IBM Cybersecurity Securing global enterprise with innovation Shamla Naidoo VP, IBM Global CISO August 2018
Topics 01 02 03 Securing Large Complex Enterprise Accelerating With Artificial Intelligence And Blockchain Driving Transformation Through Agile
IBM at Glance 1911 FOUNDED 79.1B REVENUE 260,000 PATENTS 2,000+ CLOUD SERVICE PROVIDERS 2,600+ ENTERPRISE APPLICATIONS 46 DATA CENTERS OPERATING IN 177 COUNTRIES 350,000+ SERVERS 550,000+ WORKSTATIONS 380,000 FULL-TIME EMPLOYEES 350,000+ MOBILE DEVICES
Security Challenges in a hyper connected world Disappearing boundaries between enterprise and rest of the world Technology Evolution, specifically Cloud, IoT, and Artificial Intelligence Data, the most important asset to protect Criminal Hackers, smart and well funded 4 IBM Cybersecurity
Security Governance build a robust immune system THREAT INTELLIGENCE ENDPOINT NETWORK MOBILE SECURITY ORCHESTRATIO - N & ANALYTICS ADVANCED FRAUD DETECTION APPS IDENTITY & ACCESS DATA 5 IBM Cybersecurity
Manual validation IBM Tools (Qradar, Watson) Leveraging AI for Threat Detection & Response Security Operations Center (SOC) 24x7 monitoring enables us to proactively detect the attacks SOC data informs our ability to take preventative actions in future Log Events x trillion x trillion Potential attacks xxxx xxxx Confirmed attacks yyy yyy Incidents zz zz Noteworthy Incidents a 4Q18 a 1Q19 Observation IBM Watson for cyber is helping to reduce the time it takes to detect issues and respond 6 IBM Cybersecurity
AI & Cybersecurity A perfect marriage IBM Watson 7 2018 IBM Corporation
How AI Works AI technologies like machine learning and natural language processing enable analysts to respond to threats with greater confidence and speed. Learn Reason Augment 8 IBM Cybersecurity
AI in real life 9 IBM Cybersecurity
AI in real life 10 IBM Cybersecurity
10 11 IBM Cybersecurity
Manual validation IBM Tools (Qradar, Watson) Leveraging AI for Threat Detection & Response Security Operations Center (SOC) 24x7 monitoring enables us to proactively detect the attacks SOC data informs our ability to take preventative actions in future Log Events x trillion x trillion Potential attacks xxxx xxxx Confirmed attacks yyy yyy Incidents zz zz Noteworthy Incidents a 4Q18 a 1Q19 Observation IBM Watson for cyber is helping to reduce the time it takes to detect issues and respond 12 IBM Cybersecurity
3 Simple Questions What is it? Where is it being used? How are companies and industries leveraging it? 13 IBM Cybersecurity
Enterprise Agility Attacks continue to grow But Don t have unlimited budgets Don t have unlimited people Security skills are difficult to find Increasing demands from the business So How can still deliver security functions quickly and reduce the risk? 14 IBM Cybersecurity
Agile Operating Model Domain Tribe Squad Delivery Model Manage Demand Prioritize and Pull Work Showcase & Retrospect 15 IBM Cybersecurity
SecDevOps: Security Development Operations DEFINE DEVELOP Policy Architect/ Product Owner develops security requirements Prioritized risk based security requirements App Architect identifies app specific requirements Publishes requirements Developer implements security requirements MANAGE DETECT Continuous security monitoring Automated Security hardening Automated Deployment Automated Static Analysis/ IAST performed during development process 16 IBM Cybersecurity
IBM Cybersecurity THANK YOU Copyright IBM Corporation 2018. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. Any statement of direction represents IBM's current intent, is subject to change or withdrawal, and represent only goals and objectives. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM does not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party.