Security in the Cognitive Era: Why it matters more than ever
-
Upload
ec-council -
Category
Technology
-
view
103 -
download
1
Transcript of Security in the Cognitive Era: Why it matters more than ever
Security in the Cognitive EraShelley WestmanVice President, IBM Security
#IBM Security
#IBM Security
19/14/16
#IBM Security
#IBM Security
9/14/162IBM SECURITY
Paradigm shift in crime
#IBM Security
#IBM Security
3
800+ Millionrecords breached1+ Billionrecords breachedUnprecedentedhigh-value targets breached
201320142015$7Maverage cost of a U.S. data breachaverage time to identify data breach201 days
#IBM Security
#IBM Security
4
What are the little things causing todays big issues?
#IBM Security
#IBM Security
9/14/165IBM SECURITY
Insider risk, human error and negligenceInfected BYODFalling for phishingUnpatched vulnerabilities and delayed patchesWeak passwordsCyber Butterfly Effect
Key issues:
#IBM Security
#IBM Security
9/14/166IBM SECURITY
#IBM Security
#IBM Security
9/14/167IBM SECURITY
Culture change needed
Adding another toolHoping its not meBuilding more barricadesSkipping the basicsIgnoring privilegesChecking audit boxesBetting on BYOSCulture change needed to fight the Cyber Butterfly EffectWhat were still seeing:
#IBM Security
#IBM Security
9/14/168IBM SECURITY
We need a new approachto security
#IBM Security
#IBM SecurityAn integrated and intelligent security immune system
Threat IntelligenceSecurity AnalyticsCloudIdentityandAccessDataandAppsMobileAdvanced FraudNetworkEndpoint
SecurityEcosystemCriminal detectionFraud protectionWorkloadprotectionCloud accesssecurity brokerAccess managementEntitlements and rolesPrivileged identity managementIdentity managementData access controlApplication security managementApplication scanningData monitoringDevice ManagementTransaction protectionContent securityMalware protectionAntivirusEndpoint patching and managementVirtual patchingFirewallsIncident and threat managementSandboxingNetwork visibilityVulnerability managementIncident responseLog, flow, data analysisAnomaly detectionIndicators of compromiseIP reputationThreat sharing
#IBM Security
#IBM Security
10
COGNITIVE, CLOUD,and COLLABORATIONInnovation to contain the cyber butterfly effect
INTELLIGENCEand INTEGRATION
PERIMETER CONTROLS
#IBM Security
#IBM Security
11
Stay ahead of the threat with collaborative platforms to share intelligence and take actionCollaboration
#IBM Security
#IBM Security
9/14/1612IBM SECURITY
ATTACKERS are more collaborative than ever
Global data sharing
Marketplace for products and services
Trusting relationships and networks
Organized cyber gangs
Criminal BossUnderbossCampaign ManagersAffiliation NetworksStolenData Resellers
#IBM Security
#IBM Security
9/14/1613IBM SECURITY
IBM X-Force Exchange
Global scale700+ TB of threat data15B+ events / day270M+ endpoints covered25B+ web pages and images8M+ spam / phishing attacks1M+ malicious IP addressesSourced from2,000 organizations across 16 industriesSECURITYANALYST
CISO
IBM X-FORCE
INCIDENTRESPONDERSocial community for sharing threat intelligence
#IBM Security
#IBM Security
14
IBM App Exchange
10k+ visits1,200+ downloads40+ available apps20+ more partners through ecosystem training
Online marketplaceshare and download apps based on IBM security technologiesCollaborative defense with a partner ecosystem
#IBM Security
#IBM SecuritySafely move workloads and data to the cloud, and quickly consume security from the cloudCLOUD
#IBM Security
#IBM SecurityAccess, data and visibility are top cloud priorities
Governance and policyIdentity and accessAuthentication and Single Sign-OnMANAGE ACCESS
Data protectionApplication securityThreat preventionFraud and malware
PROTECT DATA
Cloud app usageGlobal threat analysisMobile securitySecurity intelligenceGAIN VISIBILITY
#IBM Security
#IBM Security
17
Outthink threats with security technology that understands, reasons, and learnsCognitive
#IBM Security
#IBM Security
Most security knowledge is untapped
TraditionalSecurity DataHuman Generated KnowledgeSecurity events and alertsLogs and configuration dataUser and network activityThreat and vulnerability feedsThreat intelligenceResearch documentsIndustry publicationsForensic informationConference presentationsAnalyst reportsBlogsWebpages WikisNews sourcesWikisNewslettersTweetsA universe of security knowledge dark to your defenses
#IBM Security
#IBM Security
19
The worlds first Cognitive analytics solution using core Watson technology to understand, reason, and learn about security topics and threatsWatson for Cyber Security
Unlocking new possibilities
#IBM Security
#IBM Security
20
Teaching Watson the language of cyber security
BACKDOOR
BADACTOR
VIRUS
#IBM Security
#IBM SecurityFast and accurate analysis to enhance security decision making
SECURITY ANALYST and WATSON
SECURITY ANALYST
!!!
EnterpriseSecurity Analytics
Cognitive techniques to mimic human intuition around advanced threats
Human GeneratedSecurity Knowledge
HELPING THE ANALYST:
Quickly make outsidedata actionable
Gain powerfulinsights
Uncover new trends and patterns
Analyze threats with accuracy
Save time and resources
#IBM Security
#IBM Security
22
How could we have prevented this?
#IBM Security
#IBM Security
#IBM Security
#IBM Security
9/14/1624IBM SECURITY
ibm.com/securitysecurityintelligence.comxforce.ibmcloud.com@ibmsecurityyoutube/user/ibmsecuritysolutions Copyright IBM Corporation 2016. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. Any statement of direction represents IBM's current intent, is subject to change or withdrawal, and represent only goals and objectives. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM does not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party.FOLLOW US ON:THANK YOUibm.com/security@ibmsecurityyoutube/user/ibmsecuritysolutions Copyright IBM Corporation 2016. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. Any statement of direction represents IBM's current intent, is subject to change or withdrawal, and represent only goals and objectives. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM does not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party.FOLLOW US ON:THANK YOU
#IBM Security
#IBM Security
259/14/16