The New Era of Cognitive Security

Similar documents
Integrated, Intelligence driven Cyber Threat Hunting

May the (IBM) X-Force Be With You

Threat Intelligence to enhance Cyber Resiliency KEVIN ALBANO GLOBAL THREAT INTELLIGENCE LEAD IBM X-FORCE INCIDENT RESPONSE AND INTELLIGENCE SERVICES

Be effective in protecting against the cybercrime

Fabrizio Patriarca. Come creare valore dalla GDPR

IBM Security technology and services for GDPR programs GIULIA CALIARI SECURITY ARCHITECT

RSA NetWitness Suite Respond in Minutes, Not Months

Cybersecurity. You have been breached; What Happens Next THE CHALLENGE FOR THE FINANCIAL SERVICES INDUSTRY

Securing global enterprise with innovation

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

IBM Security Network Protection Solutions

Le sfide di oggi, l evoluzione e le nuove opportunità: il punto di vista e la strategia IBM per la Sicurezza

IBM MaaS360 Kiosk Mode Settings

The McGill University Health Centre (MUHC)

Ponemon Institute s 2018 Cost of a Data Breach Study

Healthcare Cognitive Security

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

BigFix 101- Server Pricing

THE EVOLUTION OF SIEM

IBM Application Security on Cloud

SOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM

SOLUTION BRIEF RSA NETWITNESS NETWORK VISIBILITY-DRIVEN THREAT DEFENSE

ISAM Advanced Access Control

Let s Talk About Threat Intelligence

Cisco & IBM Security SECURING THE THREATS OF TOMORROW, TODAY, TOGETHER

Combatting advanced threats with endpoint security intelligence

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

ISAM Federation STANDARDS AND MAPPINGS. Gabriel Bell IBM Security L2 Support Jack Yarborough IBM Security L2 Support.

How to Secure Your Cloud with...a Cloud?

Meeting PCI DSS 3.2 Compliance with RiskSense Solutions

Predators are lurking in the Dark Web - is your network vulnerable?

Arbor Networks Spectrum. Wim De Niel Consulting Engineer EMEA

Are we breached? Deloitte's Cyber Threat Hunting

EFFECTIVELY TARGETING ADVANCED THREATS. Terry Sangha Sales Engineer at Trustwave

align security instill confidence

Prescriptive Security Operations Centers. Leveraging big data capabilities to build next generation SOC

RSA INCIDENT RESPONSE SERVICES

Accelerating growth and digital adoption with seamless identity trust

Power of the Threat Detection Trinity

IBM Security. Endpoint Manager- BigFix. Daniel Joksch Security Sales IBM Corporation

with Advanced Protection

IBM Guardium Data Encryption

CYBER SOLUTIONS & THREAT INTELLIGENCE

deep (i) the most advanced solution for managed security services

RSA INCIDENT RESPONSE SERVICES

Transforming Security from Defense in Depth to Comprehensive Security Assurance

Notice on Names and Logos Used in This Presentation

Cybersecurity Risk Mitigation: Protect Your Member Data. Introduction

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

Un SOC avanzato per una efficace risposta al cybercrime

THE SIX ESSENTIAL CAPABILITIES OF AN ANALYTICS-DRIVEN SIEM

THE ACCENTURE CYBER DEFENSE SOLUTION

Continuous protection to reduce risk and maintain production availability

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

Building an Effective Threat Intelligence Capability. Haider Pasha, CISSP, C EH Director, Security Strategy Emerging Markets Office of the CTO

OUTSMART ADVANCED CYBER ATTACKS WITH AN INTELLIGENCE-DRIVEN SECURITY OPERATIONS CENTER

SWD & SSA Updates 2018

Threat Containment and Operations. Yong Kwang Kek, Director of Presales SE, APJ

Building Resilience in a Digital Enterprise

Six Weeks to Security Operations The AMP Story. Mike Byrne Cyber Security AMP

RiskSense Attack Surface Validation for IoT Systems

Risk: Security s New Compliance. Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

CloudSOC and Security.cloud for Microsoft Office 365

Incident Response Services to Help You Prepare for and Quickly Respond to Security Incidents

BigFix Query Unleashed!

MITIGATE CYBER ATTACK RISK

SIEMLESS THREAT DETECTION FOR AWS

The GenCyber Program. By Chris Ralph

IBM Security Strategy Intelligence, Integration and Expertise

RSA Advanced Security Operations Richard Nichols, Director EMEA. Copyright 2015 EMC Corporation. All rights reserved. 1

Designing an Adaptive Defense Security Architecture. George Chiorescu FireEye

IBM Next Generation Intrusion Prevention System

Automated Response in Cyber Security SOC with Actionable Threat Intelligence

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

ATTIVO NETWORKS THREATDEFEND INTEGRATION WITH MCAFEE SOLUTIONS

Seven Steps to Ease the Pain of Managing a SOC

ForeScout Extended Module for Splunk

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

DATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI

MSS VSOC Portal Single Sign-On Using IBM id IBM Corporation

SOLUTION BRIEF RSA NETWITNESS PLATFORM ACCELERATED THREAT DETECTION & AUTOMATED RESPONSE FROM THE ENDPOINT TO THE CLOUD

Agenda. Why we need a new approach to endpoint security. Introducing Sophos Intercept X. Demonstration / Feature Walk Through. Deployment Options

Modern Realities of Securing Active Directory & the Need for AI

Key Technologies for Security Operations. Copyright 2014 EMC Corporation. All rights reserved.

