Everyday Security: Simple Solutions to Complex Security Problems

Similar documents
Securing a Dynamic Infrastructure. IT Virtualization new challenges

Securing a Dynamic Infrastructure. Avinash Pandey CISA CISSP ITIL-F PMP IBM Internet Security Systems, ASEAN

Handling Economic Uncertainty While moving forward to a Smarter Planet

Fabrizio Patriarca. Come creare valore dalla GDPR

IBM Security Services Overview

Bringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016

Oracle Buys Palerra Extends Oracle Identity Cloud Service with Innovative Cloud Access Security Broker

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

A Pragmatic Path to Compliance. Jaffa Law

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

HIMSS 15 Doing Better Business in the Era of Data Security and Privacy

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

Data Management and Security in the GDPR Era

locuz.com SOC Services

IBM Security Systems. IBM X-Force 2012 & CISO Survey. Cyber Security Threat Landscape IBM Corporation IBM Corporation

Keep the Door Open for Users and Closed to Hackers

IBM Tivoli Directory Server

Oracle Buys Automated Applications Controls Leader LogicalApps

RSA RISK FRAMEWORKS MAKING DIGITAL RISK MANAGEABLE

White Paper. How to Write an MSSP RFP

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

Cyber Security Program

How to Write an MSSP RFP. White Paper

Cyber Resilience. Think18. Felicity March IBM Corporation

Vulnerability Assessments and Penetration Testing

Certified Information Security Manager (CISM) Course Overview

Threat and Vulnerability Assessment Tool

2018 GLOBAL CHANNEL PARTNER SURVEY THYCOTIC CHANNEL PARTNER SURVEY REPORT

BHConsulting. Your trusted cybersecurity partner

THE POWER OF TECH-SAVVY BOARDS:

RSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief

INTELLIGENCE DRIVEN GRC FOR SECURITY

Cylance Axiom Alliances Program

Canada Highlights. Cybersecurity: Do you know which protective measures will make your company cyber resilient?

Architektura bezpieczeństwa dla otwartych zintegrowanych systemów administracji publicznej

Rethinking Information Security Risk Management CRM002

FOUNDATION CERTIFICATE IN INFORMATION SECURITY v2.0 INTRODUCING THE TOP 5 DISCIPLINES IN INFORMATION SECURITY SUMMARY

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

Securing Your Digital Transformation

Cyber Risks in the Boardroom Conference

TRUE SECURITY-AS-A-SERVICE

Mastering The Endpoint

Best Practices in Securing a Multicloud World

RFP/RFI Questions for Managed Security Services. Sample MSSP RFP Template

Security. Made Smarter.

IBM Security technology and services for GDPR programs GIULIA CALIARI SECURITY ARCHITECT

National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference

20 years of Lotus Notes and a look into the next 20 years Lotusphere Comes To You

Cyber Threat Landscape April 2013

Run the business. Not the risks.

2018 Data Security Incident Response Report Building Cyber Resilience: Compromise Response Intelligence in Action

Marketing with National Bank Financial

BHConsulting. Your trusted cybersecurity partner

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Overview. Business value

Continuous protection to reduce risk and maintain production availability

Forensic analysis with leading technology: the intelligent connection Fraud Investigation & Dispute Services

Cybersecurity Protecting your crown jewels

Evolving the Security Strategy for Growth. Eric Schlesinger Global Director and CISO Polaris Alpha

Managing SaaS risks for cloud customers

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

Vulnerability Management. June Risk Advisory

Establish and Maintain Secure Cardholder Data with IBM Payment Card Industry Solutions

Marketing with Northland Capital Markets

Enterprise GRC Implementation

align security instill confidence

Position Title: IT Security Specialist

Information Technology Branch Organization of Cyber Security Technical Standard

The Honest Advantage

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE

10 Cloud Myths Demystified

IBM smarter Business Resilience in the Cloud

10 Cloud Myths Demystified

IBM Resilient Incident Response Platform On Cloud

University of Pittsburgh Security Assessment Questionnaire (v1.7)

IBM Internet Security Systems Proventia Management SiteProtector

Securing Digital Transformation

GDPR: Get Prepared! A Checklist for Implementing a Security and Event Management Tool. Contact. Ashley House, Ashley Road London N17 9LZ

Balancing Compliance and Operational Security Demands. Nov 2015 Steve Winterfeld

The NIS Directive and Cybersecurity in

Enabling Security Controls, Supporting Business Results

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY

Operationalizing the Three Principles of Advanced Threat Detection

IT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18

Unlocking the Power of the Cloud

A new approach to Cyber Security

The McGill University Health Centre (MUHC)

WHITE PAPER. Operationalizing Threat Intelligence Data: The Problems of Relevance and Scale

TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. John McDonald

NEXT GENERATION SECURITY OPERATIONS CENTER

CISO View: Top 4 Major Imperatives for Enterprise Defense

Building a Resilient Security Posture for Effective Breach Prevention

The Road to a Secure, Compliant Cloud

Cybersecurity: Considerations for Internal Audit. Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016

SECURITY & PRIVACY DOCUMENTATION

AKAMAI CLOUD SECURITY SOLUTIONS

GDPR: An Opportunity to Transform Your Security Operations

Gain Control Over Your Cloud Use with Cisco Cloud Consumption Professional Services

2017 RIMS CYBER SURVEY

Transcription:

Everyday Security: Simple Solutions to Complex Security Problems Adrian Aldea Tivoli Technical Sales IBM South East Europe

The world continues to get flatter, smaller and more interconnected through forces such as free trade, the Internet and globalization. 2

Global market forces are impacting us all Reality of living in a globally integrated world Widespread impact of economic downturn and uncertainty Energy shortfalls and erratic commodity prices New customer demands and business models Information explosion and risk/opportunity growth Businesses are under increasing pressure to effectively: Manage operational cost and complexity Deliver continuous and high-quality service Address security risks intensified by innovation, emerging technologies, data/information explosion, etc. We have seen more change in the last 10 years than in the previous 90. Ad J. Scheepbouwer, CEO, KPN Telecom The planet is getting instrumented, interconnected and intelligent. 3

Welcome to the smart planet and a smarter infrastructure Globalization and Globally Available Resources Billions of mobile devices accessing the Web Access to streams of information in the Real Time New Forms of Collaboration New possibilities. New complexities. New risks. 4

Managing risks introduced by new opportunities Emerging technology Virtualization and cloud computing increase infrastructure complexity. Web 2.0 and SOA style composite applications introduce new challenges with the applications being a vulnerable point for breaches and attack. Data and information explosion Data volumes are doubling every 18 months.* Storage, security, and discovery around information context is becoming increasingly important. Wireless world Mobile platforms are developing as new means of identification. Security technology is many years behind the security used to protect PCs. Supply chain The chain is only as strong as the weakest link partners need to shoulder their fair share of the load for compliance and the responsibility for failure. Clients expect privacy An assumption or expectation now exists to integrate security into the infrastructure, processes and applications to maintain privacy. Compliance fatigue Organizations are trying to maintain a balance between investing in both the security and compliance postures. *Source: Pyramid Research, October 2007 5

Pressure Not all risk are created equally, neither are all security solutions Find a balance between effective security and cost The axiom never spend $100 dollars on a fence to protect a $10 horse Studies show the Pareto Principle (the 80-20 rule) applies to IT security* 87% of breaches were considered avoidable through reasonable controls Small set of security controls provide a disproportionately high amount of coverage Critical controls address risk at every layer of the enterprise Organizations that use security controls have significantly higher performance* Cost Complexity Effectiveness Agility Time *Sources: W.H. Baker, C.D. Hylender, J.A. Valentine, 2008 Data Breach Investigations Report, Verizon Business, June 2008 ITPI: IT Process Institute, EMA December 2008 6

IBM provides the business answers you need in uncertain times with solutions for all IT domains Improving service, managing risk and reducing cost of Security without compromise 7

IBM: The only security vendor in the market with end-to-end coverage of the security foundation Critical Security Processes Manage Identities, Access and Entitlement: Process for assuring access to enterprise resources has been given to the right people, at the right time, for the right purpose IBM Solutions Protect Data and Information: Capability that allows for granular protection of unstructured & structured data, data leak prevention and acceptable use policy monitoring Implement GRC Information and Event Management: Log management capabilities designed to automate the process of auditing, monitoring and reporting on security and compliance posture across the enterprise Address Threats and Vulnerabilities: Process and capabilities designed to protect enterprise infrastructure from new and emerging threats Assure Software and System Integrity: Process for assuring efficiency and integrity of the software development & release lifecycle. Manage Assets: Process for maintaining visibility and control over service and operational assets, and their impact on the business Manage Change and Configuration: Process for assuring routine, emergency and outof-band changes are made efficiently, and in such a manner as to prevent operational outages Manage Problems and Incidents: Managed security operations center (SOC) or in-house Service Desk solutions designed to assure incidents are escalated and addressed in a timely manner. Forensics teams ready to respond to an emergency 8

Where do I begin? IBM can help you chart the course Understand your security readiness, using a capability maturity model, across the IT security domains Develop a ranked security roadmap to address critical security processes Balance your security focus and investment IBM can help 9

IBM: Comprehensive Security Risk & Compliance Management The only security vendor in the market with end-to-end coverage of the security foundation 15,000 researchers, developers and SMEs on security initiatives 3,000+ security & risk management patents 200+ security customer references and 50+ published case studies 40+ years of proven success securing the mainframe environment $1.5 Billion security spend in 2008 10

IBM Global Security Reach 8 Security Operations Centers 9 Security Research Centers 133 Monitored Countries 20,000+ Devices under Contract 3,700+ MSS Clients Worldwide 4+ Billion Events Per Day Coming soon: Bangalore, IN IBM has the unmatched global and local expertise to deliver complete solutions and manage the cost and complexity of security 11

Client results Hudson s Bay Company DTCC Community Medical Centers Allianz Seguros Anticipates, tracks and mitigates security threats before they cause harm to data or the IT infrastructure. Provides professional management of network devices. Security features are designed and built into more than 225 new applications per year. Help improved developer productivity. Reduced time to market for each new service. Reduced costs with fewer password resets and simplified administration. Enhanced security through HIPAA support. Improved staff productivity with single sign-on support. Applied proven data masking techniques to protect privacy. and support compliance with country regulations. IBM provided us with more than just compliance. Sensitive data is secure, systems are monitored closely for performance issues, and our IT staff can focus more missioncritical activities. The real key is that we have the education in place and now implement security early in the application development lifecycle, so we have less overall vulnerabilities to manage. Tivoli Access Manager for Enterprise Single Sign-On provides our users with one secure password to our applications and flexibility to manage how users access applications, something other vendors have not easily been able to provide. After attending a demonstration, the members of our evaluation team agreed that Optim provided the capabilities we needed to improve application development and testing processes and protect privacy, 12

Disclaimer The customer is responsible for ensuring compliance with legal requirements. It is the customer s sole responsibility to obtain advice of competent legal counsel as to the identification and interpretation of any relevant laws and regulatory requirements that may affect the customer s business and any actions the reader may have to take to comply with such laws. IBM does not provide legal advice or represent or warrant that its services or products will ensure that the customer is in compliance with any law or regulation. 13

14

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback