Securing a Dynamic Infrastructure. Avinash Pandey CISA CISSP ITIL-F PMP IBM Internet Security Systems, ASEAN

Similar documents
Securing a Dynamic Infrastructure. IT Virtualization new challenges

Everyday Security: Simple Solutions to Complex Security Problems

IBM Internet Security Systems Proventia Management SiteProtector

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

IBM Security Services Overview

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

Architektura bezpieczeństwa dla otwartych zintegrowanych systemów administracji publicznej

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

IBM Rational Software

Changing face of endpoint security

CA Security Management

Best Practices in Securing a Multicloud World

Data Sheet: Endpoint Security Symantec Multi-tier Protection Trusted protection for endpoints and messaging environments

CISO View: Top 4 Major Imperatives for Enterprise Defense

Future-ready security for small and mid-size enterprises

Defense in Depth Security in the Enterprise

What It Takes to be a CISO in 2017

Threat Control and Containment in Intelligent Networks. Philippe Roggeband - Product Manager, Security, Emerging Markets

RSA RISK FRAMEWORKS MAKING DIGITAL RISK MANAGEABLE

Security in India: Enabling a New Connected Era

Cyber Resilience. Think18. Felicity March IBM Corporation

HP Fortify Software Security Center

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

eguide: Designing a Continuous Response Architecture 5 Steps to Reduce the Complexity of PCI Security Assessments

IBM Proventia Management SiteProtector Sample Reports

RSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief

University of Pittsburgh Security Assessment Questionnaire (v1.7)

SIEM: Five Requirements that Solve the Bigger Business Issues

AKAMAI CLOUD SECURITY SOLUTIONS

Continuous protection to reduce risk and maintain production availability

Gain Control Over Your Cloud Use with Cisco Cloud Consumption Professional Services

2018 GLOBAL CHANNEL PARTNER SURVEY THYCOTIC CHANNEL PARTNER SURVEY REPORT

Risk: Security s New Compliance. Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23

RSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief

Internet Scanner 7.0 Service Pack 2 Frequently Asked Questions

Securing the Empowered Branch with Cisco Network Admission Control. September 2007

IBM Security Systems. IBM X-Force 2012 & CISO Survey. Cyber Security Threat Landscape IBM Corporation IBM Corporation

CIO Forum Maximize the value of IT in today s economy

INTELLIGENCE DRIVEN GRC FOR SECURITY

ALTITUDE DOESN T MAKE YOU SAFE. Satcom Direct s Comprehensive Cyber Security Portfolio for Business Aviation

INSIDE. Integrated Security: Creating the Secure Enterprise. Symantec Enterprise Security

IBM Security Network Protection Solutions

Automated, Real-Time Risk Analysis & Remediation

Think Oslo 2018 Where Technology Meets Humanity. Oslo. Felicity March Cyber Resilience - Europe

Security Solutions. Overview. Business Needs

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

Protecting Your Digital World

CCISO Blueprint v1. EC-Council

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

Symantec Security Monitoring Services

Adaptive & Unified Approach to Risk Management and Compliance via CCF

Compliance Audit Readiness. Bob Kral Tenable Network Security

Bringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016

Rethinking Information Security Risk Management CRM002

Establish and Maintain Secure Cardholder Data with IBM Payment Card Industry Solutions

Security for Financial Services: Addressing the Perception Gaps in a Dynamic Landscape

Are we breached? Deloitte's Cyber Threat Hunting

Comprehensive Database Security

Cyber Criminal Methods & Prevention Techniques. By

IBM Europe, Middle East, and Africa Services Announcement ZS , dated October 6, 2009

The New Era of Cognitive Security

NERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS

Demystifying GRC. Abstract

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

Certified Information Systems Auditor (CISA)

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Total Protection for Compliance: Unified IT Policy Auditing

