IBM Cloud Security for the Cloud
Amr IsmailSecurity Solutions Sales Leader – Middle East & Pakistan
2
Today’s Drivers for Cloud Adoption
ELASTIC
RAPIDINNOVATION
LOWERCOST
SOLVESSKILLS
SHORTAGE
GREATERSECURITY
3
COMPLIANCE
INSIDERTHREATS
SECURITYSKILLS GAP
VISIBILITY
DATAPROTECTION
Today’s Inhibitors for Cloud Adoption
4
“My team is not equipped to handlecloud security complexity”
Are You Ready to Secure the Cloud?
1/3Fewer security failures
for those that implementcloud security visibility and
control tools
60%fewer security
incidents in IaaS vstraditional datacenters
in 2020
50%of IaaS customers will add3rd party security products
in 2017
Source: Gartner Predicts 2017: Cloud Security, Nov 2016
5
CISO Priorities
Gartner Security & Risk Management Summit – 2016 Planning.
6
Managing Cloud Risks More Effectively
Cloud computing isless secure
Cloud security iscomplex and costly
Cloud security isdifficult to maintain“ “ “
“ “ “of respondents said
their levels of privacyprotection increased as aresult of moving to the cloud1
Since moving to the cloud,of respondents said they havesaved money 1
Reality Reality Reality
Perception Perception Perception
Understanding the risks with a cloud vendor’s capabilities will allow organizations toovercome these perceptions.
1 Microsoft Cloud Trust Study
69%62% 55% of cloud users have
reduced the amount of timethey spend managing securitysince moving to the cloud 1
7
Security Complexities with Multiple Cloud Service Models
PresentationModality
PresentationPlatform
APIs
Applications
Data Metadata Content
Integration & Middleware
APIs
Hardware
Abstraction
Core Connectivity& Delivery
SaaS
Integration & Middleware
APIs
Hardware
Facilities
Abstraction
Core Connectivity& Delivery
PaaS
APIs
Hardware
Facilities
Abstraction
Core Connectivity& Delivery
IaaS
Facilities
8
Security Responsibilities and Liabilities
Datacenter Infrastructure Middleware Application Process
Provider Consumer
Provider Consumer
Provider ConsumerPotentialSecurity Gaps
IaaS
PaaS
SaaS
Build it in
Contract it in
9
“I’m composingCloud apps and I
need:• Middleware/
APIs• Databases• Mobile• AppSec• IAM
…”
“I’m movingon-premise
workloads tothe cloud andneed flexible:
• Hardware• Storage• Network
…”
Customerneed
Customerneed
“I want toleverage your
security product(s),but please deliver
the capabilityvia the cloud.
No ‘on-premise’solution for me to
manage.”
IBMoffering(s)
IBMoffering(s)
A large/growing numberof IBM Security
solutions, including
• IBM Application Security on Cloud• IBM QRadar on Cloud• IBM QRadar Advisor with Watson
• IBM MaaS360• Trusteer Web Fraud Protection family• IBM Cloud Identity Service
• IBM X-Force Exchange Commercial API• COPLINK on Cloud• Intelligent Video Analytics
SaaS IaaS PaaS
Use Cases
10
Key Threats When Moving to the Cloud
2. Weak Identity, Credential and Access Management
3. Insecure Application Programming Interfaces (APIs)
4. System and Application Vulnerabilities
5. Account Hijacking
8. Data Loss
11. Denial of Service
9. Insufficient Due Diligence
10. Abuse and Nefarious Use of Cloud Services
Source: Cloud Security Alliance 2016
1. Data Breaches
6. Malicious Insiders
7. Advanced Persistent Threats (APTs)
12. Shared Technology Issues
12 Treacherous Top Threats with Cloud Computing
11
Six Cloud Security “Must Haves”
ACCESS MANAGEMENTusers, privileges, clients Identity and access
managementPrivileged Identity
Governanceand policy
DATA PROTECTIONDatabases, workloads, content
DLP, encryption PII ProtectionDiscovery
APPLICATION SECURITYThreat prevention Vulnerability
AssessmentPatch Management
Secure Appdevelopment
VISIBILITY and INTELLIGENCEAnomalies, threats, activities Event correlation
and alertingHealth checks andanomaly detection
Monitoring andIntelligence
WORKLOAD CENTRICSecurity and Devops Management
Audit DeploymentPolicy
NETWORK SECURITYAnomalies, threats, activities Event correlation
and alertingMonitoring Threat Protection
1
3
4
5
6
2
12
Security FOR the CloudSecurity FROM the Cloud
Security – From the Cloud and For the Cloud
Security-as-a-Service
• Provide immediate accessto cloud-delivered security
• Mobility, Fraud Prevention, Sec.Intel, and App Sec from Cloud
Security-as-a-Service
Deliver cloud services securely
• Manage access to cloud workloads
• Secure infrastructure & applications in the Cloud
• Protect data at rest and in transit
• Gain security visibility across hybrid deployments
Consume SaaS services securely
• Manage access to SaaS applications
• Protect data managed by SaaS
• Gain visibility around secure access
Private CloudPublic Cloud
QRadar on Cloud, Maas360, Trusteer,Application Security on Cloud
IAM, Data Protection, App Security, Visibility,Management, Network Security
13
A Global Leader in Enterprise Security
• #1 in enterprise security softwareand services*
• 8,000+ employees
• 14,000+ customers
• 133 countries
• 3,500+ security patents
• 24 acquisitions since 2002*According to Technology Business Research, Inc. (TBR) 2016
Thank you