IBM Security Systems. IBM X-Force 2012 & CISO Survey. Cyber Security Threat Landscape IBM Corporation IBM Corporation

Transcription

1 IBM X-Force 2012 & CISO Survey Cyber Security Threat Landscape IBM Corporation

2 IBM X-Force 2011 Trend and Risk Report Highlights The mission of the IBM X-Force research and development team is to: X-Force Research 14B 40M 54K analyzed Web pages & images spam & phishing attacks documented vulnerabilities 13 billion security events monitored daily Research and evaluate threat and protection issues Deliver security protection for today s security problems Develop new technology for tomorrow s security challenges Educate the media and user communities Provides Specific Analysis of: Vulnerabilities & exploits Malicious/Unwanted websites Spam and phishing Malware Other emerging trends 2

3 To find out how forward thinkers are harnessing all this data, we asked 138 security leaders in seven counties across a wide range of industries 3

4 With explosive growth in connectivity and collaboration, information security is becoming increasingly complex and difficult to manage In 2011, the corporate world experienced the second highest data loss total since 2004 The number of mobile workers is expected to reach 1.3 billion by 2015 At the same time, mobile security threats are increasing up almost 20 percent in 2011 Sources: 4 Verizon 2012 Data Breach Investigations Report; IDC

5 2011: Year of the Security Breach 5

6 Key Findings from the 2011 Trend Report New Attack Activity Rise in Shell Command Injection attacks Spikes in SSH Brute Forcing Rise in Click Fraud related Phishing Progress in Internet Security Fewer exploit releases Fewer web application vulnerabilities Better patching The Challenge of Mobile and the Cloud Mobile exploit disclosures up Cloud requires new thinking 6

7 Key Findings from the 2011 Trend Report New Attack Activity Rise in Shell Command Injection attacks Spikes in SSH Brute Forcing Rise in Click Fraud related Phishing Progress in Internet Security Fewer exploit releases Fewer web application vulnerabilities Better patching The Challenge of Mobile and the Cloud Mobile exploit disclosures up Cloud requires new thinking 7

8 SQL Injection Attacks against Web Servers 8

9 Shell Command Injection Attacks 9

10 SSH Brute Force Activity 10

11 Phishing based malware distribution and click fraud 11

12 Key Findings from the 2011 Trend Report New Attack Activity Rise in Shell Command Injection attacks Spikes in SSH Brute Forcing Rise in Click Fraud related Phishing Progress in Internet Security Fewer exploit releases Fewer web application vulnerabilities Better patching The Challenge of Mobile and the Cloud Mobile exploit disclosures up Cloud requires new thinking 12

13 Public Exploit Disclosures Fewer exploits released so far this year since 2006 Down as a percentage of vulnerabilities as well 13

14 Public Exploits 14

15 Decline in web application vulnerabilities in 2011 In % of security vulnerabilities affected web applications. In % affected web applications. Big decline in SQL Injection 15

16 Better Patching 16

17 Key Findings from the 2011 Trend Report New Attack Activity Rise in Shell Command Injection attacks Spikes in SSH Brute Forcing Rise in Click Fraud related Phishing Progress in Internet Security Fewer exploit releases Fewer web application vulnerabilities Better patching The Challenge of Mobile and the Cloud Mobile exploit disclosures up Cloud requires new thinking 17

18 Mobile OS Vulnerabilities and Exploits Continued interest in Mobile vulnerabilities as enterprise users bring smartphones and tablets into the work place Attackers finally warming to the opportunities these devices represent 18

19 The Challenges of Cloud Security In 2011, there were many high profile cloud breaches, affecting wellknown organizations and large populations of their customers. Cloud Security Requires: A cloud-appropriate workload Effective due diligence on the part of the customer Flexibility on the part of the cloud provider Cloud customers should take a lifecycle view of the cloud deployment, including what the exit strategy should be if things don't work out. 19

20 The security landscape is changing 20 Source: IBM Center for Applied Insights

21 One-quarter of security leaders believe their organizations are mature and are confident in their ability to respond to a breach or incident Self-assessed maturity and preparedness 21 Source: IBM Center for Applied Insights

22 In this new normal, organizations need an intelligent view of their security posture Basic Organizations employ perimeter protection, which regulates access and feeds manual reporting Auto omated Manual Reactive Proactive Optimized Organizations use predictive and automated security analytics to drive toward security intelligence Proficient Security is layered into the IT fabric and business operations 22

23 Influencers vs. Responders 2xmore likely to have a dedicated CISO 2.5x more likely to have a security or risk committee 3xmore likely to have information security as a board topic 2xmore likely to use a standard set of security metrics to track their progress 4xmore likely to be focused on improving enterprise wide communication and collaboration over the next two years 2xmore likely to be focused on providing education and security awareness over the next two years 23

24 Influencers are more likely to measure progress through a wider variety of metrics and devote more attention to systemic change Importance of Metrics 24 Source: IBM Center for Applied Insights

25 Security leaders should construct an action plan based on their current capabilities and most pressing needs Responders can move beyond their tactical focus by: Establishing a dedicated security leadership role (like a CISO), assembling a security and risk committee, and measuring progress Automating routine security processes to devote more time and resources to security innovation Protectors can make security more of a strategic priority by: Investing more of their budgets on reducing future risks Aligning information security initiatives to broader enterprise priorities Learning from and collaborating with a network of security peers Influencers can continue to innovate and advance their security approaches by: Strengthening communication, education and business leadership skills to cultivate a more risk-aware culture Using insights from metrics and data analysis to identify high-value improvement areas 25

26 IBM Security: Delivering intelligence, integration and expertise across a comprehensive framework Only vendor in the market with end-toend coverage of the security foundation 6K+ security engineers and consultants Award-winning X-Force research Largest vulnerability database in the industry Intelligence Integration Expertise 26

27 Intelligence: Leading products and services in every segment 27

28 Get Engaged with IBM X-Force Research and Development Follow us Download X-Force security trend & risk reports ibm.com/services/us/iss/xforce/ Subscribe to X-Force alerts at or Frequency X at Attend in-person events ndar/ Join the Institute for Advanced Security Subscribe to the security channel for latest security videos 28