Notice on Names and Logos Used in This Presentation

Similar documents
May the (IBM) X-Force Be With You

Cybersecurity. You have been breached; What Happens Next THE CHALLENGE FOR THE FINANCIAL SERVICES INDUSTRY

Integrated, Intelligence driven Cyber Threat Hunting

Be effective in protecting against the cybercrime

Le sfide di oggi, l evoluzione e le nuove opportunità: il punto di vista e la strategia IBM per la Sicurezza

IBM Security. Endpoint Manager- BigFix. Daniel Joksch Security Sales IBM Corporation

Fabrizio Patriarca. Come creare valore dalla GDPR

Securing global enterprise with innovation

Cisco & IBM Security SECURING THE THREATS OF TOMORROW, TODAY, TOGETHER

IBM Security technology and services for GDPR programs GIULIA CALIARI SECURITY ARCHITECT

Detect Fraud & Financial Crime

Threat Intelligence to enhance Cyber Resiliency KEVIN ALBANO GLOBAL THREAT INTELLIGENCE LEAD IBM X-FORCE INCIDENT RESPONSE AND INTELLIGENCE SERVICES

The New Era of Cognitive Security

IBM Security Vaš digitalni imuni sistem. Dejan Vuković Security BU Leader South East Europe IBM Security

The McGill University Health Centre (MUHC)

Healthcare Cognitive Security

Combatting advanced threats with endpoint security intelligence

IBM MaaS360 Kiosk Mode Settings

Aligning with HIPAA mandates in healthcare

BigFix 101- Server Pricing

Ponemon Institute s 2018 Cost of a Data Breach Study

THE ACCENTURE CYBER DEFENSE SOLUTION

Securing Your Cloud Introduction Presentation

IBM Cloud Security for the Cloud. Amr Ismail Security Solutions Sales Leader Middle East & Pakistan

IBM Security Network Protection Solutions

Securing Your Digital Transformation

IBM Guardium Data Encryption

Panelists. Moderator: Dr. John H. Saunders, MITRE Corporation

Accelerating growth and digital adoption with seamless identity trust

IBM Future of Work Forum

85% 89% 10/5/2018. Do You Have A Firewall Around Your Cloud? Conquering The Big Threats & Challenges

How to Secure Your Cloud with...a Cloud?

SIEM: Five Requirements that Solve the Bigger Business Issues

IBM Security Strategy Intelligence, Integration and Expertise

RSA INCIDENT RESPONSE SERVICES

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

IBM services and technology solutions for supporting GDPR program

FOR FINANCIAL SERVICES ORGANIZATIONS

RSA NetWitness Suite Respond in Minutes, Not Months

Penetration testing a building automation system

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

Continuous Diagnostics and Mitigation demands, CyberScope and beyond

IBM Threat Protection System: XGS - QRadar Integration

Security by Default: Enabling Transformation Through Cyber Resilience

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE

ForeScout Extended Module for Splunk

IBM Application Security on Cloud

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

LTI Security Services. Intelligent & integrated Approach to Cyber & Digital Security

Gujarat Forensic Sciences University

Modern Realities of Securing Active Directory & the Need for AI

IT Security Mandatory Solutions. Andris Soroka 2nd of July, RIGA

Optimizing IBM QRadar Advisor with Watson

SWD & SSA Updates 2018

CloudSOC and Security.cloud for Microsoft Office 365

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

BigFix Query Unleashed!

THE SIX ESSENTIAL CAPABILITIES OF AN ANALYTICS-DRIVEN SIEM

SOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM

Let s Talk About Threat Intelligence

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

Managed Security Services - Endpoint Managed Security on Cloud

Kaspersky Security. The Power to Protect Your Organization

Today s cyber threat landscape is evolving at a rate that is extremely aggressive,

ISAM Advanced Access Control

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

MANAGED DETECTION AND RESPONSE

Transforming Security from Defense in Depth to Comprehensive Security Assurance

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

DATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI

Cybersecurity Auditing in an Unsecure World

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

RSA Advanced Security Operations Richard Nichols, Director EMEA. Copyright 2015 EMC Corporation. All rights reserved. 1

Protecting Against Online Fraud. F5 EMEA Webinar August 2014

locuz.com SOC Services

THE TRIPWIRE NERC SOLUTION SUITE

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

Business Context: Key for Successful Risk Management

with Advanced Protection

CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n

CyberArk Privileged Threat Analytics

Predators are lurking in the Dark Web - is your network vulnerable?

