Security as Architecture A fine grained multi-tiered containment strategy
|
|
- Rosamond Holmes
- 8 years ago
- Views:
Transcription
1 1 Security as Architecture A fine grained multi-tiered containment strategy Andras R. Szakal IBM Distinguished Engineer Chief Software Architect, U.S. Federal SWG aszakal@us.ibm.com
2 2 Objectives Cybersecurity - A fine grained multitiered containment strategy Defining the problem Multi-Tier Containment Model Security Patterns and Blueprints
3 3 With the smarter planet opportunities come new security and privacy risks Protection of sensitive and large volumes of data, shared globally Protection of sensors and actuators in the wild Protection of digital identities
4 4 In order to meet risk management objectives, Smarter Planet solutions need to be Engineered for Security and Dependability. Risks & Threats Attacking Safety Theft of money or services Reputational Loss Privacy Violations Gaming the system Denial of Service Subverting situational awareness Wasting resources on false alarms Hijacking control of equipment Damaging assets Physical and logical tampering
5 5 Information Technology components and systems can contribute to Infrastructure Failures & Engineering Disasters Federal investigators said yesterday that they found "anomalies" in a key component of the electronic control system along the Metro track north of Fort Totten, suggesting that computers might have sent one Red Line train crashing into another. A train control system that should have prevented Monday's deadly Metro crash failed in a test conducted by federal investigators, officials said yesterday, suggesting that a crucial breakdown of technology sent one train slamming into another. The test results are significant because they confirmed earlier findings of "anomalies" in an electrical track circuit in the crash area. The findings suggest that the oncoming train in Monday's crash might not have received information that a train was stopped ahead on the rails north of the Fort Totten Station. If a malfunctioning circuit failed to detect the stopped train, it would have assumed that the stretch of track was clear and set the speed of her train at 59 mph, sending it hurtling into the stopped one.
6 6 Industry Solution Requirements Protecting a Smarter Planet a.k.a. Critical Infrastructure Cybersecuirty From an IBM perspective, Cybersecurity is the practice of achieving the resilience of a Smarter Planet
7 7 Case Study: Sensors and Actuators in the Wild Sensors and Actuators Sensors and In The Wild Actuators In The Wild Driver: Smarter Driver: Planet Industries Smarter Planet make highvalue Industries decisions make based highvalue information decisions that based on originates on information from that sensors originates in the from wild. sensors in the wild. Challenge: Sensors Challenge: are not sufficiently Sensors are physically not secure sufficiently and sensor physically data secure is not and sufficiently sensor protected data is not from sufficiently attack relative protected to the from high attack value relative decisions to the high that are value made decisions based on that them. are made based on them. The link between the points The link of data between the acquisition points of data and the point acquisition of data and the processing point of data is often broken. processing is often broken. Attacks Electric Actuator on a valve in a power plant (Source: Wikipedia)
8 8 What Are We Concerned About? People Physical Objects Biometrics Physical Location Physical Identities Human Accountability Privacy Physical Data Compliance {Netcentric Technology} Autonomous Control Real-time Processes Society High-Impact Processes Nature Legacy of Vulnerable Process Control Technology Physical Sensors in the wild Physical Actuators
9 9 Multi-Tier Architecture & Deperimeterization Multi-Tier Architecture - Our architectures have become componentized, service-based and distributed across platforms and service providers. We no longer have control over all our high value assets we have become deperimeterized.
10 10 Fine-Grained Multi-Tier Containment Supplier Integiry Identity Collaboration - Gov to Gov; Gov to Industry; Gov the Critical infrastructure; Industry to Industry (ICT) Information Assurance Smart Information Environments Data Protection throughout the lifecycle Defending Networks and gateways Persistent threat issues Continuous Network Monitoring High Performance Computing Federated Security Compliance - Trusted Partners validation of (Secure the Supply Chain) policies (IT) Collaboration & Community (Secure the Groups and Processes) Collaboration & Community (Group) Business / Mission (Secure the Services) SOA, Information (Service) Applications / Middleware (Secure the Middleware and Applications) Middleware Data Center/Cloud (Middleware Server) (Secure the Tenant) Platform Data Center/Network/Cloud (Secure the Platform) (Tenant) Data (Secure the Information) Platform (Process) Network (Secure the Transport Layer) Situational Awareness of the Government ecosystems Central Operations Center - government sensitive, civilian agencies/dept, CIP and industry IoD / Analytics Analytics / Dashboarding
11 11 Fine-Grained Multi-Tier Containment Identity Collaboration - Gov to Gov; Gov to Industry; Gov the Critical infrastructure; Industry to Industry (ICT) Information Assurance Smart Information Environments Data Protection throughout the lifecycle Defending Networks and gateways Persistent threat issues Supply Chain High Performance Computing Federated Trusted Security Partners (Secure the Supply Chain) Collaboration & Community (Secure the Groups and Processes) Collaboration & Community (Group) Business / Mission (Secure the Services) SOA, Information (Service) Applications / Middleware (Secure the Middleware and Applications) Middleware Data Center/Cloud (Middleware Server) (Secure the Tenant) Platform Data Center/Network/Cloud (Secure the Platform) (Tenant) Data (Secure the Information) Platform (Process) Network (Secure the Transport Layer) Compliance - validation of policies (IT) Situational Awareness of the Government ecosystems Central Operations Center - government sensitive, civilian agencies/dept, CIP and industry IoD / Analytics Analytics / Dashboarding
12 12 Multi-Tier Containment Strategy Federated Trusted Security Partners (Secure the Supply Chain) Collaboration & Community (Secure the Groups and Processes) Collaboration & Community (Group) Business / Mission (Secure the Services) SOA, Information (Service) Applications / Middleware (Secure the Middleware and Applications) Secure Each Teir / Layer Independenly Middleware Data Center/Cloud (Middleware Server) (Secure the Tenant) Platform Data Center/Network/Cloud (Secure the Platform) (Tenant) Data (Secure the Information) Platform (Process) Network (Secure the Transport Layer) Secure the Boundary Between Each Tier / Layer Cross-Cutting Security Services
13 13 Cybersecurity Model Based on the IBM Security Framework Fine-Grained Multi-Tier Containment
14 14 Cybersecurity Model Foundational Security Components Software, System & Service Assurance Identity, Access & Entitlement Mgmt Foundational Security Data & Information Protection Mgmt Threat & Vulnerability IT Service Command and Control Mgmt Security Policy Risk & Compliance Assessment Physical Asset
15 15 Secure the Platform (Operating Environment) Focus: Command and Control provides the command center for security management as well as the operational security capabilities for non-it assets and services to ensure protection, response, continuity and recovery. Includes: Providing the approving authority for security; ensuring that physical and operational security is maintained for locations, assets, humans, environment and utilities; providing surveillance and monitoring of locations, perimeters and areas; enforce entry controls; providing for positioning, tracking and identification of humans and assets; continuity and recovery operations. Foundational Security Mgmt Service Command and Control Mgmt Supervisory Control & Delegation of Authority Command Center Intelligence Service Continuity & Recovery Physical Asset Mgmt Security Services and Infrastructure Physical Security Identity, Access & Entitlement Infrastructure Policies Knowledge Security Service Level Objectives Surveillance & Monitoring Services Positioning and Tracking Services Environment & Utility Assurance Security Policy Infrastructure Detection Services Location, perimeter & area protection Service Mgmt and Process Automation IT Security Services and Mechanisms Entry Control Response Services Human Identification
16 16 Secure the Platform Architectural Pattern Security System Identity, Access & Entitlement Mgmt Business Service platform Delegation of authority Policies Data & Information Protection Mgmt Locations actors assets Command and Control Mgmt Security Policy Software, System & Service Assurance Processes Service directives and objectives IT Service Applications Compliance metrics Threat & Vulnerability Hosts and End-points Storage Compliance Reports Risk Posture Risk & Compliance Assessment Physical Asset Events & artifacts Networks Data Security Events & Logs Knowledge Infrastructure Service platform
17 17 Security Blueprint Patterns IBM Security Framework: Business Security Reference Model Governance, Risk, Compliance (GRC) Application & Process People & Identity IT Infrastructure: Network, Server, End Point Data & Information Physical Infrastructure Architectural Principles Software, System & Service Assurance Command and Control Mgmt Security Info and Event Infrastructure Network Security Identity, Access & Entitlement Mgmt Foundational Security Security Policy Security Services and Infrastructure Identity, Access & Entitlement Infrastructure Storage Security Data & Information Protection Mgmt Risk & Compliance Assessment Security Policy Infrastructure Host and End-point Security Threat & Vulnerability Physical Asset Cryptography, Key & Certificate Infrastructure Application Security IT Service Service and Process Automation Physical Security IT Security Services and Mechanisms Security Service Level Objectives Code & Images Designs Policies Configuration Info and Registry Identities & Attributes Resources Contexts Data Security Events & Logs Knowledge
18 18 Thank you! For more information, please visit: ibm.com/cloud Ibm.com/security
19 Identity, Access & Entitlement Focus: This sublayer provides all services related to roles and identities, access rights and entitlements. The goal of these services is to assure that access to resources has been given to the right identities, at the right time, for the right purpose. It also supports that access to resources is monitored and audited for unauthorized or unacceptable use. Foundational Security Mgmt Service Trust Mgmt Identity Lifecycle Credential Mgmt Role & Entitlement Enrollment Services Identity Issuing Credential Mgmt Role / Entitlement Modeling Compliance Compliance Reporting 19 Identity, Access and Entitlement Mgmt Proofing Services Identity Resolution Identity Provisioning Identity Re/certification Identity and Attribute Services Credential and Token Exchange Services Role / Entitlement Discovery Org and App Role Reputation Services Identity Revocation Single Sign-on Services Entitlement Security Services and Infrastructure Identity, Access & Entitlement Infrastructure Host & Endpoint Network Storage Application Identities & Attributes Security Service Level Objectives Authentication Nonrepudiation Authorization Directory and Attribute Services Access Control Entitlement Policy Policies Contexts Security Policy Infrastructure Cryptography, Key & Certificate Infrastructure IT Security Services and Mechanisms
20 20 Trusted Advisor Solution Provider Security Company The Company Security for the Cloud Security from the Cloud Security & Privacy Leadership
21 21 Cloud Security = SOA Security + Secure Virtualized Runtime Two examples: IBM Tivoli Federated Identity Manager IBM Security Virtual Server Protection
22 Example 1: IBM Tivoli Federated Identity Manager 22 Centralized user access management to on- and off-premise apps and services Wide variety of Federated SSO protocols SAML 1.0 / 1.1 / 2.0 WS-Federation Liberty ID-FF 1.1/ 1.2 Information Card Profile 1.0 OpenID Integration with IBM LotusLive, Google Apps, salesforce.com, etc. SMB A TFIM BG Enterprise B TFIM Enterprise C TFIM & TSPM Google Apps Salesforce Microsoft Tools for user enrollment, WS-Trust based security token services, web access management Simplify integration across Java,.NET and mainframe environments TFIM = Tivoli Federated Identity Manager TFIM BG = TFIM Business Gateway for SMB deployment TSPM = Tivoli Security Policy Manager for data entitlement management IBM Lotus Live
23 23 Example 2: IBM Security Virtual Server Protection for VMware Integrated threat protection for VMware vsphere 4 Offers broadest, most integrated, defense-in-depth virtualization security with one product Provides dynamic protection for every layer of the virtual infrastructure Helps meet regulatory compliance by providing security and reporting functionality customized for the virtual infrastructure Increases ROI of the virtual infrastructure with easy to maintain, easy to deploy security Firewall Auto Discovery VMsafe Integration Virtual Infrastructure Auditing (Privileged User Access) Rootkit Detection Virtual Network Segment Protection Intrusion Detection & Prevention Virtual Network-Level Protection Inter-VM Traffic Analysis Virtual Network Access Control VM Sprawl Central Network Policy Enforcement Web Application Protection Automated Protection for Mobile VMs (VMotion) Virtual Patch
24 24 Deperimeterization & IBM Security Framework
25 25 Cybersecurity Model Based on the IBM Security Framework Cyber security Solution Requirements
26 26 Cybersecurity - Situational Awareness Full spectrum analysis of security relevant events: Network Application Platform Data Behavioral Integrated Command and Control
27 27 Cyber Security Architectural Overview
28 28 IBM Secure Engineering Framework Published the IBM Secure Engineering Framework Represents a compilation of internal security practices Provides consistent message on IBM s approach to addressing vulnerabilities Differentiates IBM capabilities and offerings among vendors and alliances Can provide a unified go-to-market strategy for security features in products & development tools Provide structure, execution and accountability for software and solution development projects Build and Maintain trusted relationships with suppliers, distribution channels, import/ export and customer support Best practices for secure software in design, development and deployment Continual improvement for the security characteristics of software offerings through Key Performance Indicators
29 29 IBM s Holistic Cyber Security Approach IBM security framework the IBM Institute for Advanced Security
Security and Privacy Aspects in Cloud Computing
Frank Hebestreit, CISA, CIPP/IT IBM Security Services, IBM Global Technology Services frank.hebestreit@de.ibm.com Security and Privacy Aspects in Cloud Computing 17.11.2010 Outline Brief Introduction to
More informationVirtualization with VMware and IBM: Enjoy the Ride, but Don t Forget to Buckle Up!
Virtualization with VMware and IBM: Enjoy the Ride, but Don t Forget to Buckle Up! Ravi Kumar, Group Product Marketing Manager - Security, VMware Bob Kalka, Director, IBM Security Solutions, IBM The Rise
More informationSecurity and Cloud Computing
Martin Borrett, Lead Security Architect, Europe, IBM 9 th December 2010 Outline Brief Introduction to Cloud Computing Security: Grand Challenge for the Adoption of Cloud Computing IBM and Cloud Security
More informationCLOUD SECURITY: THE GRAND CHALLENGE
Government Ware: GovWare Singapore September 29, 2010 CLOUD SECURITY: THE GRAND CHALLENGE Glen Gooding Asia Pacific Security Leader IBM Corporation ggooding@au1.ibm.com Rest safe: Google saves the day
More informationProvide access control with innovative solutions from IBM.
Security solutions To support your IT objectives Provide access control with innovative solutions from IBM. Highlights Help protect assets and information from unauthorized access and improve business
More informationStrengthen security with intelligent identity and access management
Strengthen security with intelligent identity and access management IBM Security solutions help safeguard user access, boost compliance and mitigate insider threats Highlights Enable business managers
More informationMobile, Cloud, Advanced Threats: A Unified Approach to Security
Mobile, Cloud, Advanced Threats: A Unified Approach to Security David Druker, Ph.D. Senior Security Solution Architect IBM 1 Business Security for Business 2 Common Business Functions Manufacturing or
More informationEnterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationAddressing Cyber Security in Oracle Utilities Applications
Addressing Cyber Security in Oracle Utilities Applications Anthony Shorten Principal Product Manager Oracle Utilities Global Business Unit Sept, 2014 Safe Harbor Statement The following is intended to
More informationWhen millions need access: Identity management in an increasingly connected world
IBM Software Thought Leadership White Paper January 2011 When millions need access: Identity management in an increasingly connected world Best practice solutions that scale to meet today s huge numbers
More informationSecuring the Cloud through Comprehensive Identity Management Solution
Securing the Cloud through Comprehensive Identity Management Solution Millie Mak Senior IT Specialist What is Cloud Computing? A user experience and a business model Cloud computing is an emerging style
More informationThe Benefits of an Integrated Approach to Security in the Cloud
The Benefits of an Integrated Approach to Security in the Cloud Judith Hurwitz President and CEO Marcia Kaufman COO and Principal Analyst Daniel Kirsch Senior Analyst Sponsored by IBM Introduction The
More informationAPI Management: Powered by SOA Software Dedicated Cloud
Software Dedicated Cloud The Challenge Smartphones, mobility and the IoT are changing the way users consume digital information. They re changing the expectations and experience of customers interacting
More informationIBM QRadar Security Intelligence April 2013
IBM QRadar Security Intelligence April 2013 1 2012 IBM Corporation Today s Challenges 2 Organizations Need an Intelligent View into Their Security Posture 3 What is Security Intelligence? Security Intelligence
More informationHealthcare: La sicurezza nel Cloud October 18, 2011. 2011 IBM Corporation
Healthcare: La sicurezza nel Cloud October 18, 2011 Cloud Computing Tests The Limits Of Security Operations And Infrastructure Security and Privacy Domains People and Identity Data and Information Application
More informationIntelligent Security Design, Development and Acquisition
PAGE 1 Intelligent Security Design, Development and Acquisition Presented by Kashif Dhatwani Security Practice Director BIAS Corporation Agenda PAGE 2 Introduction Security Challenges Securing the New
More informationIBM Tivoli Federated Identity Manager
IBM Tivoli Federated Identity Manager Employ user-centric federated access management to enable secure online business collaboration Highlights Enhance business-to-business and business-to-consumer collaborations
More informationOPENIAM ACCESS MANAGER. Web Access Management made Easy
OPENIAM ACCESS MANAGER Web Access Management made Easy TABLE OF CONTENTS Introduction... 3 OpenIAM Access Manager Overview... 4 Access Gateway... 4 Authentication... 5 Authorization... 5 Role Based Access
More informationCloud Security: The Grand Challenge
Dr. Paul Ashley IBM Software Group pashley@au1.ibm.com Cloud Security: The Grand Challenge Outline Cloud computing: the pros, the cons, the blind spots Security in the cloud - what are the risks now and
More informationCloud computing is a new consumption and delivery model. Yesterday Today
IBM Cloud Security Strategy Securing the Cloud Johan Van Mengsel, CISSP Open Group Distinguished IT Specialist IBM Global Technology Services 2010 IBM Corporation Todays Challenges 85% idle 70 per $1 1.5x
More informationCloud security architecture
ericsson White paper Uen 284 23-3244 January 2015 Cloud security architecture from process to deployment The Trust Engine concept and logical cloud security architecture presented in this paper provide
More informationHow To Write An Architecture For An Bm Security Framework
Security Reference Architecture James (Jimmy) Darwin James.Darwin@au.ibm.com 2010 IBM Corporation 0 Reference Architectures As part of the Time-to-Value Initiative, Reference Architectures have been identified
More informationThe Challenges of Web single sign-on
Serge Vereecke Security Architect IBM Security Services serge_vereecke@be.ibm.com The Challenges of Web single sign-on GSE Event September 7, 2012 Agenda Single sign-on technology Why single sign-on Challenges
More informationRE Think. IT & Business. Invent. IBM SmartCloud Security. Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC
RE Think Invent IT & Business IBM SmartCloud Security Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC 2014 IBM Corporation Some Business Questions Is Your Company is Secure
More informationIBM Smarter Cities Cybersecurity Update
IBM Smarter Cities Cybersecurity Update October 2012 Kent Blossom, Vice President, IBM Security Solutions kblossom@us.ibm.com 1 Discussion Topics IBM Security Systems Evolving Client Priorities & Approaches
More informationNetzwerkvirtualisierung? Aber mit Sicherheit!
Netzwerkvirtualisierung? Aber mit Sicherheit! Markus Schönberger Advisory Technology Consultant Trend Micro Stephan Bohnengel Sr. Network Virtualization SE VMware Agenda Background and Basic Introduction
More informationSecurity Solution Architecture for VDI
Solution Architecture for VDI A reference implementation of VMware BENEFITS Validated solution architecture provides unprecedented end-to-end security dashboard for virtual desktop infrastructure (VDI)
More informationLeveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs
IBM Global Technology Services Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs Achieving a secure government
More informationPost-Access Cyber Defense
Post-Access Cyber Defense Dr. Vipin Swarup Chief Scientist, Cyber Security The MITRE Corporation November 2015 Approved for Public Release; Distribution Unlimited. 15-3647. 2 Cyber Security Technical Center
More informationIBM Security. 2013 IBM Corporation. 2013 IBM Corporation
IBM Security Security Intelligence What is Security Intelligence? Security Intelligence --noun 1.the real-time collection, normalization and analytics of the data generated by users, applications and infrastructure
More informationCONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL
CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to
More informationRagy Magdy Regional Channel Manager MEA IBM Security Systems
Ragy Magdy Regional Channel Manager MEA IBM Security Systems 1 Started my career in Security in 2003 by Joining ISS 2005 was named the ISS Regional Manager for the Middle East 2006 ISS was acquired by
More informationService management White paper. Manage access control effectively across the enterprise with IBM solutions.
Service management White paper Manage access control effectively across the enterprise with IBM solutions. July 2008 2 Contents 2 Overview 2 Understand today s requirements for developing effective access
More informationAPIs The Next Hacker Target Or a Business and Security Opportunity?
APIs The Next Hacker Target Or a Business and Security Opportunity? SESSION ID: SEC-T07 Tim Mather VP, CISO Cadence Design Systems @mather_tim Why Should You Care About APIs? Amazon Web Services EC2 alone
More informationSecuring the Journey to the Private Cloud. Dominique Dessy RSA, the Security Division of EMC
Securing the Journey to the Private Cloud Dominique Dessy RSA, the Security Division of EMC June 2010 Securing the Journey to The Private Cloud The Journey IT Production Business Production IT-As-A-Service
More informationHow To Protect Your Virtual Infrastructure From Attack From A Cyber Threat
VMware Integrated Partner Solutions for Networking and Security VMware Integrated Partner Solutions for Security and Compliance VMware vcloud Networking and Security is the leading networking and security
More informationDefending against modern threats Kruger National Park ICCWS 2015
Defending against modern threats Kruger National Park ICCWS 2015 Herman Opperman (CISSP, ncse, MCSE-Sec) - Architect, Cybersecurity Global Practice Microsoft Corporation Trends from the field Perimeter
More informationThe Next Generation of Security Leaders
The Next Generation of Security Leaders In an increasingly complex cyber world, there is a growing need for information security leaders who possess the breadth and depth of expertise necessary to establish
More informationSafeguarding the cloud with IBM Security solutions
Safeguarding the cloud with IBM Security solutions Maintain visibility and control with proven solutions for public, private and hybrid clouds Highlights Address cloud concerns with enterprise-class solutions
More informationExternal Supplier Control Requirements
External Supplier Control s Cyber Security For Suppliers Categorised as Low Cyber Risk 1. Asset Protection and System Configuration Barclays Data and the assets or systems storing or processing it must
More informationLecture 02b Cloud Computing II
Mobile Cloud Computing Lecture 02b Cloud Computing II 吳 秀 陽 Shiow-yang Wu T. Sridhar. Cloud Computing A Primer, Part 2: Infrastructure and Implementation Topics. The Internet Protocol Journal, Volume 12,
More informationIdentity Federation Broker for Service Cloud
2010 International Conference on Sciences Identity Federation Broker for Cloud He Yuan Huang 1, Bin Wang 1, Xiao Xi Liu 1, Jing Min Xu 1 1 IBM Research China {huanghey, wangbcrl, liuxx, xujingm}@cn.ibm.com
More informationInformation Security: Why is it important for the Healthcare Industry?
IBM and Security in the Healthcare Industry Information Security: Why is it important for the Healthcare Industry? Glen Gooding IBM Security Leader ggooding@au1.ibm.com May 25 2010 Baseline definitions
More informationIBM. How can we support the requirement of creating dynamic, flexible and cost effective solution in the IAM area?
