Architektura bezpieczeństwa dla otwartych zintegrowanych systemów administracji publicznej

Similar documents
10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

May the (IBM) X-Force Be With You

Bringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016

Cybersecurity The Evolving Landscape

Altitude Software. Data Protection Heading 2018

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

IBM Security Systems. IBM X-Force 2012 & CISO Survey. Cyber Security Threat Landscape IBM Corporation IBM Corporation

Le sfide di oggi, l evoluzione e le nuove opportunità: il punto di vista e la strategia IBM per la Sicurezza

Everyday Security: Simple Solutions to Complex Security Problems

Handling Economic Uncertainty While moving forward to a Smarter Planet

2017 Annual Meeting of Members and Board of Directors Meeting

Securing a Dynamic Infrastructure. IT Virtualization new challenges

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

Future Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

Welcome to the SafeNet Day! Prague 1st of October Insert Your Name Insert Your Title Insert Date

AKAMAI CLOUD SECURITY SOLUTIONS

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

Securing Your Most Sensitive Data

CA Host-Based Intrusion Prevention System r8

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

SIEM: Five Requirements that Solve the Bigger Business Issues

What It Takes to be a CISO in 2017

Building an Effective Threat Intelligence Capability. Haider Pasha, CISSP, C EH Director, Security Strategy Emerging Markets Office of the CTO

IT Security Mandatory Solutions. Andris Soroka 2nd of July, RIGA

Cyber Risks in the Boardroom Conference

in PCI Regulated Environments

CYBER SECURITY OPERATION CENTER

Teradata and Protegrity High-Value Protection for High-Value Data

Security-as-a-Service: The Future of Security Management

White Paper. Why IDS Can t Adequately Protect Your IoT Devices

Reinvent Your 2013 Security Management Strategy

Detect Fraud & Financial Crime

PROTECTING BRANDS IN CYBERSPACE

FFIEC Cyber Security Assessment Tool. Overview and Key Considerations

PREPARE & PREVENT. The SD Comprehensive Cybersecurity Portfolio for Business Aviation

locuz.com SOC Services

Security Awareness Training Courses

ALTITUDE DOESN T MAKE YOU SAFE. Satcom Direct s Comprehensive Cyber Security Portfolio for Business Aviation

NEXT GENERATION SECURITY OPERATIONS CENTER

AT&T Endpoint Security

Cybersecurity and Nonprofit

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation

IP Risk Assessment & Loss Prevention By Priya Kanduri Happiest Minds, Security Services Practice

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

NetWitness Overview. Copyright 2011 EMC Corporation. All rights reserved.

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

Cyber-Threats and Countermeasures in Financial Sector

Converged security. Gerben Verstraete, CTO, HP Software Services Colin Henderson, Managing Principal, Enterprise Security Products

Are we breached? Deloitte's Cyber Threat Hunting

THE ACCENTURE CYBER DEFENSE SOLUTION

with Advanced Protection

PORTFOLIO OVERVIEW. Security. A Comprehensive Set of Security Services for Today s Complex Cyber Security Needs. Portfolio Overview.

A Framework for Managing Crime and Fraud

AZURE CLOUD SECURITY GUIDE: 6 BEST PRACTICES. To Secure Azure and Hybrid Cloud Environments

2018 IT Priorities: Cybersecurity, Cloud Outsourcing & Risk Management. Follow Along

Evolution of Cyber Security. Nasser Kettani Chief Technology Officer Microsoft, Middle East and Africa

IBM Security Network Protection Solutions

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

Security industry overview December 2016

Gujarat Forensic Sciences University

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

PROTECTION FOR WORKSTATIONS, SERVERS, AND TERMINAL DEVICES ENDPOINT SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

Keys to a more secure data environment

FOR FINANCIAL SERVICES ORGANIZATIONS

THE TRIPWIRE NERC SOLUTION SUITE

IBM Security Strategy Intelligence, Integration and Expertise

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Trend Micro Deep Security

Integrated, Intelligence driven Cyber Threat Hunting

ISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045

Avanade s Approach to Client Data Protection

SECURE SYSTEMS, NETWORKS AND DEVICES SAFEGUARDING CRITICAL INFRASTRUCTURE OPERATIONS

2015 VORMETRIC INSIDER THREAT REPORT

ABB Ability Cyber Security Services Protection against cyber threats takes ability

Network Security Protection Alternatives for the Cloud

ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY

Getting over Ransomware - Plan your Strategy for more Advanced Threats

EMPOWER PEOPLE IMPROVE LIVES INSPIRE SUCCESS

RSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief

Security Audit What Why

Building a Resilient Security Posture for Effective Breach Prevention

Total Security Management PCI DSS Compliance Guide

Cyber Security and Data Protection: Huge Penalties, Nowhere to Hide

Nebraska CERT Conference

Compliance Audit Readiness. Bob Kral Tenable Network Security

IBM Security Services Overview

CYBER SOLUTIONS & THREAT INTELLIGENCE

Jeff Wilbur VP Marketing Iconix

Protecting your data. EY s approach to data privacy and information security

Protecting from Attack in Office 365

Layer by Layer: Protecting from Attack in Office 365

CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

Mapping BeyondTrust Solutions to

June 2 nd, 2016 Security Awareness

RSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief

Designing and Building a Cybersecurity Program

Sage Data Security Services Directory

Social Engineering: We are the target Sponsor Guide

Transcription:

Architektura bezpieczeństwa dla otwartych zintegrowanych systemów administracji publicznej Robert Michalski, Security Tiger Team, Central & Eastern Europe robert.michalski@pl.ibm.com

Agenda 1 2 3 Threats on a smarter planet Towards security intelligence How IBM can help

The planet is getting more instrumented, interconnected, intelligent Smart Supply Chains Smart Countries INSTRUMENTED Smart Oil Field Technologies 3 Smart Regions Smart Retail Smart Water Management INTERCONNECTED Smart Healthcare Smart Traffic Systems Smart Weather Smart Energy Grids INTELLIGENT Smart Cities Smart Food Systems

The impact on public safety is real and growing External threats Sharp rise in external attacks from non-traditional sources Internal threats Ongoing risk of careless and malicious insider behavior Compliance Growing need to address an increasing number of mandates Cyber attacks Organized crime Corporate espionage State-sponsored attacks Social engineering Administrative mistakes Careless inside behavior Internal breaches Disgruntled employee actions Mix of private / corporate data National regulations Industry standards Local mandates Mobility Cloud / Virtualization Social Business Business Intelligence 4

Threats affect every enterprise, every industry, every region Internal abuse of key sensitive information Complexity of malware, ability to slowly leak data and affect critical business processes External data breach of third party data and theft of customer information Wikileaks Unauthorized release of classified records Stuxnet Targeted changes to process controllers refining uranium Epsilon Theft of customer data affected more than 100 companies IMPACT Close to $100M for the U.S. Army alone; damaged foreign relations worldwide Impact Degraded ability to safely process and control highly volatile materials Impact Up to $4 billion in costs for initial clean-up and longer term litigation risks 5

Making security a top concern, from the boardroom down Business results Brand image Supply chain Legal exposure Impact of hacktivism Audit risk Sony estimates potential $1B long term impact $171M / 100 customers HSBC data breach discloses 24K private banking customers Epsilon breach impacts 100 national brands TJX estimates $150M class action settlement in release of credit / debit card info Lulzsec 50-day hack-at-will spree impacts Nintendo, CIA, PBS, UK NHS, UK SOCA, Sony Zurich Insurance fined $3.8M for the loss and exposure of 46K customer records Can this happen to us? 6

Agenda 1 Threats on a smarter planet 2 Towards security intelligence 3 How we can help

Increased threats and compliance requirements require more automated and proactive approaches to security Organizations employ perimeter protection, which regulates access and feeds manual reporting Au utomated Manual Reactive Proactive Organizations use predictive and automated security analytics Security is layered into the IT fabric and business operations 8

And require a layered approach to managing physical, technology and human assets Security Domains Today Tomorrow: Security Intelligence People Data Manage identities per application Deploy access control and encryption Security Gap Employ role-based dashboard and privileged user management Monitor usage and control leakage Applications Scan for vulnerabilities Build securely from day one Infrastructure Block unwanted network access and viruses Execute real-time advanced threat detection and forensics Apply advanced correlation and deep analytics Reactive Proactive 9

What does it meant to get smart Use analytics to proactively highlight risks and identify, monitor and address threats Hello People Data Applications Infrastructure Governance, risk and compliance Advanced correlation and deep analytics Optimized Role based analytics Identity governance Privileged user controls Data flow analytics Data governance Secure application development Fraud detection Advanced network monitoring / forensics Secure systems Proficient Identity management Strong authentication Activity monitoring Data loss prevention Application firewall Source code scanning Asset management Endpoint / network security management Basic Passwords and user identities Encryption Access control Vulnerability scanning Perimeter security Anti-virus 10

Agenda 1 Threats on a smarter planet 2 Towards security intelligence 3 How we can help

We manage security for thousands of customers across the world, giving us a unique and current picture of threats and attacks 9 Security Operations Centers 9 Security Research Centers 11 Security Solution Development Centers 3 Institutes for Advanced Security (IAS) 133 Monitored Countries IAS Americas IAS Europe 3,700+ clients 9+ billion events per day IAS Asia Pacific IBM has unmatched global and local presence and expertise to help you manage the cost and complexity of security 12

IBM is committed to lead in the security marketplace The only vendor in the market with end-to-end coverage of the security foundation 15,000+ researchers, developers, and SMEs on security initiatives 3,000+ security and risk management patents 200+ security customer references and 50+ published case studies 40+ years of proven success securing the zseries environment 600+ security certified employees (CISSP,CISM,CISA,..) Security Acquisitions: DASCOM 13

IBM Security Solutions reach Professional Services Managed Services Products Cloud Delivered New Offerings GRC Security Governance, Risk and Compliance Identity & Access Management Data Security E-mail Security Identity Management Data Loss Prevention Encryption & Key Lifecycle Management Database Monitoring & Protection Security Information and Event Management (SIEM) & Log Management Access Management Data Entitlement Management Messaging Security Data Masking Application Security Application Vulnerability Scanning Web Application Firewall Web / URL Filtering Access & Entitlement Management SOA Security Infrastructure Security Vulnerability Assessment Virtual System Security Endpoint Protection Threat Analysis Security Event Management Managed Mobility Svcs Intrusion Prevention System Firewall, IDS/IPS MFS Management Mainframe Security Audit, Admin & Compliance Security Configuration & Patch Management Physical Security 14

We invest heavily in security research The mission of the IBM X-Force research and development team is to: Collaborate with world class security researchers from IBM on a wide range of advanced security topics: cyber security, cloud security, mobile security, security analytics, Understand the changing threat landscape by leveraging IBM's security intelligence developed from our broad monitoring and deep analysis research 10B analyzed Web pages & images 150M intrusion attempts daily 40M spam & phishing attacks 46K documented vulnerabilities Millions of unique malware samples 15

There is plenty of information available about IBM security solutions IBM Security Framework Business View Security Domains Issues & Drivers Foundational Security Mgmt Services Technical View Standards & principles IBM Security Blueprint Common Security Infrastructure features IBM Security Solutions Solution Architecture View Platforms Components Configurations Technologies and Practices Describes security issues from a business perspective. Describes a product agnostic view of security, based on client experience and common principles Catalogs of integrated products, services and solutions Client Briefings White Papers Guidance, Consulting RedBooks, RedGuides Solution Architectures Product Documentation 16

Trusted Advisor Security Company Solution Provider The Company Helping customers build smarter cities, grids, healthcare systems and more. A leading provider of security software and services across all market segments. A leading provider of smart software and hardware solutions around the world. systems and more. market segments. around the world. 400,000 employees across 130 countries with private data to protect and secure. IBM Security Solutions 17

Dziękuję Gracias Spanish Traditional Chinese Polish Thai Merci French Russian Obrigado Brazilian Portuguese Danke German Arabic Tack Swedish Simplified Chinese Japanese Grazie Italian

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback