Presentation is loading. Please wait.

Presentation is loading. Please wait.

IBM Security Pelin Konakçı IBM Security Software Sales Leader

Similar presentations


Presentation on theme: "IBM Security Pelin Konakçı IBM Security Software Sales Leader"— Presentation transcript:

1 IBM Security Pelin Konakçı IBM Security Software Sales Leader
Burak Özgirgin CISSP-ISSAP, CISM, CISA, CEH, ISO27001LA IBM Security Services – Managing Consultant

2 Attackers break through conventional safeguards every day
Source: IBM X-Force Threat Intelligence Quarterly – 1Q 2015 Attack types % increase ,000,000+ records 2014 Unprecedented impact XSS SQLi Misconfig. Watering Hole Brute Force Physical Access Heartbleed Phishing DDoS Malware Undisclosed A new security reality is here, where… Sophisticated attackers break through conventional safeguards every day. Organized criminals, hacktivists, governments and adversaries are compelled by financial gain, politics and notoriety to attack your most valuable assets. Their operations are well-funded and business-like ‒ attackers patiently evaluate targets based on potential effort and reward. Their methods are extremely targeted ‒ they use social media and other entry points to track down people with access, take advantage of trust, and exploit them as vulnerabilities. Meanwhile, negligent employees inadvertently put the business at risk via human error. Even worse, security investments of the past can fail to protect against these new classes of attacks. The result is more severe security breaches more often. Note: Size of circle indicated estimated relative impact In the past three years, the amount of data records and variety of attacks have expanded to epic levels. 2012: Near Daily Leaks of Sensitive Data 40% increase in reported data breaches and incidents 2013: Relentless Use of Multiple Methods 800,000,000+ records leaked, while the future shows no sign of change 2014: “Insane” Amounts of Records Breached 42% of CISOs claim the risk from external threats increased dramatically from prior years. Source: IBM X-Force Threat Intelligence Quarterly – 1Q2015 According to a recent Ponemon study, 256 days is the average time it takes companies to detect advanced persistent threats; and $6.5million is the average cost of a U.S. data breach Source: 2015 Cost of Data Breach Study, Ponemon Institute $6.5M average cost of a U.S. data breach average time to detect APTs 256 days Source: 2015 Cost of Data Breach Study, Ponemon Institute V

3 CISO Study In 2015, we took a closer look at how CISOs develop cybersecurity strategy and prioritize security investments Cybersecurity risk is a top C-suite priority with funding for security efforts growing to reflect the gravity of the challenge Historically, cybersecurity investment decisions were commonly based on the “checkbox” approach to meet compliance requirements Security leaders are now transforming their programs to be risk-based by using customized frameworks to determine risks and prioritize security investments About this report This IBM Center for Applied Insights report is based on “Identifying How Firms Manage Cybersecurity Investment,” an IBM-sponsored study by the Darwin Deason Institute for Cyber Security, part of the Lyle School of Engineering at Southern Methodist University in Dallas, Texas. In-depth interviews were conducted in a semi-structured approach to explore top cybersecurity risks, how risks are determined, organizational support for cybersecurity initiatives and how investments are prioritized. Security leaders interviewed by industry

4 CISO Study Top challenges facing CISOs in transforming to a risk-based program Focusing on the “strategic” How do I transform from a compliance-based security program to one focused on risk? Communicating priorities How can I best communicate risk to top management and manage expectations? Making cybersecurity strategy consumable Do I have the skills, resources and tools to implement the right controls for success?

5 Top drivers of information security investment
CISO Study Top drivers of information security investment

6 Top prioritization approaches
CISO Study Top prioritization approaches

7 CISO Study CISOs are increasingly turning to frameworks as the strategic tool of choice to assess risk and prioritize threats Key elements of a cybersecurity program: Consider business priorities, assets, processes Document formal cybersecurity strategy, objectives and goals Define formal framework of risk management controls Evaluate and prioritize gaps in current vs desired state across risk management controls Build a plan to address, monitor and reassess the prioritized control gaps

8 CISO Study Customized frameworks help to move beyond compliance to risk-based strategy Traditional focus on security compliance doesn’t ensure organizations are best prepared for potential security breaches Frameworks provide a better basis for risk assessment to thoroughly and consistently assess security challenges and determine gaps Companies developing their own cyber-risk frameworks are more likely to have a deeper understanding of the real risks to their organizations “Security has to have a basis to argue its point of view in a compelling story with some thought behind it, rather than ‘I want to get these things because it’s the next cool security thing that’s out there’.” -- CISO, Retail

9 CISO Study Frameworks help increase collaboration with the C-suite to communicate priorities Frameworks are an effective communication tool for CISOs to relay cybersecurity strategy to upper management for buy-in 85% of CISOs reported that upper-management support for cybersecurity efforts has increased 88% of CISOs reported that their security budgets have increased 25% of CISOs surveyed who thought they were spending appropriately also used frameworks as a strategic tool “Senior leadership is looking for me to articulate what the security strategy is in words, in projects, and in dollars that make sense to them.” -- CISO, Retail

10 External collaboration is often valuable
CISO Study External collaboration is often valuable When CISOs got push back over budgets, it was often because boards worry about ability to absorb budget given talent shortages The talent shortage has led many CISOs to look externally to supplement skills and resources CISOs rely on peer networks, third-party information and third-party threat intelligence data Most US-based CISOs we interviewed participate in information-sharing organizations and value what they learn; participation was lower for foreign CISOs

11 Key takeaways for developing risk-based cybersecurity programs
CISO Study Key takeaways for developing risk-based cybersecurity programs Move beyond compliance to risk-based strategy Customize frameworks to enable strategic assessment of the real risks to the organization, highlighting cybersecurity priorities. Increase collaboration with the C-Suite Use frameworks as an effective communications tool to relay cybersecurity strategy in a more consumable way to stakeholders for buy-in. Apply framework-driven cybersecurity insights Engage the right skills, third-party intelligence and industry best practices to implement the guidance derived from frameworks.

12 Mobile and Internet of Things
IBM Security Strategy Support the CISO agenda 1 Buyers CISO, CIO, and Line-of-Business Deliver a broad portfolio of solutions differentiated through their integration and innovation to address the latest trends HELP! Innovate around megatrends 2 Key Security Trends Advanced Threats Skills Shortage Cloud Mobile and Internet of Things Compliance Mandates Lead in selected segments 3 IBM Security Portfolio Strategy, Risk and Compliance Cybersecurity Assessment and Response Security Intelligence and Operations Advanced Fraud Protection Identity and Access Management Data Security Application Security Network, Mobile and Endpoint Protection Advanced Threat and Security Research In support of the critical role of the CISO, IBM offers integrated security intelligence and industry-leading experience enabled by the IBM Security Portfolio. All of the IBM Security offerings are backed by an extensive business partner ecosystem which consists of industry-leading technology, sales and service partners. <PRESENTER: See the optional portfolio slides in backup if more details are needed for your prospects>

13 Expand the value of security solutions through integration
DataPower Web Security Gateway AppScan BigFix MobileFirst Protect (MaaS360) QRadar SIEM QRadar Vulnerability Manager Key Lifecycle Manager IBM X-Force Research QRadar Incident Forensics QRadar Log Manager Guardium zSecure Trusteer Mobile Trusteer Pinpoint Trusteer Rapport Consulting Services Managed Services Network Advanced Fraud Data Mobile Applications Endpoint Identity and Access Security Intelligence SiteProtector Network Protection XGS Trusteer Apex QRadar Risk Manager Identity Manager Access Manager Identity Governance and Intelligence Privileged Identity Manager Continuous actionable intelligence More and more clients are taking a strategic approach to upgrading their defenses. They realize disconnected point products and services are expensive, hard to manage, and cannot solve today’s challenges. We’re witnessing a major shift in demand to partners who offer a platform of integrated security solutions – and we have the best in the business. In support of the critical role of the CISO, IBM offers integrated security intelligence and industry-leading experience enabled by the IBM Security Portfolio. All of the IBM Security offerings are backed by an extensive business partner ecosystem which consists of industry-leading technology, sales and service partners. <PRESENTER: See the optional portfolio slides in backup if more details are needed for your prospects>

14 Mobile and Internet of Things
IBM Security Strategy Support the CISO agenda 1 Buyers CISO, CIO, and Line-of-Business Deliver a broad portfolio of solutions differentiated through their integration and innovation to address the latest trends HELP! Innovate around megatrends 2 Key Security Trends Advanced Threats Skills Shortage Cloud Mobile and Internet of Things Compliance Mandates Lead in selected segments 3 IBM Security Portfolio Strategy, Risk and Compliance Cybersecurity Assessment and Response Security Intelligence and Operations Advanced Fraud Protection Identity and Access Management Data Security Application Security Network, Mobile and Endpoint Protection Advanced Threat and Security Research In support of the critical role of the CISO, IBM offers integrated security intelligence and industry-leading experience enabled by the IBM Security Portfolio. All of the IBM Security offerings are backed by an extensive business partner ecosystem which consists of industry-leading technology, sales and service partners. <PRESENTER: See the optional portfolio slides in backup if more details are needed for your prospects>

15 Holistic Approach in Security Operations
Governance Strategy SOC program governance Security policy & awareness IBM QRadar is the foundation to build an effective SOC on top of it Security Operations Center Journey Metrics IBM QRadar Governance Processes Organization Organization Structure Sourcing Staffing Education Role definitions Metrics Performance Efficiency Quality Capacity Cost Technology SIEM architecture Log sources Correlation Rules Ticketing & Portal Platform Integrations Process and Procedures Security intelligence Event monitoring Triage & Investigation Response

16 SIEM is Managed and Monitored
For the average client, IBM filters 1,764,720 security events weekly to identify 2 security incidents that can potentially do harm. Security Events Security Attacks Security Incidents Annual 91,765,453 Annual 16,856 Annual 109 Monthly 7,647,121 Monthly 1,405 Monthly 9 Weekly 1,764,720 Weekly 324 Weekly 2 Security Intelligence Correlation and analytics tools Security Intelligence Human security analysts

17 Protecting the Crown Jewels
DEFINE DISCOVER BASELINE SECURE MONITOR Phases What are the “crown jewels”? Where are they? How are they used? What is required to protect “crown jewels”? How to plan, design, and implement protection? What to consider operationally? Questions Answered Consulting Approach Strategic + Technical Assessment Gap Assessment and Strategic Planning System Integration Consulting Approach Method Approach

18 Governing and Managing the Identity
Management Provisioning Identity Mgmt Create Modify De- activate Role Mgmt Terminology: Entitlements Entitlement Groups Roles (Technical) Create Modify De- comms. Terminology: Identities Roles (Business) Attestation Identity Governance

19 IBM Security Services Portfolio
Security Strategy, Risk and Compliance Security Intelligence and Operations Cyber Security Assessment and Response Identity and Access Management Data and Application Security Infrastructure and Endpoint Security Security Essentials and Maturity Consulting Security Strategy and Planning Security Architecture and Program Design Critical Infrastructure Security Services PCI Compliance Advisory Services Information Security Assessment Security Framework and Risk Assessments Integrated Account Security Management Security Operations Consulting SIEM Design and Deploy Emergency Response Services Incident Response Planning Active Threat Assessment Penetration Testing Smart and Embedded Device Security APT3 Survival Kit Identity and Access Strategy and Assessment Access Management Design and Deploy Multi-factor Authentication Design and Deploy Identity and Access Solution Migration Identity Governance and Administration, Design and Deploy Critical Data Protection Program Data Discovery and Classification Data Security Strategy and Architecture Data Loss Prevention and Encryption Application Security Assessment Application Source Code Security Assessment Deployment and Migration Staff Augmentation Services Managed SIEM Security Intelligence Analyst Advanced Cyber Threat Intelligence Services Firewall Management Unified Threat Management Intrusion Detection and Prevention System Management Managed Protection Services Secure Web Gateway Management Malware Defense Management Intelligent Log Management IBM® X-Force® Hosted Threat Analysis Service Executive Protection Managed Identity Hosted Application Security Management <Presenter: This is a more detailed view of the services portfolio> From infrastructure, data and application protection to cloud and managed security services, IBM has the expertise to help safeguard your company’s IT infrastructure. We protect some of the most sophisticated networks in the world, and employ some of the best minds in the business. Cloud Identity Cloud Security Strategy Managed Web Defense Hosted and Web Security Hosted Vulnerability Management Consulting and Systems Integration Managed Security Services Cloud Security Services

20


Download ppt "IBM Security Pelin Konakçı IBM Security Software Sales Leader"

Similar presentations


Ads by Google