1. Gelişmiş Tehdit Korumasının İnkar Edilemez 4 Gerçeği
Engin Özbay
IBM Security Ülke Lideri, Türkiye

2. More companies are revealing massive breaches
Security has never been more critical, with increasing numbers of companies revealing massive breaches of their computer systems. How serious is the problem? The annual global cost of cybercrime is estimated to be more than USD400 billion—equaling the gross national income of many countries.1
The soaring number of breaches has created a new security reality, with more risk and greater damage inflicted. To measure the damage, Ponemon Institute has been doing benchmark research for years on the cost of a data breach, the most common type of incident. In the 2015 report, the global average for the total cost of a data breach was found to be USD3.79 million, a 23 percent increase since
Estimated annual global cost of cybercrime: over USD400 billion1
Global average cost of a data breach: USD3.79 million—a 23 percent increase since 20132

3. Is your security team prepared?
Broad Attacks
Targeted Attacks
Indiscriminate malware,
spam and DoS activity
Advanced, persistent, organized, politically or financially motivated
Tactical Approach
Compliance-driven, reactionary
Strategic Approach
Intelligence-driven, continuous
Build multiple perimeters
Protect all systems
Use signature-based methods
Periodically scan for known threats
Read the latest news
Shut down systems
Assume constant compromise
Prioritize high-risk assets
Use behavioral-based methods
Continuously monitor activity
Consume real-time threat feeds
Gather, preserve, retrace evidence
New threats require a new approach to security, but most are defending against yesterday’s attacks, using siloed, discrete defenses

4. The Dyre Wolf campaign is run by a ring of unusually well-funded, experienced and intelligent people
Source: IBM MSS, “Inside the Dyre Wolf malware campaign“

5. Four truths about advanced threat protection
Despite increasing challenges, organizations can protect themselves by adopting the right strategy
Four truths about advanced threat protection 1
Prevention is mandatory
Traditional methods of prevention have often failed, leaving many to believe detection is the only way forward. This is a dangerous proposition. 2
Security Intelligence is the underpinning
Specialized knowledge in one domain is not enough. It takes enterprise-wide visibility and maximum use of data to stop today’s threats. 3
Integration enables protection
The best defense is relentless improvement. Technologies must seamlessly integrate with processes and people across the entire lifecycle of attacks. 4
Openness must be embraced
Security teams need the ability to share context and invoke actions between communities of interest and numerous new and existing security investments.

6. A dynamic, integrated system to help stop advanced threats
The IBM Threat Protection System
Break-in 1
Latch-on 2
Expand 3
Gather 4
Exfiltrate 5
Attack Chain

7. Renaissance Istanbul Polat Bosphorus Hotel Barbaros
IBM X-Force Security Roadshow, Istanbul - 2 December 2015
Renaissance Istanbul Polat Bosphorus Hotel Barbaros
A Walk On The Wild Side: Real stories from real security incidents, security testing, and things that go bump in the net.
Dark Web, Dark Net: How Much Do We Know?
When sacked employees hit back.
TOR - but there's not just TOR!
Ransomware, holding 500,000 key business files to ransom. Pay up or?
How we phished a bank account containing in excess of 10M USD.
You are invited !!!