RSA INCIDENT RESPONSE SERVICES

Symantec Security Monitoring Services

MITIGATE CYBER ATTACK RISK

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

The GenCyber Program. By Chris Ralph

INTRODUCTION. We would like to thank HelpSystems for supporting this unique research. We hope you will enjoy the report.

SYMANTEC DATA CENTER SECURITY

Staying GDPR Ready with MaaS360. Ankur Acharya Offering Manager, IBM MaaS360

IBM Security Guardium Analyzer

Sustainable Security Operations

AT&T Endpoint Security

EFFECTIVELY TARGETING ADVANCED THREATS. Terry Sangha Sales Engineer at Trustwave

Securing Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &

SOLUTION BRIEF RSA NETWITNESS PLATFORM ACCELERATED THREAT DETECTION & AUTOMATED RESPONSE FROM THE ENDPOINT TO THE CLOUD

IBM Security Access Manager

People risk. Capital risk. Technology risk

IBM BigFix Compliance

Cybersecurity: Incident Response Short

Transcription:

Notice on Names and Logos Used in This Presentation NON-IBM PRODUCT AND SERVICE NAMES, LOGOS, AND BRANDS ARE PROPERTY OF THEIR RESPECTIVE OWNERS. ALL COMPANY, PRODUCT AND SERVICE NAMES USED IN THIS WEBSITE ARE FOR IDENTIFICATION PURPOSES ONLY. USE OF THESE NAMES, LOGOS, AND BRANDS DOES NOT IMPLY ENDORSEMENT. Distribution is Limited to Participants of Informations-Sicherheit in Zeiten von WhatsAPP und Co! Symposium, 27-28/6/2018, WHV

Cyber Protection Redefined: The Security Immune System Prof. Yaron Wolfsthal Head of IBM Security Center of Excellence, Israel wolfstal@il.ibm.com June 27, 2018

Scope of This Presentation Introduction Shipping Industry & Cyber Security Human Immune System Security Immune System Select Assets and Applications How IBM Can Help

IBM Cybersecurity Center of Excellence Joint initiative of IBM and Ben-Gurion University Missioned to accelerate security innovation to market Close work with clients, e.g., National CERT of Israel Date 2014 Established 2015 First Deliveries 2016 2017 Milestone Broad Impact across IBM Security Division 1/18 Expanding to B/S Cyber Park

IBM Cybersecurity Center of Excellence : Activities Innovation group for IBM Security Division Tight collaboration with Security product teams Research in new directions Client facing Government agencies Enterprise clients Academic collaboration with BGU & more

Partnerships & Collaborative Innovations In 2007, MIT scientist Peter Gloor published a seminal paper on the concept of "Collaborative Innovation Network" "a cyberteam of self-motivated people with a collective vision... achieving a common goal by sharing ideas, information, and work."

Shipping is the Life Blood of the Global Economy 90% of world trade 50,000 merchant ships trading internationally Fleet registered in 150 nations, manned by over a 1,000,000 seafarers of virtually every nationality Technically sophisticated (larger hi-tech vessels can cost over US $200M to build) Merchant ships generate an annual income of over half a trillion USD in freight rates Source: Ships are a Critical Infrastructure at a Global Scale

https://www.thetimes.co.uk/article/poorly-protected-ships-at-severe-risk-of-cyberattack-99jd6rq39

While ships and planes remain integral to worldwide shipping, cybersecurity uptake hasn t kept pace with technology adoption. As a result, cybercriminals could hijack both navigation and communication systems to steer ships off course

Stakes are High. What is the Industry Doing About It? 85security tools from45vendors MILLION unfilled security positions 1.5by 2020 HOPING IT S NOT ME SKIPPING THE BASICS BUILDING MORE BARRICADES CHECKING AUDIT BOXES ADDING MORE TOOLS BLOCKING THE CLOUD IGNORING PRIVILEGES BETTING ON BYOS

Adding More Tools with Little Impact Data access control Sandboxing Log, flow, data analysis Incident response Data monitoring IP reputation Content security Access management Firewalls Criminal detection Application security management Antivirus Privileged identity management Incident and threat management Entitlements and roles Malware protection Endpoint patching and management Workload protection Threat sharing Device management Fraud protection Identity management Network visibility Vulnerability management Anomaly detection Virtual patching Transaction protection Cloud access security broker Application scanning Indicators of compromise

The Human Immune System The human immune system is finely tuned and highly adaptive to fight off all kinds of attacks on the human body. Cells, tissues and organs work together to fight foreign invaders, and can instantly recognize an invader and take action to either block its entry or destroy it.