IBM How can we support the requirement of creating dynamic, flexible and cost effective solution in the IAM area? Sven-Erik Vestergaard Nordic Security Architect IBM Software group svest@dk.ibm.com Security
More informationSafeguarding the cloud with IBM Dynamic Cloud Security
Safeguarding the cloud with IBM Dynamic Cloud Security Maintain visibility and control with proven security solutions for public, private and hybrid clouds Highlights Extend enterprise-class security from
More informationSecurity Solutions to Meet NERC-CIP Requirements. Kevin Staggs, Honeywell Process Solutions
Kevin Staggs, Honeywell Process Solutions Table of Contents Introduction...3 Nerc Standards and Implications...3 How to Meet the New Requirements...4 Protecting Your System...4 Cyber Security...5 A Sample
More informationSecure Cloud Computing
Secure Cloud Computing Agenda Current Security Threat Landscape Over View: Cloud Security Overall Objective of Cloud Security Cloud Security Challenges/Concerns Cloud Security Requirements Strategy for
More informationEnterprise Cybersecurity: Building an Effective Defense
Enterprise Cybersecurity: Building an Effective Defense Chris Williams Oct 29, 2015 14 Leidos 0224 1135 About the Presenter Chris Williams is an Enterprise Cybersecurity Architect at Leidos, Inc. He has
More informationHow does IBM deliver cloud security? An IBM paper covering SmartCloud Services 1
How does IBM deliver cloud security? An IBM paper covering SmartCloud Services 1 2 How does IBM deliver cloud security? Contents 2 Introduction 3 Cloud governance 3 Security governance, risk management
More informationPreemptive security solutions for healthcare
Helping to secure critical healthcare infrastructure from internal and external IT threats, ensuring business continuity and supporting compliance requirements. Preemptive security solutions for healthcare
More informationCloud computing White paper November 2009. IBM Point of View: Security and Cloud Computing
White paper November 2009 IBM Point of View: Security and Cloud Computing Page 2 Table of Contents Introduction... 3 Address cloud security the grand challenge... 4 Evaluate different models of cloud computing...
More informationCloud Essentials for Architects using OpenStack
Cloud Essentials for Architects using OpenStack Course Overview Start Date 18th December 2014 Duration 2 Days Location Dublin Course Code SS906 Programme Overview Cloud Computing is gaining increasing
More informationCloud Security - Risiken und Chancen
Dr. Matthias Schunter, MBA IBM Research Zürich, mts@zurich.ibm.com, http://www.schunter.org Simple Questions Today s Data Center Tomorrow s Public Cloud We Have Control It s located at X. It s stored in
More informationIBM Security Intrusion Prevention Solutions
IBM Security Intrusion Prevention Solutions Sarah Cucuz sarah.cucuz@spyders.ca IBM Software Solution Brief IBM Security intrusion prevention solutions In-depth protection for networks, servers, endpoints
More informationTake the Red Pill: Becoming One with Your Computing Environment using Security Intelligence
Take the Red Pill: Becoming One with Your Computing Environment using Security Intelligence Chris Poulin Security Strategist, IBM Reboot Privacy & Security Conference 2013 1 2012 IBM Corporation Securing
More informationIBM Security Systems Solutions
1 IBM Security Systems Solutions Agenda Market opportunity Where are companies investing in security today? What do we offer? Customer case studies and win reviews Security and the Cloud Call to action
More informationSOLUTIONS. Secure Infrastructure as a Service for Production Workloads
IaaS SOLUTIONS Secure Infrastructure as a Service for Production Workloads THE CHALLENGE Now more than ever, business and government are facing the challenge of balancing conflicting demands. Market pressures
More informationBeyond passwords: Protect the mobile enterprise with smarter security solutions
IBM Software Thought Leadership White Paper September 2013 Beyond passwords: Protect the mobile enterprise with smarter security solutions Prevent fraud and improve the user experience with an adaptive
More informationSession 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness
Session 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness Wayne A. Wheeler The Aerospace Corporation GSAW 2015, Los Angeles, CA, March 2015 Agenda Emerging cyber
More informationTriangle InfoSeCon. Alternative Approaches for Secure Operations in Cyberspace
Triangle InfoSeCon Alternative Approaches for Secure Operations in Cyberspace Lt General Bob Elder, USAF (Retired) Research Professor, George Mason University Strategic Advisor, Georgia Tech Research Institute
More informationConsolidated security management for mainframe clouds
Security Thought Leadership White Paper February 2012 Consolidated security management for mainframe clouds Leveraging the mainframe as a security hub for cloud-computing environments 2 Consolidated security
More informationTechnology Blueprint. Protect Your Email Servers. Guard the data and availability that enable business-critical communications
Technology Blueprint Protect Your Email Servers Guard the data and availability that enable business-critical communications LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4 5 3 Security
More informationSecurity It s an ecosystem thing
Security It s an ecosystem thing Joseph Alhadeff Vice President Global Public Policy, Chief Privacy Strategist The Security challenge in the before time. Today s Threat Environment
More informationThe Protection Mission a constant endeavor
a constant endeavor The IT Protection Mission a constant endeavor As businesses become more and more dependent on IT, IT must face a higher bar for preparedness Cyber preparedness is the process of ensuring
More informationIBM 000-281 EXAM QUESTIONS & ANSWERS
IBM 000-281 EXAM QUESTIONS & ANSWERS Number: 000-281 Passing Score: 800 Time Limit: 120 min File Version: 58.8 http://www.gratisexam.com/ IBM 000-281 EXAM QUESTIONS & ANSWERS Exam Name: Foundations of
More informationSecurity Issues in Cloud Computing
Security Issues in Computing CSCI 454/554 Computing w Definition based on NIST: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources
More informationIBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation
IBM Cloud Security Draft for Discussion September 12, 2011 IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns surrounding cloud computing
More informationObserveIT User Activity Monitoring
KuppingerCole Report EXECUTIVE VIEW by Martin Kuppinger April 2015 ObserveIT provides a comprehensive solution for monitoring user activity across the enterprise. The product operates primarily based on
More information8 Steps to Holistic Database Security
Information Management White Paper 8 Steps to Holistic Database Security By Ron Ben Natan, Ph.D., IBM Distinguished Engineer, CTO for Integrated Data Management 2 8 Steps to Holistic Database Security
More information2011 Cyber Security and the Advanced Persistent Threat A Holistic View
2011 Cyber and the Advanced Persistent Threat A Holistic View Thomas Varney Cybersecurity & Privacy BM Global Business Services 1 31/10/11 Agenda The Threat We Face A View to Addressing the Four Big Problem
More informationMitigating Information Security Risks of Virtualization Technologies
Mitigating Information Security Risks of Virtualization Technologies Toon-Chwee, Wee VMWare (Hong Kong) 2009 VMware Inc. All rights reserved Agenda Virtualization Overview Key Components of Secure Virtualization
More informationCyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown
Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available
More informationA Look at the New Converged Data Center
Organizations around the world are choosing to move from traditional physical data centers to virtual infrastructure, affecting every layer in the data center stack. This change will not only yield a scalable
More informationPlan of Attack 5 Step Plan
Plan of Attack 5 Step Plan Naming those Digital Assets Practicing Digital Doomsday Training + Policies and Procedures Technology Tuning Security in the Supply Chain Next Steps Sample Plan 0 to 30 Days
More informationBeyondInsight Version 5.6 New and Updated Features
BeyondInsight Version 5.6 New and Updated Features BeyondInsight 5.6 Expands Risk Visibility Across New Endpoint, Cloud and Firewall Environments; Adds Proactive Threat Alerts The BeyondInsight IT Risk
More informationNETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015
NETWORK ACCESS CONTROL AND CLOUD SECURITY Tran Song Dat Phuc SeoulTech 2015 Table of Contents Network Access Control (NAC) Network Access Enforcement Methods Extensible Authentication Protocol IEEE 802.1X
More informationPALANTIR CYBER An End-to-End Cyber Intelligence Platform for Analysis & Knowledge Management
PALANTIR CYBER An End-to-End Cyber Intelligence Platform for Analysis & Knowledge Management INTRODUCTION Traditional perimeter defense solutions fail against sophisticated adversaries who target their
More informationService Oriented Networks Security. David Brossard, M.Eng, SCEA Senior Security Researcher, BT Innovate Globecom 2008
Service Oriented Networks Security David Brossard, M.Eng, SCEA Senior Security Researcher, BT Innovate Globecom 2008 While empowering new business models, SON leads to a proliferation of application networks
More informationNIST CYBERSECURITY FRAMEWORK COMPLIANCE WITH OBSERVEIT
NIST CYBERSECURITY FRAMEWORK COMPLIANCE WITH OBSERVEIT OVERVIEW The National Institute of Standards of Technology Framework for Improving Critical Infrastructure Cybersecurity (The NIST Framework) is a
More informationF5 Identity and Access Management (IAM) Overview. Laurent PETROQUE Manager Field Systems Engineering, France
F5 Identity and Access Management (IAM) Overview Laurent PETROQUE Manager Field Systems Engineering, France F5 s Security Strategy Protect Apps/Data Wherever They Reside Control Access to Apps/Data from
More informationNew Broadband and Dynamic Infrastructures for the Internet of the Future
New Broadband and Dynamic Infrastructures for the Internet of the Future Margarete Donovang-Kuhlisch, Government Industry Technical Leader, Europe mdk@de.ibm.com Agenda Challenges for the Future Intelligent
More informationSCADA Security Measures
Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA SCADA Security Measures
More informationCAS8489 Delivering Security as a Service (SIEMaaS) November 2014
CAS8489 Delivering Security as a Service (SIEMaaS) November 2014 Usman Choudhary Senior Director usman@netiq.com Rajeev Khanolkar CEO SecurView Agenda What is Security Monitoring? Definition & concepts
More informationApplying IBM Security solutions to the NIST Cybersecurity Framework
IBM Software Thought Leadership White Paper August 2014 Applying IBM Security solutions to the NIST Cybersecurity Framework Help avoid gaps in security and compliance coverage as threats and business requirements
More informationAhead of the threat with Security Intelligence
Ahead of the threat with Security Intelligence PITB Information Security Conference 2013 Zoaib Nafar Brand Technical Sales Lead 2012 IBM Corporation 1 The world is becoming more digitized and interconnected,
More information<Insert Picture Here> Oracle Identity And Access Management
Oracle Identity And Access Management Gautam Gopal, MSIST, CISSP Senior Security Sales Consultant Oracle Public Sector The following is intended to outline our general product direction.