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE

Presented by Ingrid Fredeen and Pamela Passman. Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0

locuz.com SOC Services

Position Title: IT Security Specialist

Building a Resilient Security Posture for Effective Breach Prevention

SIEM Solutions from McAfee

DATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI

Combating Today s Cyber Threats Inside Look at McAfee s Security

THALES DATA THREAT REPORT

Meeting PCI DSS 3.2 Compliance with RiskSense Solutions

Securing Your Microsoft Azure Virtual Networks

Jeff Wilbur VP Marketing Iconix

Cisco Start. IT solutions designed to propel your business

CROWDSTRIKE FALCON FOR THE PUBLIC SECTOR

Stopping Advanced Persistent Threats In Cloud and DataCenters

GDPR: An Opportunity to Transform Your Security Operations

Converged security. Gerben Verstraete, CTO, HP Software Services Colin Henderson, Managing Principal, Enterprise Security Products

A Framework for Managing Crime and Fraud

Altitude Software. Data Protection Heading 2018

Securing Your Amazon Web Services Virtual Networks

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

THE POWER OF TECH-SAVVY BOARDS:

Security-as-a-Service: The Future of Security Management

Run the business. Not the risks.

Vulnerability Assessments and Penetration Testing

Paper. Delivering Strong Security in a Hyperconverged Data Center Environment

Cybersecurity Threat Modeling ISACA Atlanta Chapter Geek Week Conference

Handling Economic Uncertainty While moving forward to a Smarter Planet

SYMANTEC DATA CENTER SECURITY

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

Angelo Gentili Head of Business Development, EMEA Region, PartnerNET

NEXT GENERATION SECURITY OPERATIONS CENTER

Critical Infrastructure Protection (CIP) as example of a multi-stakeholder approach.

Transcription:

Securing a Dynamic Infrastructure Avinash Pandey CISA CISSP ITIL-F PMP IBM Internet Security Systems, ASEAN avinash@sg.ibm.com +65-91051690

AGENDA The Changing World of Security IBM ISS X-Force Trend Report 2008 IBM ISS Protection Platform IBM Security Framework X-Force IBM ISS Security Solutions in Action 2

Global market forces are impacting us all Reality of living in a globally integrated world Widespread impact of economic downturn and uncertainty New customer demands and business models Information explosion and risk/opportunity growth Businesses are under increasing pressure to effectively: Manage operational cost and complexity Deliver continuous and high-quality service Address security risks intensified by innovation, emerging technologies and data/information explosion. We have seen more change in the last 10 years than in the previous 90. Ad J. Scheepbouwer, CEO, KPN Telecom The planet is getting instrumented, interconnected and intelligent. 3

Welcome to the smart planet and a smarter infrastructure Globalization and Globally Available Resources Billions of mobile devices accessing the Web Access to streams of information in the Real Time New Forms of Collaboration New possibilities. New complexities. New risks. 4

The real security problem? Complexity remains the biggest security challenge! InformationWeek 2008 Security Survey Compliance spending: investing in more point products to solve more point problems New methods and motives: adding to the complexity and sheer number of risks We have put so many security products into our systems that the complexity of the sum of those security products has become itself part of the problem. Dan Geer Keynote Speaker Source Boston Conference March 2008 IT Innovation: requiring new ways to secure the new ways we collaborate 5 The global economy: driving new security support requirements Flexibility in business methods: to improve operations and serve customers

Not all risks are created equal.. Frequency of Occurrences Per Year frequent infrequent 1,000 100 10 1 1/10 1/100 1/1,000 1/10,000 Virus Worms Data Corruption System Availability Failures Disk Failure Network Problem Data Leakage Application Outage Failure to meet Compliance Mandates Lack of governance Failure to meet Industry standards Workplace inaccessibility Terrorism/Civil Unrest Regional Power Failures Building Fire Natural Disaster Pandemic 1/100,000 $1 $10 $100 $1,000 $10k $100k $1M $10M $100M low Consequences (Single Occurrence Loss) in Dollars per Occurrence high 6