The Human Immune System: Lines of Defense Generic/Native Defenses (~1 day) Skin and membranes White blood cells Inflammatory response Specific/Adaptive Defenses (~1-7 weeks) Second line of defenses Lymphocytes (B & T Cells) Antibodies

In Contrast: How Society Tends to View Cyber Security Common trend to view cyber security as a diverse collection of technologies, algorithms, products each designed with a specific target in mind. Imagine What Would Happen if our Bodies Worked Like This!

Securing the Enterprise IBM Philosophy The industry should take a holistic view and strive to have an integrated and intelligent security immune system to counter emerging security threats much in analogy to the human immune system. Our research roadmap based on this vision

An Integrated and Intelligent Security Immune System Indicators of compromise Malware analysis Threat sharing Endpoint detection and response Endpoint patching and management Malware protection Security analytics Vulnerability management Threat and anomaly detection Network forensics and threat management Firewalls Sandboxing Virtual patching Network visibility and segmentation Transaction protection Device management Content security Fraud protection Criminal detection Application scanning Application security management User behavior analytics Incident response Threat hunting and investigation Data protection Data access control Privileged user management Identity governance and administration Access management IDaaS Mainframe security

Changing the Game with AI X-Force Exchange Malware Analysis X-Force IRIS App Exchange Hybrid Cloud Security Services BigFix Managed Detection & Response QRadar Incident Forensics QRadar Network Insights Managed Network Security Secure SD-WAN MaaS360 Mobile Device Management Trusteer Financial Malware Research QRadar Watson Resilient i2 Security Operations Consulting X-Force Command Centers X-Force IRIS AppScan Application Security on Cloud X-Force Red SDLC Consulting Guardium Multi-cloud Encryption Key Manager Critical Data Protection Services Identity Governance and Access Cloud Identity zsecure Identity Management Services Products Services

SECURITY IMMUNE SYSTEM: SAMPLE ASSETS & APPLICATIONS

The Centerpiece: Security Information & Event Management (SIEM) Collects security-related information and events from a variety of sources. Events forwarded to a centralized management console, which performs analysis and flags anomalies. Key capabilities Data aggregation Correlation Alerting Dashboards Compliance Retention Forensic analysis 1M s of EPS According to Gartner, IBM QRadar is a market leader in Security Information and Event Management (SIEM)

IBM Connected Vehicle Security Intelligence Solution Edge-based security architecture can be applied to other industries/use cases. Security intelligence capabilities Near real-time security visibility Alert prioritization Threat management Security Operation Center Security Information and Event Management (SIEM) Pre-SIEM analytics Centralized geo analysis Global, regional or user group specific view Security Analytics Network Logs Security Agent CAN Bus Logs OS Logs Creating security events Filters, combines, aggregates info from heterogeneous log sources Applies low-footprint context based anomaly detection algorithms 22 IBM Security

IBM Security Intelligence Solution for Smart Buildings Security intelligence capabilities: Monitoring the functionality of elevators/escalators for errors or disruptions in near real-time Pre-SIEM analytics: Analyzing globally whether equal equipment in different regions work similarly Anomaly detection algorithms: Performing steady security operations during non-availability of internet Security Operation Center Security Information and Event Management (SIEM) Security Analytics Agent 23 IBM Security

SECURITY IMMUNE SYSTEM: ORGANIZATIONAL ASSESSMENTS

The IBM Security Cyber Range Experience live fire in a safe, educational environment. Learn how crisis leadership skills can make or break a SoC. Work with real malware while learning to respond to internal and external threats. Participate in team-building war games that put team s skills to the test.

Threat Sharing Using X-Force Exchange

THANK YOU FOLLOW US ON: ibm.com/security securityintelligence.com xforce.ibmcloud.com @ibmsecurity youtube/user/ibmsecuritysolutions wolfstal@il.ibm.com Copyright IBM Corporation 2017. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. Any statement of direction represents IBM's current intent, is subject to change or withdrawal, and represent only goals and objectives. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM does not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback