More Related Content Similar to Chris neely the future of cyber security events 3 (20) More from Redazione InnovaPuglia (20) Chris neely the future of cyber security events 319. © 2016 IBM Corporation© 2018 IBM Corporation19
This suburban Melbourne, Australia ,city is
home to more than 180,000 people. Its City
Council provides and manages a wide range of
municipal services, including waste collection,
education, land and environment programs,
leisure facilities, libraries and building
management. The council employs more than
1,500 people.
Solution components
• IBM® Security Services Cyber
Security Assessment and
Response
Business benefits
Identified vulnerabilities
Penetration testing identified IT
weaknesses in its environment
Reduced risk
Developed appropriate mitigation
strategies, strengthening
protection of its IT assets
Met budget objectives
The IBM team provided the right
services at a competitive price
City government
Verifying network, Wi-Fi and
application security controls
Government
Business challenge
The City Council needed to verify the effectiveness of its perimeter network
security controls, web application security controls and controls around Wi-
Fi networks. It sought a reliable provider to provide penetration testing
services.
Transformation
The City Council engaged IBM® Security Services to provide IBM
Cybersecurity Assessment and Response services. The IBM team
performed external network penetration testing, web application testing,
wireless penetration testing and wireless security architecture assessment.
20. © 2016 IBM Corporation© 2018 IBM Corporation20
This democratic constitutional monarchy
manages and maintains the economical,
agricultural and social well-being of its country
and citizens. It includes approximately 130
departments and agencies.
Solution components
• IBM® Security Services ‐ IBM
Identity and Access Management
Services
Business benefits
Established
a centralized platform for
authenticating users of enterprise
applications
Avoided
the burden of dealing with multiple
authentication mechanisms
Improved and standardized
security, privacy and data sharing
across enterprise applications
National government
Centralizing identity and
access management
Government
Business challenge
When this national government initiated a agency-wide identity, credential
and access-management initiative, it needed to define the initiative’s initial
roadmap and the project’s initial phase, which included credential and
requirements definition and high-level design. It also needed help with
writing a request for proposal (RFP).
Transformation
An IBM® Security Services team helped with strategy and design during
the first phase of the project. With IBM’s assistance, the government
determined the scope, requirements and high-level design of the first
phase and wrote an RFP. The IBM team also supports the second phase
of the project, which entails identity management, providing assistance
with credential transformation and identity management initiatives.
21. © 2016 IBM Corporation© 2018 IBM Corporation21
A small security team for this Canadian
government agency works to protect agency
operations and citizen-facing services from
cybercriminals.
Solution components
• IBM® QRadar® SIEM
• IBM QRadar Vulnerability
Manager
• IBM Managed Security Services
Business benefits
Eliminated false alerts
100,000 issues and alerts were
reduced to 10 – 20 offenses daily
that are prioritized dynamically
Fast implementation
Seven days to deploy, realizing
time-to-value with the solution and
achieving ROI
Enhanced security overall
10,000 vulnerabilities were
scanned to help find security gaps
and prioritize proactive responses
Government agency
Adopting a cognitive
approach to threat detection
“QRadar offered a great value
proposition in comparison to the
feature set it provided.”
Director, Architecture and Security
Government
Business challenge
With limited resources, a Canadian government agency needed an
advanced security information and event management (SIEM) solution to
help it quickly detect and respond to potential security threats.
Transformation
By moving from manual event correlation processes to an automated
security intelligence and analytics solution from IBM, agency security staff
can quickly identify the security events that require investigation and add
context to help detect threats faster and uncover vulnerabilities that need
to be addressed.
22. © 2016 IBM Corporation© 2018 IBM Corporation22
Business challenge
This public sector organization was the unknowing victim of an attacker that
was attempting to test stealthy exfiltration of confidential information from a
highly sensitive asset not considered at risk.
Transformation
Using the IBM® QRadar® Sense Analytics engine for advanced threat
detection, along with other QRadar security software products, IBM Business
Partner CarbonHelix was able to quickly determine how the attacker had
gained access to the internal network and the sensitive asset as well as the
tools used to capture and move data.
Operating in the public sector, this organization
found out the hard way that the log-based
security information and event management
(SIEM) solution from its managed security
services provider was incapable of detecting
stealth attacks.
Solution components
• IBM® QRadar® QFlow Collector
• IBM QRadar Sense Analytics
• IBM QRadar Vulnerability
Manager
• Delivered by IBM Business
Partner CarbonHelix
Public sector
organization
Detecting and stopping
a stealth attack
“Without fast action by CarbonHelix
and their use of QRadar, we would
have joined the list of data breach
victims.”
IT Security manager
Business benefits
Detected
the stealth attack that was not
caught by log-based SIEM
analysis alone
Prevented
loss of confidential data and
further undiscovered activity by
the attacker
Reduced risk
with new security controls and
a process to identify and patch
vulnerabilities
Public Sector
23. © 2016 IBM Corporation© 2018 IBM Corporation23
This tax authority in Europe is responsible for
tax collection for companies and private
individuals. To ensure that public services have
the funds they need to operate effectively, the
authority carries out collection, compliance and
enforcement activities to minimize the risk of
tax avoidance and evasion.
Solution components
• IBM® i2® Analyst’s Notebook
• IBM i2 Base
Business benefits
Saves
several person-days per month ,
enabling more investigations over
the course of a year
Reveals
unexpected patterns and
networks that point to criminals
and their accomplices
Provides
evidence of tax fraud required for
prosecution
A tax authority in Europe
Putting fraudsters behind bars
by uncovering hidden criminal
networks
Government
Business challenge
Effective tax collection is a key enabler of well-funded public services. This
tax authority’s efforts to find evidence needed to prosecute tax fraudsters
were dependent on using spreadsheets to collect and analyze complex
transaction data—a time consuming and limited process.
Transformation
With IBM® i2® Analyst’s Notebook intelligence analysis software at the
heart of its economic fraud detection strategy, the authority is succeeding
in bringing more criminals to justice, faster. With lightning-speed big data
analytics, the authority can crunch large data sets in minutes, slashing the
time it needs to conduct in-depth investigations. The software provides
multiple perspectives of data, helping to reveal networks and connections
that can in turn provide evidence that can help build cases for prosecution.
24. © 2016 IBM Corporation© 2018 IBM Corporation24
Business challenge
Information about human trafficking comes from diverse sources, from
local news and the web to official reports. STOP THE TRAFFIK needed to
turn this information into actionable intelligence.
Transformation
Human trafficking and modern slavery are global problems that take many
forms, exploiting men, women and children in both industrialized and
emerging countries. With the help of IBM® i2® intelligence analysis
software, nonprofit STOP THE TRAFFIK is taking an intelligence-led
approach to disrupting human trafficking networks at their source.
STOP THE TRAFFIK is a pioneer in human trafficking
prevention. Since 2006, this globally oriented non-profit
organization has been helping to prevent trafficking through
building resilient communities that can identify and respond to
trafficking; sharing knowledge; and helping businesses make
their supply chains slavery free. Its Centre for Intelligence-Led
Prevention was developed to collect global stories, connect
them and build a picture of human trafficking hotspots and
trends.
Solution components
• IBM® i2® Analyst’s Notebook
• IBM i2 iBase
STOP THE TRAFFIK
Using intelligence analysis
technology to disrupt and
prevent human trafficking
“We can search for hotspots and trends
using a variety of the functions built
into the i2 Analyst’s Notebook
software.”
Lead Analyst
Public Sector
Business benefits
Uncovers
trafficking hotspots and routes
using a wealth of multidimensional
analyses
Disrupts
trafficking at the source via
awareness campaigns that target
local activity
Boosts
efficiency and simplifies sharing
by replacing spreadsheets with
visual analysis
25. © 2016 IBM Corporation© 2018 IBM Corporation25
With a population of more than 62,000
residents, this Czech Republic city has a rich
history as a commercial, economic and cultural
center due to its location along key trade
routes. Today the city has become a
commercial and tourist center.
Solution components
• IBM® Security Identity Manager
• IBM Security Services ‐Identity
and Access Management
• Solution delivered by IBM
Business Partner GC System a.s.
Business benefits
Rapid onboarding
Provided 100 percent
improvement in the speed of new
employee activation, from days to
a few hours
Reduced cost
One full-time employee can now
manage all user accounts
Improved system security
Removed orphan accounts and
deactivates employee accounts
upon termination of employment
City government
Freeing up IT resources to
build and expand a network
for a growing city
“Centralization, automation, and a
roles-based identity management
system have simplified our IT access
management significantly.”
IT Security Manager
Government
Business challenge
The city needed an identity management solution that would free up its
limited IT staff to manage and expand its IT environment by automating
many of its time-consuming day-to-day personnel administration processes
while ensuring the security of its IT systems.
Transformation
The city implemented a rules-based identity management system that
automates employee account access based on employee position, role
and department. The system then uses an automated account
reconciliation process to detect and correct (or remove) any accounts that
are not in agreement with the pre-defined rules. Account access is
automatically removed when an individual leaves the city’s employ.
26. ibm.com/security
securityintelligence.com
xforce.ibmcloud.com
@ibmsecurity
youtube/user/ibmsecuritysolutions
© Copyright IBM Corporation 2019. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. Any statement of direction
represents IBM's current intent, is subject to change or withdrawal, and represent only goals and objectives. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States,
other countries or both. Other company, product, or service names may be trademarks or service marks of others.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information
being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security
measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and
may require other systems, products or services to be most effective. IBM does not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party.
FOLLOW US ON:
THANK YOU
ibm.com/security/community