Protecting against cyber threats and security breaches



Similar documents
IBM QRadar Security Intelligence April 2013

Security Intelligence

Take the Red Pill: Becoming One with Your Computing Environment using Security Intelligence

The webinar will begin shortly

Under the Hood of the IBM Threat Protection System

IBM Security Intelligence Strategy

Data Security: Fight Insider Threats & Protect Your Sensitive Data

Security strategies to stay off the Børsen front page

The Current State of Cyber Security

L evoluzione del Security Operation Center tra Threat Detection e Incident Response & Management

Addressing Security for Hybrid Cloud

Securing the Cloud infrastructure with IBM Dynamic Cloud Security

and Security in the Era of Cloud

Mobile, Cloud, Advanced Threats: A Unified Approach to Security

Web application security Executive brief Managing a growing threat: an executive s guide to Web application security.

Advanced Threat Protection with Dell SecureWorks Security Services

El costo oculto de las aplicaciones Vulnerables. Faustino Sanchez. WW Security Sales Enablement. IBM Canada

How To Test For Security On A Network Without Being Hacked

IBM Security Systems Support

IBM Security QRadar Risk Manager

IBM Security re-defines enterprise endpoint protection against advanced malware

How to Choose the Right Security Information and Event Management (SIEM) Solution

IBM Security QRadar Risk Manager

Application Security from IBM Karl Snider, Market Segment Manager March 2012

Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015

Things To Do After You ve Been Hacked

Safeguarding the cloud with IBM Dynamic Cloud Security

IBM SECURITY QRADAR INCIDENT FORENSICS

IBM Security Intrusion Prevention Solutions

North American Electric Reliability Corporation (NERC) Cyber Security Standard

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

defending against advanced persistent threats: strategies for a new era of attacks agility made possible

IBM Security X-Force Threat Intelligence

AMPLIFYING SECURITY INTELLIGENCE

Strengthen security with intelligent identity and access management

Security for a Smarter Planet IBM Corporation All Rights Reserved.

IBM Security IBM Corporation IBM Corporation

Mobile Security. Luther Knight Mobility Management Technical Specialist, Europe IOT IBM Security April 28, 2015.

Beyond the Hype: Advanced Persistent Threats

Applying IBM Security solutions to the NIST Cybersecurity Framework

Reducing the cost and complexity of endpoint management

Introduction to PCI DSS

A MULTIFACETED CYBERSECURITY APPROACH TO SAFEGUARD YOUR OPERATIONS

DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER

Symantec Cyber Threat Analysis Program Program Overview. Symantec Cyber Threat Analysis Program Team

How To Create An Insight Analysis For Cyber Security

Security solutions White paper. Acquire a global view of your organization s security state: the importance of security assessments.

External Supplier Control Requirements

Breaking down silos of protection: An integrated approach to managing application security

Information Security Services

Effectively Using Security Intelligence to Detect Threats and Exceed Compliance

IBM Security QRadar Vulnerability Manager

Microsoft s cybersecurity commitment

How we see malware introduced Phishing Targeted Phishing Water hole Download (software (+ free ), music, films, serialz)

IBM Security Privileged Identity Manager helps prevent insider threats

CYBER SECURITY INFORMATION SHARING & COLLABORATION

Accenture Intelligent Security for the Digital Enterprise. Archer s important role in solving today's pressing security challenges

Cyber security Building confidence in your digital future

Breaking the Cyber Attack Lifecycle

Simplify security management in the cloud

Payment Card Industry Data Security Standard

Cisco Advanced Services for Network Security

Introducing IBM s Advanced Threat Protection Platform

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES.

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

Integrating MSS, SEP and NGFW to catch targeted APTs

White Paper. Intelligent DDoS Protection Use cases for applying DDoS Intelligence to improve preparation, detection and mitigation

CYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS

Into the cybersecurity breach

CORE Security and the Payment Card Industry Data Security Standard (PCI DSS)

SPEAR PHISHING AN ENTRY POINT FOR APTS

Worldwide Security and Vulnerability Management Forecast and 2008 Vendor Shares

Staying a step ahead of the hackers: the importance of identifying critical Web application vulnerabilities.

Cloud Security Primer MALICIOUS NETWORK COMMUNICATIONS: WHAT ARE YOU OVERLOOKING?

Risk-based solutions for managing application security

Session 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness

Addressing the Full Attack Continuum: Before, During, and After an Attack. It s Time for a New Security Model

Reference Architecture: Enterprise Security For The Cloud

Cisco Advanced Malware Protection for Endpoints

ProtectWise: Shifting Network Security to the Cloud Date: March 2015 Author: Tony Palmer, Senior Lab Analyst and Aviv Kaufmann, Lab Analyst

Technical Testing. Application, Network and Red Team Testing DATA SHEET. Test your security defenses. Expert Testing, Analysis and Assessments

Technical Testing. Network Testing DATA SHEET

Incident Response. Six Best Practices for Managing Cyber Breaches.

Gaining the upper hand in today s cyber security battle

Cybersecurity Kill Chain. William F. Crowe, CISA, CISM, CRISC, CRMA September 2015 ISACA Jacksonville Chapter Meeting August 13, 2015

ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES

IBM Advanced Threat Protection Solution

Beyond passwords: Protect the mobile enterprise with smarter security solutions

Let s talk about assets in QRadar

The Symantec Approach to Defeating Advanced Threats

Top 5 Global Bank Selects Resolution1 for Cyber Incident Response.

Compliance Guide ISO Compliance Guide. September Contents. Introduction 1. Detailed Controls Mapping 2.