Continuous Diagnostics and Mitigation demands, CyberScope and beyond

Staying GDPR Ready with MaaS360. Ankur Acharya Offering Manager, IBM MaaS360

Traditional Security Solutions Have Reached Their Limit

21ST CENTURY CYBER SECURITY FOR MEDIA AND BROADCASTING

Cylance Axiom Alliances Program

HOSTED SECURITY SERVICES

IBM Security April Cognitive security. Evolve your defenses with security that understands, reasons and learns

4/13/2018. Certified Analyst Program Infosheet

WHITEPAPER. Enterprise Cyber Risk Management Protecting IT Assets that Matter

locuz.com SOC Services

Managed Endpoint Defense

SIEM: Five Requirements that Solve the Bigger Business Issues

Security Information & Event Management (SIEM)

Insider Threat Detection Including review of 2017 SolarWinds Federal Cybersecurity Survey

RSA RISK FRAMEWORKS MAKING DIGITAL RISK MANAGEABLE

Transcription:

The New Era of Cognitive Security IBM WATSON SUMMIT KANOKSAK RATCHAPAT Senior Technical Sales 1

Today s security challenges ACTORS TARGETS VECTORS REALITY Organized Crime Healthcare Ransomware Cloud, mobile, IoT Malicious Insiders Manufacturing Phishing, Exploit Kits Compliance Nation States Hacktivists Government Financials Stealthy Malware Denial of Service Human error Skills gap 2

Today s attacks require a strategic security approach Yesterday s Attacks Indiscriminate malware, spam and DDoS activity Today s Attacks Advanced, persistent, organized, politically or financially motivated Tactical Approach Compliance-driven, reactionary Build multiple perimeters Protect all systems Use signature-based methods Periodically scan for known threats Shut down systems Strategic Approach Intelligent, orchestrated, automated Assume constant compromise Prioritize high-risk assets Use behavioral-based methods Continuously monitor activity Gather, preserve, retrace evidence It takes power and precision to stop adversaries and unknown threats 3

The next era of security PERIMETER CONTROLS INTELLIGENCE and INTEGRATION COGNITIVE, CLOUD, and COLLABORATION 4

Evolving to Cognitive Scale and magnify human cognition by leveraging automation Human-centric communications Natural language sources and processing Continuous machine learning Evidence-based reasoning Technique Advanced visualizations Interactive vulnerability analysis, risk assessment, remediation, possible attribution Textual descriptions of past and current security breaches Integrated vulnerability data per application and OS version Deep learning and ensemble weighting techniques Continuous extraction of features and patterns Provide evidence Spot flawed logic Outcome Ease the task of the security analyst Consolidate threat intelligence Context in real time Improve threat analyst decision-making Enable analysts to weigh possible alternative outcomes Improve human reasoning 5

Most security knowledge is untapped Traditional Security Data Security events and alerts Logs and configuration data User and network activity Threat and vulnerability feeds Human Generated Knowledge A universe of security knowledge dark to your defenses Threat intelligence Webpages Research documents Wikis Industry publications News sources Forensic information Wikis Conference presentations Newsletters Analyst reports Tweets Blogs 6

Cognitive systems bridge this gap and unlock a new partnership between security analysts and their technology Human Expertise Common sense Abstraction Morals Compassion Dilemmas Generalization SECURITY ANALYSTS Security Analytics Cognitive Security Data correlation Unstructured analysis Pattern identification Natural language Anomaly detection Question and answer Prioritization Machine learning Data visualization Workflow SECURITY ANALYTICS COGNITIVE SECURITY Bias elimination Tradeoff analytics 7

A day in the life of investigating threats Time consuming threat analysis 1 HOUR Gets caught up on the latest security news through bulletins and social networks in order to identify new threats 3 HOURS Repeatedly investigates potential security incidents via online sources 4 HOURS Manually copies and pastes information from disparate and siloed tools to correlate data Rafael Security Analyst All this mundane time spent, yet STILL SO MANY FALSE POSITIVES! 8

What I need is to feel human again. I need help from an experienced and trusted security advisor. 9

Introducing IBM Watson for cyber security Unlock new possibilities. The world s first Cognitive analytics solution using core Watson technology to help analysts understand, reason, and learn about security topics and threats. 10

Watson for cyber security will significantly reduce threat research and response time Manual threat analysis Incident Triage Investigation and Impact Assessment Remediation Days to Weeks IBM Watson for cyber security assisted threat analysis Incident Triage Investigation and Impact Assessment Remediation Minutes to Hours Quick and accurate analysis of security threats, saving precious time and resources 11

With the help of Watson, Rafael can become more proactive Quick and accurate analysis of security threats, saving precious time and resources Faster investigations Clear backlog easier Increased investigative skills Heavy lifting done beforehand Rafael Security Analyst Less time on the mundane, more time being human! 12

13

14

News Alert! Watson won't make you W@nn@Cry https://www.linkedin.com/pulse/wipe-your-eyes-watson-wont-make-you-wnncrychris-hankins-cissp-cfce https://exchange.xforce.ibmcloud.com/collection/responding-to-wcry2-with-ibm- Security-products-b56b983b9bec02493be6fce718879dc6 15

THANK YOU FOLLOW US ON: ibm.com/security securityintelligence.com xforce.ibmcloud.com @ibmsecurity youtube/user/ibmsecuritysolutions Copyright IBM Corporation 2016. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. Any statement of direction represents IBM's current intent, is subject to change or withdrawal, and represent only goals and objectives. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM does not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback