1 Nanci Knight IBM Academic Initiative Ecosystem Development Relationship Manager West Region cell:
2 IBM At A Glance IBM has 425,000 ee s worldwide 2012 Financials Revenue - $107B Net Income - $16B EPS - $13.44 Net Cash - $17B IBM operates in 170 countries Revenue Breakdown IT Services 44% Software 41% Hardware 15% 5 Nobel Laureates IBM s Leadership Changes First Female CEO 55% of IBM s Workforce is new to the company in the last 5 years ~ 120 acquisitions since 2001 More than 50% of IBM s workforce conducts business away from an office Corporate Recognition 2013 #1 company for leaders (Fortune) #1 green company worldwide (Newsweek) #2 best global brand (Interbrand) #2 most respected company (Barron's) #5 most admired company (Fortune) #18 most innovative company (Fast Company) Number 1 in patent generation for 20 consecutive years ~ 6,180 US patents awarded in 2013 Hundreds of IBMers sent to emerging markets every year to share their expertise with non-profits, small businesses & NGOs WATSON: The Smartest Computer On Earth Let s Build a Smarter Planet"
3 AGENDA IBM 5 IN 5 predictions for IBM Cyber Security Program Enterprise Demand for Specific Cyber Security Skills & the Growing Cyber Security Skills Gap IBM Academic Initiative Resources for Faculty & Non-Commercial Researchers
4 The classroom will learn you Buying local will beat online MDs will routinely use your DNA to keep you well A digital guardian will protect you online The city will help you live in it
5 IBM 5 in 5 for 2014 EDUCATION
6 IBM 5 in 5 for 2014 CYBER SECURITY
7 Cyber Security Program Creating stronger collaboration among Universities and IBM to build Cyber Security skills
8 Companies today cannot escape the challenges of keeping up with a perpetually evolving cyber security environment UNDERSTANDING THE THREAT LANDSCAPE What are the changes taking place that we need to be aware of? Who is attacking us and why? DEVELOPING AN APPROACH TO CYBER INTELLIGENCE With more data available from more security devices, what are the right capabilities to turn this data into actionable information? ADDING CYBER SECURITY CAPABILITIES Once we have our security analytics and intelligence feeds in place, how to we build an effective response strategy?. 8
9 The sophistication of cyber threats, attackers and motives is rapidly escalating st 2nd Decade of the Commercial Internet Decade of the Commercial Internet Motive National Security Espionage, Political Activism Monetary Gain Revenge Curiosity Nation-state Actors; Targeted Attacks / Advanced Persistent Threat Competitors, Hacktivists Organized Crime, Hackers and Crackers using sophisticated tools Insiders, using inside information Script-kiddies or hackers using tools, web-based how-to s Adversary
10 IBM clients & partners consistently mention four key skills they seek to hire Analytics and Big Data The Business Analyst Applies business intelligence, predictive analytics, and other techniques to turn information into business insight The Data Scientist Combines the skills needed to collect, store, manage, and understand patterns and trends in data 60% of enterprises face a shortage of business analytics skills today 40% of enterprises report a skills shortage in ability to manage information Information Security The Cyber Security Professional Requires a broad portfolio of security skills and systems thinking applied to business priorities 39% of organizations adding IT staff plan to hire information security professionals Software Engineering & Mobile Dev The Next Generation Software Engineer Employs the skills and methodologies needed to keep pace with the rapidly evolving software engineering discipline 65% of enterprises face a shortage of mobile development skills today Source: IBM Tech Trends report 2012
11 The lack of cyber security staff and skills is leaving organizations exposed Source: Forrester Report 'Surviving The Technical Security Skills Crisis' (2013)
12 CISOs struggle mightily to recruit skills How challenging is it in your experience to find and hire technical security staff that fit all of your requirements? 1 (not at all difficult: minimal effort/resources needed) (very difficult:: substantial effort/resources needed) Overall 1% 3% 16% 61% 19% 19.00% 61% 80% 4% US 19% 57% 20% 2% 2% EMEA 29% 49% 17% 2% 0% 2% Latin America 77% 19% Source: Forrester Report 'Surviving The Technical Security Skills Crisis' (2013)
13 Marketplace skills which are top priority for IBM to serve our customer s needs Most common skill sets required: Risk Management Consultants Security Architecture Incident Management & Response Forensic Analysis Network monitoring/noc or SOC support Malware Analysis Server Security Administration Security Project / Account Management IBM serves 9,000+ customers globally with its Cyber Security solutions representing significant demand & opportunity for your students Most common desired certifications: CISSP (includes all variations of the ISC2 credential) CISA / CISM (ISACA) Technology certifications of interest: IBM Products, including all IBM Security Systems portfolio; Modulo and EnCase certified examiner; PCI QSA and PA-DSS; network security certifications Bold: indicates High Priority
14 New factors complicate security planning and response It is no longer enough to protect the perimeter sophisticated attacks are bypassing traditional defenses, IT resources are moving outside the firewall, and applications and data are becoming distributed across multiple devices. 1. Advanced Threats Sophisticated, targeted attacks, designed to gain continuous access to critical information, are increasing in severity and occurrence. 2. Cloud Computing Security is one of the top concerns of cloud, as customers drastically rethink the way IT resources are designed, deployed, and consumed. Advanced Persistent Threats Stealth Bots Designer Malware Targeted Attacks Zero-days 3. Mobile Computing 4. Regulations and Compliance Managing employee owned devices and securing connectivity to corporate applications are top of mind as CIOs broaden their support for mobile devices. Regulatory and compliance pressures continue to mount as companies store sensitive data and become susceptible to audit failures.
15 Solving a security issue is a complex, four-dimensional puzzle People Employees Consultants Hackers Terrorists Outsourcers Customers Suppliers Data Structured Unstructured At rest In motion Applications Systems applications Web applications Web 2.0 Mobile apps Infrastructure It is no longer enough to protect the perimeter silo ed approaches will not secure the enterprise 15
16 Teaching with IBM Security resources allows your students to develop hands-on skills across a comprehensive framework Only provider in the market with end-toend coverage of the security foundation 6K+ security engineers and consultants Award-winning X-Force research Largest vulnerability database in the industry Intelligence Integration Expertise
17 IBM University Relations & Academic Initiative MISSION: Work across the IBM enterprise to build relationships of mutual value with targeted universities, placing top priority on building the technical talent pipeline
18 Benefits include.no-charge software IBM Software Access to thousands of full-function, leading-edge software applications available for faculty to download at no charge. Faculty can make copies of the software for their students by: - - Installing the software on lab machines for students - - Provisioning the software on the IBM Academic Skills Cloud their students can access
19 Benefits include.no-charge courseware IBM Courseware More than 400 course modules created by IBM to help clients get the most from their software investment. Faculty can use them to enrich their students classroom experience at no charge
20 Getting started What Do You Teach? Working with 12,400 faculty across 4,500+ institutions, teaching 600,000 students worldwide. Source: 2013 AI membership data Cyber Security IBM is actively engaged with faculty at 50+ universities
21 Cyber Security Solutions Available Through AI 21
22 Security Fundamentals Curriculum Resources Importance of Security in Today's IT Environment Security Concepts and Principles X Force Reports/Trends Digital Identity and Identity Management Authentication Access Control Federation and SOA Cryptography Application Security Social Media Security Data Security Network Security SSL and IP Cloud Security Mobile Security Endpoint Management Embedded Security Security Intelligence and Threat Management Governance IBM Academy of Technology sponsored presentations/videos which can be leveraged as faculty develop curriculum. Little/no product content.
23 Alignment with government programs in cyber security education NIST/NICE focused on enhancing overall cybersecurity posture of the United States by accelerating availability of educational and training resources. NSA / DHS Centers of Academic Excellence presented IBM university programs to DHS leaders and universities. 180 Universities designated as Centers of Excellence Fordham University and FBI jointly hosted 300+ experts, including Head of NSA, Head of CIA and Head of FBI University of Rhode Island hosted notable speakers, US Senators Reed and Whitehouse, U.S. House of Representatives, Jim Langevin and David Cicilline. IBM at industry panel.
24 Skills taxonomy, courseware, curriculum design guidance & job descriptions Skills Taxonomy Courseware Designing Security Curriculum White Paper Example Job Descriptions
25 Redbooks and Guides /redpapers/pdfs/redp4528.pdf on/ssi/ecm/en/sew03016usen/s EW03016USEN.PDF edbooks/pdfs/sg pdf ssi/ecm/en/sew03027usen/sew03 027USEN.PDF
26 Case Studies: Real World Security Problems and Solutions Detecting threats others miss Discovered 500 hosts with Here You Have virus, which all other security products missed Consolidating data silos 2 billion log and events per day reduced to 25 high priority offenses Predicting risks against your business Automating the policy monitoring and evaluation process for configuration changes in the infrastructure Addressing regulatory mandates Real-time monitoring of all network activity, in addition to PCI mandates
27 Videos and Community Resources IBM Security Intelligence Blog IBM Security Channel on YouTube 2014 IBM Pulse Conference videos (coming soon 2013 resources featured) IBM X-Force 2013 Mid-Year Trend and Risk Report Knowledge Exchange
28 How to Engage Nanci Knight Relationship Manager West Region cell: Join the IBM Academic Initiative at: Review the AI software & courseware portfolios Consider IBM Smarter Planet resources to enhance curriculum case studies, C- level Reports, white papers, success stories, technical Red Books, expert blogs, videos, etc. Check out IBM YouTube Channels & Playlists Connect with your Relationship Manager to discuss adoption of AI resources in your curriculum
WHITE PAPER Cybersecurity in Modern Critical Infrastructure Environments SECURE-ICS Be in Control Securing Industrial Automation & Control Systems This document is part of CGI s SECURE-ICS family of cyber
Cyber Security: Designing and Maintaining Resilience White paper presented by: Georgia Tech Research Institute Cyber Technology and Information Security Laboratory Dr. George A. Wright Chief Engineer Terrye
E N V I R O N M E N T A L S C A N CYBERSECURITY Los Angeles and Orange Counties J U N E 2 0 1 2 E N V I R O N M E N T A L S C A N CENTER OF EXCELLENCE Los Angeles and Orange Counties Audrey Reille, Director
The Critical Security Controls for Effective Cyber Defense Version 5.0 1 Introduction... 3 CSC 1: Inventory of Authorized and Unauthorized Devices... 8 CSC 2: Inventory of Authorized and Unauthorized Software...
[DRAFT] A Model Curriculum for Programs of Study A Model Curriculum for Programs of Study in Information Security and Assurance in Information Security and Assurance v. 6.0 February 2013 [DRAFT] http://infosec.kennesaw.edu/infoseccurriculummodel.pdf
ICC CYBER SECURITY GUIDE FOR BUSINESS ICC CYBER SECURITY GUIDE FOR BUSINESS Acknowledgements The ICC Cyber security guide for business was inspired by the Belgian Cyber security guide, an initiative of
A Human Capital Crisis in Cybersecurity Technical Proficiency Matters A White Paper of the CSIS Commission on Cybersecurity for the 44th Presidency cochairs Representative James R. Langevin Representative
2014 Deloitte-NASCIO Cybersecurity Study State governments at risk: Time to move forward A publication of Deloitte and the National Association of State Chief Information Officers (NASCIO) Contents Message
The Cisco Connected Learning Experience Strategies for Higher Education Table of Contents Table of Contents Abstract and Executive Summary 3 Trends in Higher Education: The Need for Change 4 Challenges
Priority III: A National Cyberspace Security Awareness and Training Program Everyone who relies on part of cyberspace is encouraged to help secure the part of cyberspace that they can influence or control.
Page 1 of 12 Speakers and Session Synopsis Matthew Ancelin; Network Security Specialist; Palo Alto Networks Matthew Ancelin has been a technologist for 30 years, professionally for 13 years, and focused
TELSTRA CYBER SECURITY REPORT 2014 Security insights, trends and impact to Australian organisations EXECUTIVE SUMMARY The internet presents a world of social connectivity, economic growth and endless opportunities
White paper Need for a bridge to bridge Network Security skills gap A collaborative vision on network security education and cyber-security workforce development Academy Learning The Network Security Academy
Cyber-Security Essentials for State and Local Government Best Practices in Policy and Governance Operational Best Practices Planning for the Worst Case Produced by with content expertise provided by For
PELL CENTER for INTERNATIONAL RELATIONS REPORT and PUBLIC POLICY Professionalizing Cybersecurity: A path to universal standards and status Francesca Spidalieri and Sean Kern August 2014 Executive Summary
Convergence of Social, Mobile and Cloud: 7 Steps to Ensure Success June, 2013 Contents Executive Overview...4 Business Innovation & Transformation...5 Roadmap for Social, Mobile and Cloud Solutions...7
THE GRADUATE SCHOOL CAreer Forward Advance with a respected graduate degree from UMUC. www.umuc.edu/moveforward An advanced degree opens the door to CAreer advancement Professional credentials can help
110101001101101101010011000 11011010100110110101001100 11011010011011010100110000 10100110110101001100010010 Protecting Information The Role of Community Colleges in Cybersecurity Education A Report from
MICHIGAN CYBER INITIATIVE 2015 Leading the Nation: An interagency, public-private collaboration www.michigan.gov/cybersecurity FROM THE GOVERNOR Michigan has become the leader among states in cybersecurity.
IBM Software Big Data & Analytics Thought Leadership White Paper Better business outcomes with IBM Big Data & Analytics The insights to transform your business with speed and conviction 2 Better business
A white paper analysis from Orasi Software Enterprise Security Attacking the problems of application and mobile security Introduction: Securing the Mobile Enterprise The mobile enterprise has created vast
The IT Industry s Cybersecurity Principles for Industry and Government 2011 ITI MEMBER COMPANIES Apple Inc. TABLE OF CONTENTS Executive Summary 5 Setting the Stage 7 Six Cybersecurity Principles 9 Principle
Human Capital Management Trends 2013 It s a Brave New World January 2013 Mollie Lombardi and Madeline Laurano Page 2 Executive Summary Human capital management is a key business initiative. Without insight
Cyber risk in retail Protecting the retail business to secure tomorrow s growth Table of contents Foreword 3 Four issues come to the fore 4 Compliance does not always equal risk management 5 Breach response
Qatar National Cyber Security Strategy MAY 2014 i ii TABLE OF CONTENTS FOREWORD... v EXECUTIVE SUMMARY... vi 1. INTRODUCTION...1 2. THE IMPORTANCE OF CYBER SECURITY TO QATAR...3 2.1 Threats... 3 2.2 Challenges...
TECHNOLOGY ASSOCIATION OF OREGON A Cyber-Studies Strategy for Oregon Prepared for: Engineering Technology Industry Council Prepared by: Technology Association of Oregon May 5, 2014 Document reference No.:
Testimony of Farnam Jahanian, Ph.D. Assistant Director Computer and Information Science and Engineering Directorate Before the Committee on Science, Space, and Technology Subcommittee on Technology and