence-based knowledge, including context, mechanisms, indicators, implications, and actionable advice about an existing or emerging menace or hazard to assets that can be used to inform decisions regarding the subject’s response to that menace or hazard.
  • 4. © 2015 IBM Corporation IBM Security 4 The Threat Intelligence market is growing … 1 Gartner, Competitive Landscape: Threat Intelligence Services, Worldwide, 2015, October 2014 G00261001 Threat Intelligence Services market size1 SANS Cyber Threat Intelligence Summit 2015 Courses Instructors Disciplines 2014 Courses Instructors Disciplines
  • 5. © 2015 IBM Corporation IBM Security 5 … and maturing from an industry perspective  Importance as part of any organization’s suite of tools  The criteria for evaluation – Where is it sourced from? – How often is it updated? – Is it vetted by humans? – And many others …
  • 6. © 2015 IBM Corporation IBM Security 6 Threat intelligence does help Attacks: Increased efficiencies achieved More efficiency in security processing to help clients focus on identified malicious events Events: up 12% year on year to 91m Observable occurrences in a system or network Incidents: up 22% year on year Attacks deemed worthy of deeper investigation Monthly 7,647,121 Security events Annual 16,857 Monthly 1,405 Security attacks Annual 109.37 Monthly 9.11 Security incidents Security Intelligence Correlation and analytics tools Security Intelligence Human security analysts Weekly 1,764,121 Weekly 324 Weekly 2.10 Annual 91,765,453 Utilization of threat intelligence can yield a significant reduction in security incidents, as well as speed to respond
  • 7. © 2015 IBM Corporation IBM Security 7 Security teams are using multiple sources of intelligence to identify cyber threats, but they come with new challenges 65% of enterprise firms use external threat intelligence to enhance their security decision making1 However, security teams lack critical support to make the most of these resources It takes too long to make information actionable Data is gathered from untrusted sources Analysts can’t separate the signal from the noise 1 Source: ESG Global
  • 8. © 2015 IBM Corporation IBM Security 8 Ever-increasing proliferation of cyber threat intelligence feeds External Malware Hashes / MD5 Brand abuse phishing indicator s Malware campaigns/ indicators Fraud payment logs Top tier phishing indicators Customer asset / credentials Threat landsca pe intel (TTPs) Intel as a service (IaaS) Staff asset / credentia ls Industry threat intel sharing Public sector threat intel ISAC threat intel Law enforcemt threat intel Passiv e DNS intel OSINT sentiment analysis Undergd dark Web intel IP reputatio n intel Human Intel (HUMINT) Technical Intel (TECHINT) Actor intel/ind icators Internal Firewall logs Proxy logs IDS/IPS logs Web logs Application logs Authent- ication logs Malware detection logs Email logs Network Security logs Building access logs Fraud payment logs CSIRT incidents Vulner- ability patch mgmt DNS/ DHCP logs Call/ IVR logs Endpoi nt security logs Employee directory SSO/ LDAP contex t Application inventory Website marketing analytics Advanced analytics and human intelligence must be applied and integrated into the organization to leverage the value of all the data When shopping for intelligence sources, organizations can be overwhelmed by choices as well as the cost and complexity to operationalize and gain a return on investment Operationalizing it can be costly and complex
  • 9. © 2015 IBM Corporation IBM Security 9 The bad actors are already collaborating
  • 10. © 2015 IBM Corporation IBM Security 10 Ideal requirements for key capabilities in a solution  Know everything about the particular observable that starts your investigation, i.e. historical information  Know everything your colleagues in the same industry know about that particular observable  Apply everything you and your colleagues know to the controls that exist in your infrastructure in order to better protect your organization
  • 11. © 2015 IBM Corporation IBM Security 11 The real value of threat intelligence lies in its application to your business – to turn insight into action Without insight, organizations struggle to understand and stay ahead of the threat.  Potential attacks can be overlooked if the attacker’s methods and motives are unknown  Armed with this intelligence, organizations can take action ahead of threat to proactively adapt security strategy, remediate vulnerabilities and monitor for impact  By applying intelligence upfront, an organization can optimize security resources, increase efficiencies, reduce costs and improve risk management
  • 12. © 2015 IBM Corporation IBM Security 12 Threat Intelligence sharing  It helps provide insight, context, and confidence with respect to the information that is being observed, i.e. an isolated attack or part of a broader industry-wide attack  It benefits both the organization and the broader community  Ranges from technical information on a particular piece of malware to more strategic, unstructured content
  • 13. © 2015 IBM Corporation IBM Security 13 The current state of threat intelligence sharing  E-mail and informal gatherings  ISACs – Information Sharing and Analysis Center – Financial Services, National Health, Information Technology  Threat Intelligence Platforms – Dynamic market populated by both established players and startups  Machine Readable Threat Intelligence – STIX - Structured Threat Information Expression – TAXII – Trusted Automated Exchange of Indicator Information
  • 14. © 2015 IBM Corporation IBM Security 14 Backed by the reputation and scale of IBM X-Force Introducing IBM X-Force Exchange Research and collaboration platform and API Security Analysts and Researchers Security Operations Centers (SOCs) Security Products and Technologies OPEN a robust platform with access to a wealth of threat intelligence data SOCIAL a collaborative platform for sharing threat intelligence ACTIONABLE an integrated solution to help quickly stop threats A new platform to consume, share, and act on threat intelligence IBM X-Force Exchange is:
  • 15. © 2015 IBM Corporation IBM Security 15 OPEN A robust platform with access to a wealth of threat intelligence data • Over 700 terabytes of machine-generated intelligence from crawler robots, honeypots, darknets, and spamtraps • Multiple third party and partner sources of intelligence • Up to thousands of malicious indicators classified every hour Quickly gain access to threat data from curated sources: Leverage the scale of IBM Security and partner ecosystem Human intelligence adds context to machine- generated data: • Insights from security experts, including industry peers, IBM X-Force, and IBM Security professionals • Collaborative interface to organize and annotate findings, bringing priority information to the forefront
  • 16. © 2015 IBM Corporation IBM Security 16 IBM Security Network Protection XGS IBM Security QRadar Security Intelligence IBM Security Trusteer Apex Malware Protection ACTIONABLE An integrated solution to help quickly stop threats STIX / TAXII (future feature) API • Integration between IBM Security products and X-Force Exchange- sourced actionable intelligence • Designed for third-party integration with planned future support for STIX and TAXII, the established standard for automated threat intelligence sharing • Leverage the API to connect threat intelligence to security products Push intelligence to enforcement points for timely protection 3rd Party Products
  • 17. © 2015 IBM Corporation IBM Security 17 SOCIAL A collaborative platform for sharing threat intelligence Add context to threats via peer collaboration • Connect with industry peers to validate findings • Share a collection of Indicators of Compromise (IOCs) to aid in forensic investigations Discovers a new malware domain and marks it as malicious in the X-Force Exchange INCIDENT RESPONDER 1 Finds the domain and applies blocking rules to quickly stop malicious traffic. Shares with his CISO using the Exchange SECURITY ANALYST 2 Adds the domain to a public collection named “Malicious Traffic Sources Targeting Financial Industry” to share with industry peersCISO 3 For the first time, clients can interact with IBM X- Force security researchers and experts directly IBM X-FORCE 4
  • 18. © 2015 IBM Corporation IBM Security 18 Steps you can take today … on tools Understand your threat intelligence – Relevance – Integration – Efficiency in sharing among products and teams Understand machine readable threat intelligence – STIX – stix.mitre.org – TAXII – taxii.mitre.org – APIs 1 2
  • 19. © 2015 IBM Corporation IBM Security 19 Steps you can take today … on processes At a security team level – Identify information you have – Collaborate effectively within the organization At a company level – Team with CIO/CISO – Understand and address silos and legal issues At an industry level – Participate in industry security consortiums – Contribute to online threat intelligence sharing communities *Source: Rick Holland, Forrester Research 4 3 5
  • 20. 20 © 2015 IBM Corporation Questions?
  • 21. © 2015 IBM Corporation IBM Security 21 www.ibm.com/security © Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.