Neither are all Security solutions Find a balance between effective security and cost The axiom never spend $100 dollars on a fence to protect a $10 horse Studies show the Pareto Principle (the 80-20 rule) applies to IT security* 87% of breaches were considered avoidable through reasonable controls Pressure Cost Complexity Effectiveness Agility Time Small set of security controls provide a disproportionately high amount of coverage Critical controls address risk at every layer of the enterprise and Organizations that use security controls have significantly higher performance* *Sources: W.H. Baker, C.D. Hylender, J.A. Valentine, 2008 Data Breach Investigations Report, Verizon Business, June 2008 ITPI: IT Process Institute, EMA December 2008 7

IBM ISS X-Force Trend Report 2008 8

The mission of the IBM Internet Security Systems X-Force research and development team is to: Research and evaluate threat and protection issues Develop new technology for tomorrow s security challenges Deliver security protection for today s security problems Educate the media and user communities 9

The Security Landscape of Old Traditional Infrastructure was easier to protect... Concrete entities that were easy to understand Attack surface and vectors were very well-defined Application footprint very static Perimeter defense was king 10

The Changing Security Landscape of Today Webification has changed everything... Infrastructure is more abstract and less defined Everything needs a web interface Agents and heavy clients are no longer acceptable Traditional defenses no longer apply 11

This infrastructure abstraction has transformed the threat landscape into a parasitic era! The threats of today and tomorrow are acting as parasites Compromises are used as spring boards for further compromises Threats remain hidden and use affected infrastructure to grow and spread Threats depend upon the health and continued operation of the infrastructure they attack rather than being destructive, they feed off the host As computing infrastructure evolves and innovates, threats utilize new features and functions to increase exploitation and leverage new technology 12

Vulnerability Highlights Overall number of disclosed vulnerabilities increased in comparison to previous years Percent of high vulnerabilities continued to climb and 39% of all disclosed vulnerabilities are considered high or critical (CVSS ranking) Web-centric technologies have the most focus for vulnerability researchers and attackers alike 13

Vulnerability Impact 14

Exploitation Realities and Dynamics 15

Growth of Web Application Vulnerabilities 16

Endpoint Vulnerabilities The availability of public exploits for endpoint-related vulnerabilities is increasing More than 80% of these public exploits released on the same day as the vulnerability 17

Primary Exploit Target: Browser Plug-Ins The majority of publicly released exploits are for browser plug-ins The top five most exploited browser vulnerabilities all target plug-ins Although most active exploitation focuses on older vulnerabilities, newer attack tools have automatic methods to incorporate the most recent exploits 18

Virtualization Vulnerabilities by Year XFDB Search: VMware, Xen, Virtual PC, QEMU, Parallels, etc. 19 19

VoIP Security Critical and high VOIP vulnerabilities were nearly double the number seen in 2007 Threats to VoIP infrastructure Man in the Middle Attacks Phishing Privacy Spam over VoIP (SPIT) Denial of Service (DoS) VoIP Assets that need protection: Underlying Network Call Servers (OS) Call Gateways Phones/Soft phones 20

IBM ISS Protection Platform Among the most advanced and complete security architecture ever developed delivering preemptive security Redefine and Simplify IT Risk Management Establish a Total Security Framework and Solutions Portfolio IBM Security Framework Simplify the Security Risk Lifecycle The X-Force team Drives IBM ISS Security Innovation X-Force R & D 21

IBM Security Framework: A comprehensive approach to a complex issue The The IBM IBM Security Security Framework Framework Security Security Governance, Governance, Risk Risk Management Management and and Compliance Compliance People and Identity Data and Information Application and Process Network, Server, and End-point Physical Infrastructure Common Policy, Event Handling and Reporting Common Policy, Event Handling and Reporting Helps you see your whole security landscape Identifies business risks and Shows you where gaps might exist Identifies security postures that help you meet risk levels Identifies activities to close gaps Helps prioritize security initiatives 22