Protect the data that drives our customers business. Data Security. Imperva s mission is simple:

Transcription:

Protecting against cyber threats and security breaches IBM APT Survival Kit Alberto Benavente Martínez abenaventem@es.ibm.com IBM Security Services Jun 11, 2015 (Madrid, Spain) 12015 IBM Corporation

So what is an advanced persistent threat (APT)? (Hint: Conficker was an APT) Anatomy of an advanced persistent threat (APT) Advanced Persistent Targeted Look for vulnerabilities within infrastructure Evaluate security controls to identify areas to exploit Gain access to privileged systems + + Can be months or years before detected Anti-virus and traditional security controls insufficient Pervasive evolve and proliferate rapidly Remember Conficker? Toward specific Organizations To steal specific data or cause specific damage 2

The IBM solution 3

IBM APT Survival Kit can help you better prepare for, detect and remediate attacks, reducing the timeline for potential impact IBM APT Survival Kit Cyber- Security Awareness workshop IBM Incident Response Planning Attack modeling With tabletop exercise IBM Penetration Testing IBM Active Threat Assessment IBM Emergency Response Services PREVENTION WINDOW DETECTION WINDOW REMEDIATION WINDOW Business as usual Undetected attack Incident detection Remediation and recovery Lower impact Attack timeline Higher impact DDoS attack simulation NEW Add-ons IBM Managed Web Defense Security intelligence analyst + 4 Advanced Persistent Threats (APT)

The straight talk: what do I need to know about these threats? Cybersecurity awareness workshop Generate awareness and identify key actions A 2-hour, real-world remote briefing that goes behind the scenes, using real-world scenarios, illustrative examples and interactive demonstrations to examine the anatomy of modern cyber attacks: The 5-stage chain attackers typically follow Common methods and attack surfaces The role of social media Technological advancement and operational sophistication Generate executive level awareness on current threat level, cyber risk profile, global trends, potential attack impact and essential practices Identify actionable steps that can be taken today to better protect yourself and your organization 5

The preparation: how good is my cyber incident response plan? IBM Incident Response Planning Plan for cybersecurity incidents Proactive cyber breach defense that helps your review, develop and test your incident response plan to build the foundation for incident response and recovery IBM security experts, working hand-in-hand with you A framework for more effective response Organizational roles and responsibilities Types and priorities of each incident Escalation and communication Don t get caught off-guard ; proactively plan response activities in the event of a security breach Make sure you re equipped with the right response tools, resources and processes you ll need in the event of an incident 6

The what-ifs: will my business hold up during a breach? Attack modeling and tabletop exercise Test your business and operational resiliency Uncover what s in your threat landscape with detailed threat and attack modeling down to a granular level Modeled by region, industry and sector Harden your business against potential cyber incidents Key objectives and vulnerabilities identified Countermeasures defined to prevent, or mitigate the effects of threats Verify security paper policy against known and unknown threats in your landscape Mock incident testing performed, to measure how your defenses respond 7

The real world: is my existing security posture effective against a skilled human attacker? IBM Penetration Testing Actively and safely exploit vulnerabilities Not your everyday pen test, with testing that s deeper and wider than automated tools or manual testing Extensive and detailed reporting Play-by-play accounts of tests, analysis and remediation Effective false positive identification and removal Network discovery and reconnaissance Internal and external attacks and exploitation attempts Everything from phishing exercises to social engineering Gain knowledge of attack surfaces, not tools, as real-world coding expertise is applied to the latest threat vectors Identify vulnerable systems with a detailed security roadmap and impact analysis to help prevent network compromise 8

The inside scoop: has an APT infiltrated my organization? IBM Active Threat Assessment Evaluate your current threat and risk level Detect potential breaches early as IBM threat consultants perform detailed analyses of current organizational threats Coordinated attack simulation Tool-based scanning of indicators of compromise (IOCs) Memory and log analysis Essential practices and critical controls assessment Make sure your bases are covered by identifying active threats that currently exist in your environment Help avoid a full-blown breach by uncovering potential threats requiring mitigation 9

The 911: help, we ve been hacked! IBM Emergency Response Services Enable rapid response and recovery from a cyber incident 911 for cybersecurity incidents: IBM helps you combat an security incident, intrusion, or attack, for faster recovery Conduct security wellness checks with annual planning workshop and ongoing quarterly checkpoints Get 24/7 1, rapid response to a cybersecurity incident with our around-the-clock global hotline, and help reduce potential adverse impact to your brand, reputation and revenue Gain deep insight into how and why the incident started with forensic analysis, enabling agile response to law enforcement queries and regulatory requirements Understand trends in attack behaviors across a range of industries with global threat intelligence from IBM X-Force 10 1 24-hours-a-day, 7-days-a-week

APT add-on: can my website handle a DDOS attack? Distributed denial-of-service (DDoS) attack simulation Help ensure web-related service delivery during a DDoS 1 attack Automation meets world-class experts as security experts use automated tools to simulate web traffic DDoS attacks Highly customizable, measurable scenarios Multiple real-life attacks simulated Mix of valid user and malicious traffic Can be combined with other attacks Prepare for and help prevent DDoS attacks with the help of IBM security experts and real-life attack simulations Gain organizational confidence as you demonstrate website business continuity assurance to the executive team 11 1 Distributed denial of service

Why IBM? 12

IBM Security has global reach IBM Security by the numbers + monitored countries (MSS) + service delivery experts + devices under contract + endpoints protected + events managed per day 13

We can work with you to customize your IBM APT Survival Kit IBM Security Services Intelligence. Integration. Expertise. Responding to and recovering from sophisticated security attacks Building a security incident response plan that works Security Essentials responding to the inevitable incident 2014 Cyber Security Index Download Download Download Download 14

Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY www.ibm.com/security 15 Copyright IBM Corporation 2014. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information