More informationVirtualization Essentials
Virtualization Essentials Table of Contents Introduction What is Virtualization?.... 3 How Does Virtualization Work?... 4 Chapter 1 Delivering Real Business Benefits.... 5 Reduced Complexity....5 Dramatically
More informationSecurity and Cloud Compunting - Security impacts, best practices and solutions -
Security and Cloud Compunting - Security impacts, best practices and solutions - Andrea Carmignani Senior IT Architect What is Cloud Security It s about business and data behind it The ability to maintain
More informationAn Oracle White Paper Feb 2012. Buyer s Guide for Access Management
An Oracle White Paper Feb 2012 Buyer s Guide for Access Management Oracle White Paper Buyer s Guide for Access Management Disclaimer The following is intended to outline our general product direction.
More informationVICNET is G-Cloud7 GOV UK Supplier VISIT DIGITAL MARKET PLACE VICNETCLOUD VICNET CLOUD MIGRATION SERVICES
VICNET is G-Cloud7 GOV UK Supplier VISIT DIGITAL MARKET PLACE VICNETCLOUD VICNET CLOUD MIGRATION SERVICES Consult and assess your business and technical requirements Advise you on the best cloud solutions
More informationJourney to the Private Cloud. Key Enabling Technologies
Journey to the Private Cloud Key Enabling Technologies Jeffrey Nick Chief Technology Officer Senior Vice President EMC Corporation June 2010 1 The current I/T state: Infrastructure sprawl Information explosion
More informationIBM Security Strategy
IBM Security Strategy Intelligence, Integration and Expertise Kate Scarcella CISSP Security Tiger Team Executive M.S. Information Security IBM Security Systems IBM Security: Delivering intelligence, integration
More informationEXECUTIVE VIEW. CA Privileged Identity Manager. KuppingerCole Report
KuppingerCole Report EXECUTIVE VIEW by Alexei Balaganski March 2015 is a comprehensive Privileged Identity Management solution for physical and virtual environments with a very broad range of supported
More informationMetrics that Matter Security Risk Analytics
Metrics that Matter Security Risk Analytics Rich Skinner, CISSP Director Security Risk Analytics & Big Data Brinqa rskinner@brinqa.com April 1 st, 2014. Agenda Challenges in Enterprise Security, Risk
More informationIBM Software Choosing the right virtualization security solution
IBM Software Choosing the right virtualization security solution Meet the unique security challenges of virtualized environments 2 Choosing the right virtualization security solution Having the right tool
More informationCLOUD STORAGE SECURITY INTRODUCTION. Gordon Arnold, IBM
CLOUD STORAGE SECURITY INTRODUCTION Gordon Arnold, IBM SNIA Legal Notice The material contained in this tutorial is copyrighted by the SNIA. Member companies and individual members may use this material
More informationIoT & SCADA Cyber Security Services
IoT & SCADA Cyber Security Services RIOT SOLUTIONS PTY LTD P.O. Box 10087, Adelaide St Brisbane QLD 4000 BRISBANE HEAD OFFICE Level 4, 60 Edward St, Brisbane, QLD 4000 T: 1300 744 028 Email: sales@riotsolutions.com.au
More informationNetwork Access Control in Virtual Environments. Technical Note
Contents Security Considerations in.... 3 Addressing Virtualization Security Challenges using NAC and Endpoint Compliance... 3 Visibility and Profiling of VMs.... 4 Identification of Rogue or Unapproved
More informationEnterprise Security Architecture Concepts and Practice
Enterprise Architecture Concepts and Practice Jim Whitmore whitmore@us.ibm.com Presentation to Open Group Oct 22, 2003 Enterprise Architecture Abstract In the early 90 s IBM Global Services created a Consultancy
More informationArchitecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud
Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud Rob Randell, CISSP Principal Systems Engineer Security Specialist Agenda What is the Cloud? Virtualization Basics
More information