20
1 A New Era of Thinking
1
A New Era of Thinking
2
ADVANCED THREATS
INSIDER THREATS
CLOUD AND MOBILE
COMPLIANCE
SKILLS GAP
3
4
Adding another tool
Hoping it’s not me
Building more barricades
Skipping the basics
Ignoring privileges
Blocking the cloud
Betting on BYOS
Application securitymanagement
Application scanning
Incident and threat management
Device management
Transaction protection
Log, flow anddata analysis
Vulnerabilityassessment
Security research
Sandboxing
Firewalls
Anomaly detection
Antivirus
Fraud protection
Criminal detection
Network visibility
Virtual patching
Data access control
Data monitoringIdentity management
Access managementEntitlements and roles
Privileged identity management
Endpoint patching and management
Malware protection
Content security
Establish security as an immune system
5
Global Threat Intelligence
Consulting Services | Managed Services
Cloud
Security Intelligence
Log, flow and data analysis
Vulnerabilityassessment
Anomaly detection
Firewalls
Incident and threat management
Virtual patching
Sandboxing
Network visibility
Data access control
Data monitoring
Malware protection
Antivirus
Endpoint patching and management
Criminal detection
Fraud protection
Security Research
Access management
Entitlements and roles
Identity management
Privileged identity management
Application securitymanagement
Application scanning
Transaction protection
Device management
Content security
Establish security as an immune system
6
Cloud
Security Intelligence
Security research
Stop advanced threats
7
Prevent insider breaches
Cloud
Security Intelligence
Security research
8
Support mobile transformation
Cloud
Security Intelligence
Security research
9
Global Threat Intelligence
Consulting Services | Managed Services
Cloud
Security Intelligence
Log, flow and data analysis
Vulnerabilityassessment
Anomaly detection
Firewalls
Incident and threat management
Virtual patching
Sandboxing
Network visibility
Data access control
Data monitoring
Malware protection
Antivirus
Endpoint patching and management
Criminal detection
Fraud protection
Security Research
Access management
Entitlements and roles
Identity management
Privileged identity management
Application securitymanagement
Application scanning
Transaction protection
Device management
Content security
10
11
Cloud, Collaboration, Cognitive
Moats, Castles
Intelligence,Integration
The Next Era of Security
12
BYOD
RISKY APPS
APPROVED APPS
ON PREM
MOBILE
EMPLOYEES
Cloud
IBM Cloud Security Enforcer
20,000+ devices
under contract
15B+ events
managed per day
133 monitored
countries (MSS)
3,000+ security
related patents
270M+ endpoints
reporting malware
25B+ analyzed
web pages and images
12M+ spam and
phishing attacks daily
96K+ documented
vulnerabilities
860K+ malicious
IP addresses
Millions of unique
malware samples
13
Collaboration
IBM X-Force Exchange
14
IBM X-Force Exchange
https://exchange.xforce.ibmcloud.com
15
Collaboration
IBM App Exchange
https://exchange.xforce.ibmcloud.com
Traditional Security
“Cast a wide net and show me the knowns”
Industry Expertise
“This is what others have seen in my industry”
Professional Services
“Help me organize and tune my chaos”
Curated Threat Data
“Correlate against the latest and greatest threats”
Security Intelligence & Big Data Analytics
“Look everywhere for security indicators”
Cognitive Security
“How do I understand and act?”
16
Cognitive Security
The Next Era of Security
2005 +
• Observation of real-time
activity
• Focus on deviations from
known patterns
• Ability to prioritize potential
threats
• Reactive and rules-based
Pre - 2005
• Static defenses
• Password protections
• Focus on compliance
• Success = passing
an audit
2015 +
• Reasoning that mirrors
human thought
• Ability to analyze structured
and unstructured data to
understand behavior and
meaning
• Automated learning based
on continual threat
intelligence
17
18
SECURITY THAT…
Understands
Reasons
Learns
Evolving to Cognitive
Watson Security Advisor
outthink threats
19
© Copyright IBM Corporation 2016. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied.
IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or
representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products,
programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and / or capabilities referenced in these materials may change at any time at IBM’s sole
discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are
trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper
access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be
considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a
lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT
ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.
THANK YOUwww.ibm.com/security