PEOPLE AND IDENTITY Manage Identities and Access Issues Understanding the identity risk gap Cost of administering users and identities in-house Privileged user activity unmonitored Dormant IDs or shared identities being used to inappropriately access resources IBM Security Offerings Identity Lifecycle Management High-Assurance Digital Identities Identity Audit Identity & Access Design and Implementation Services ISS Managed Identity Services How can my business benefit from management of digital identity? Values Reduces the cost, increases efficiency and enables audit-ability of managing flow of users entering, using, and leaving the organization Decreases risk of internal fraud, data leak, or operational outage Supports globalization of operations Improves end-user experience with Web-based business applications by enabling such activities such as single sign-on 23

DATA AND INFORMATION Issues IBM Security Offerings Protect Data and Information How can I reduce the cost and pain associated with tracking and controlling who touched what data when? Data stored on removable media that can be lost/stolen Data stored or transmitted in the clear is easily accessible Inconsistent data policies and unstructured data Legal, regulatory and ethical exposure for the organization Costs of data breaches, notification, brand value Values ISS Data Security and Data Loss Prevention solutions Network Data Loss Prevention Endpoint Data Loss Prevention Data Encryption Data Classification Unstructured Data Security Data Privacy and Masking Reduces the cost, increases ability to meet audit and compliance mandates Assures data is available to the right people, at the right time Assures data is not deliberately or inadvertently taken, leaked, or damaged Decreases number and complexity of controls integrated within the enterprise 24

APPLICATION AND PROCESS Secure Web Applications Issues Web applications #1 target of hackers seeking to exploit vulnerabilities Applications are deployed with vulnerabilities Real and/or private data exposed to anyone with access to development and test environments, including contractors and outsourcers IBM Security Offerings Application Vulnerabilities Assessment Application Access Controls Messaging Security Security for SOA How can my business benefit from management of application security? Values Reduce risk of outage, defacement or data theft associated with web applications Improve compliance with industry standards and regulatory requirements Automated testing and governance throughout the development lifecycle, reducing long-term security costs 25

NETWORK, SERVER AND END POINT Issues IBM Security Offerings Manage Infrastructure Security Systems Storage Virtual Network How does my business benefit from infrastructure security protection? Mass commercialization and automation of threats Parasitic, stealthier, more damaging attacks Lack of skills to monitor and manage security inputs Compounding cost of managing an ever increasing array of security technologies Inability to establish forensic evidence or demonstrate compliance Values Threat Mitigation: ISS Network, Server and Endpoint Intrusion Prevention products powered by X-Force, Managed Intrusion Prevention and Detection, Network Mail Security, Managed firewall services, Vulnerability Management and Scanning Services Security Governance: Vulnerability Assessments, Security architecture and policy development Incident Response: Incident Management and Emergency Response services Reduces cost of ongoing management of security operations Improves operational availability and assures performance against SLA, backed by industry s only guaranteed SLA for managed protection services Increases productivity by decreasing risk of virus, worm and malcode infestation Decreases volume of incoming spam Drill down on specific violations to quickly address resolution 26

Protection products for the entire enterprise IBM Proventia Management SiteProtector system Unified security console manages all protection products Vulnerability Protection Network Protection Host Protection Data Leakage Prevention IBM Proventia Network Enterprise Scanner IBM Internet Scanner software IBM System Scanner vulnerability assessment application IBM Proventia Network Intrusion Detection System (IDS) IBM Proventia Server IBM Proventia Network IPS Intrusion Prevention System (IPS) IBM Proventia Server IBM Proventia Network Sensor Multi-Function Security (MFS) IBM Proventia Network Mail Security System IBM Extrusion Prevention - Fidelis XPS 27

Protection products for the entire enterprise IBM Proventia Management SiteProtector system Unified security console manages all protection products Reduce exposure to threats Block Network Threats Prevent Host Compromise Prevents Data Leakage Vulnerability Protection Network Protection Host Protection Data Leakage Prevention Identify and prioritize risk IBM Provide Proventia remediation Network Enterprise and measure Scanner results IBM Internet Scanner Meet compliance software IBM mandates System Scanner vulnerability assessment application Shield vulnerabilities Prevent host compromise ahead of patching Protect endpoint devices IBM Up Proventia to 10G throughput Network and IBM valuable Proventia data Server stored IPS Intrusion Detection System (IDS) on hosts Backed by leading IBM Proventia Desktop IBM Proventia Network Endpoint Security Intrusion security Prevention researchsystem (IPS) Prevent and identify the IBM Proventia Wireless IBM Proventia Network source Endpoint of insider Security attacks Prevent spam, spyware, Multi-Function Security (MFS) unwanted Web content Prove the security of IBM Proventia Network Mail and Security targeted System attacks sensitive information for IBM Proventia Web Filter technology compliance IBM Proventia Network Access Control Fidelis XPS prevents leakage of sensitive content IBM Extrusion Prevention - Inbound Fidelis XPS and outbound security for enterprise networks Identify and stop policy violations 28

IBM experience demonstrates how we help customers cut costs while addressing unique business challenges Industry: Financial Services Industry: Manufacturing Business challenge: Increase security spending preventing critical business investments Business challenge: Excessive mgmt. costs (Resources, and infrastructure), poor security performance Industry: Media and Entertainment Business challenge: Need to cost effectively secure remote locations while maximizing bandwidth Solution: Information Security Assessment Completed effort in 8 weeks Solution: Managed Security Services Reduced on-going mgmt. costs of security infrastructure by 45% Solution: IBM Proventia Multifunction appliances Benefit: Detailed roadmap for streamlining security process and infrastructure saved approx. US$1.5 million in investment costs Benefit: Lowered long-term support and management costs Benefit: Reduced companywide ISP costs by $260K per year 29

We also help organizations leverage existing infrastructure to help get more value from their IT investments Industry: Travel and transportation Business challenge: Application performance issues resulting from insufficient security Solution: Application Security Assessment Completed effort in 6 weeks Benefit: US$1.7 million first year savings Industry: Electronics Industry: Healthcare Business challenge: Excessive security management costs, information overload, and remote site security management Business challenge: Managing compliance regulations and evolving threats was placing a burden on the IT staff Solution: Managed Security Services 3 year contract Solution: Managed Security Services 24x7 protection by an army of highly trained engineers Benefit: Leveraged existing security technology investments Allowed for re-deployment of IT resources Total cost savings of 30+% over 3 years Benefit: Confidence of network security protection Reduction of in-house security costs by 55 percent 30

Where do You begin? Client Security Readiness Workshop Understand your security readiness, using a capability maturity model, across the IT security domains Balance your security focus and investment Develop a ranked security roadmap 31

IBM s security philosophy: Thoughtful balance to increase business value A secure environment is essential for organizations to deliver products and services to customers, and to take advantage of growth opportunities. Security management is integral to business strategy. It s the result of a thoughtful balance between opportunity, exposure and most importantly, Prioritization. 32

Why partner with IBM? Zurich, CH Toronto, CA Detroit, US Brussels, BE Almaden, US Boulder, US Atlanta, US TJ Watson, US Haifa,IL Tokyo, JP Tokyo, JP Sao Paulo, Brazil New Delhi, IN Brisbane, AU 8 Security Operations Centers 6 Security Research Centers + + 133 Monitored Countries 17,000+ managed devices 2,600+ MSS Customers world wide + + + 2.5 Billion Events per day IBM ISS has the unmatched global and local expertise to deliver complete solutions and manage the cost and complexity of security 33

34

Avinash Pandey CISA CISSP ITIL-F PMP Security and Privacy Services, ASEAN avinash@sg.ibm.com +65-91051690 35

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback