Venkatesh Sadayappan (Venky)IBM Security Category Marketing Leader

Central & Eastern Europe

venky.iss@cz.ibm.com+420-734-420-540

13th International InfoSec and Data Storage ConferenceSofia, Bulgaria

Applications SYSTEMSAPPLICATIONS

WEBAPPLICATIONS WEB 2.0 MOBILE

APPLICATIONS

DATACENTERS PCs LAPTOPSInfrastructure

CLOUDMOBILE NON-TRADITIONALMOBILE

Security challenges are a complex, four-dimensional puzzle…

PeopleEMPLOYEES ATTACKERS OUTSOURCERS SUPPLIERS

CONSULTANTS PARTNES CONSUMERS

Data STRUCTURED UNSTRUCTURED AT REST IN MOTION

…a holistic approach is needed

CONSUMERS

IN MOTION

MOBILEAPPLICATIONS

MOBILE

EMPLOYEES

UNSTRUCTURED

WEB 2.0

CLOUDPCs

OUTSOURCERS

STRUCTURED

SYSTEMSAPPLICATIONS

A radical notion: Cloud is an opportunity for enhanced security

Protect applications and workloadsin private Cloud stacks

Private Cloud

Security for the Cloud

Public Cloud

Securing workloadson virtual infrastructures

Secure usage of Public Cloudapplications

Security from the Cloud

Security-as-a-Service

Delivering and consumingsecure applications

Deliver security capabilities ascloud services

Security for the Cloud…..

13-04-02

Data and Application Protection

Secure enterprise databasesBuild, test and maintain secure

cloud applications

ThreatProtection

Prevent advanced threatswith layered protection

and analytics

IdentityProtection

Administer, secure, and extendidentity and access to and

from the cloud

Security Intelligence

Provide visibility, auditability and control for the cloud

Mobile downloadswill increase to108 billion

by 2017. 2

Mobile malware isgrowing. Malicious

code is infecting morethan

11.6 millionmobile devices at any

given time. 3

In 2014 the numberof cell phones

(7.3 billion) willexceed the number

of people on theplanet (7 billion).1

Mobile devices andthe apps we rely on

are under attack.

90% of the topmobile apps have

been hacked. 4

As mobile grows, so do security threats

Device Security Content Security Application Security Transaction Security

• Manage the mobileenterprise with BYOD,BYOA, secure e-mailand document sharing

• Secure file and documentsharing across devicesand employees includingintegration withSharePoint

• Instrument applicationswith security protectionby design

• Identify vulnerabilities innew, existing orpurchased applications

• Secure mobiletransactions fromcustomers, partnersand suppliers

Security Intelligence

Correlate mobile security events with broader infrastructure including log management, anomaly detection and vulnerabilitymanagement for proactive threat avoidance

ITOperations

Line-of-BusinessApplication Developer

SecuritySpecialist

• Mitigate security risk across devices, applications, content and transactions• Monitor enterprise security across all endpoints• Manage mobility across the enterprise

CISO / CIOChief Information Security Officer

Chief Information Officer

Imperatives for securing the mobile enterprise

SuspectedIncidents

True OffensesEmbeddedIntelligence• Real-time

analytics

• Automatedoffenseidentification

• Anomalydetection

• Incident evidenceand forensics

Servers andmainframes

Data activityNetwork and virtual

activity

ApplicationactivityConfiguration

information

Securitydevices

Users andidentities

Vulnerabilities andthreats

Security Intelligence and AnalyticsVisibility into security posture and clarity around incident investigation

Global threatintelligence

Attackerdefeated!

IBM Security Solutions

• QRadar Log Manager• QRadar SIEM• QRadar Risk Manager

• QRadarVulnerabilityManager

• QRadar IncidentForensics

CEE Case Study: ABLV Bank, ASGains 360-degree visibility into the enterprise

99% decreasein investigation time

“We now have a tool that gives us the visibility acrossour enterprise and helps us find the source of the

problem quickly.”—Aleksejs Kudrjasovs, Head of Information Security,

ABLV Bank

1 million:1 data reductionratio for security events

Immediate detectionand notification ofanomalies

Banking

Solution components

The transformation: Working with DSS and replacing an out-of-datesecurity monitoring solution with an advanced security platform fromIBM, ABLV security staff gained superior threat detection and a muchricher view of enterprise activities. The new solution integrates andanalyzes data from disparate sources to help staff more quickly uncoverand respond to threats.

Software• IBM® QRadar® Security Intelligence PlatformIBM Business Partner• Data Security Solutions (DSS LV)

CEE Case Study: ERGO LatviaGains actionable information in minutes to strengthen security and compliance

99% reductionin compliance reporting time

“We can now find and address the source of a problemin minutes instead of tens of hours.”

—Mr. Dainis Bairs, Chief Information Security Officer andHead of IT, ERGO Latvia

99% reductionin time to respond to securityand IT incidents

Uncovers threatsand prioritizes risk forefficient and effectiveremediation

Insurance

Solution components

The transformation: By replacing manual processes with an advancedsecurity solution from IBM, ERGO Latvia IT staff can quickly uncoverthreats, prioritize response based on risk level, and take action beforethe business is affected. The new solution integrates and analyzes datafrom disparate data sources and provides a unified view of potentialsecurity events, operational anomalies and vulnerabilities.

Software• IBM® QRadar® Security Intelligence PlatformIBM Business Partner• Data Security Solutions (DSS LV)