IBM Security Services

Similar documents
IBM Security Operations Center Poland! Wrocław! Daniel Donhefner SOC Manager!

Can We Become Resilient to Cyber Attacks?

IBM Security Framework

Data Security: Fight Insider Threats & Protect Your Sensitive Data

2012 North American Managed Security Service Providers Growth Leadership Award

Unified Cyber Security Monitoring and Management Framework By Vijay Bharti Happiest Minds, Security Services Practice

IBM & Security Gov. Point Of Views

Protecting against cyber threats and security breaches

Preemptive security solutions for healthcare

Continuous Network Monitoring

Services. Cybersecurity. Capgemini & Sogeti. Guiding enterprises and government through digital transformation while keeping them secure

What is Security Intelligence?

Payment Card Industry Data Security Standard

Q1 Labs Corporate Overview

El costo oculto de las aplicaciones Vulnerables. Faustino Sanchez. WW Security Sales Enablement. IBM Canada

Security strategies to stay off the Børsen front page

Compliance Guide ISO Compliance Guide. September Contents. Introduction 1. Detailed Controls Mapping 2.

Cyber Risk Management with COBIT 5

IBM Security Strategy

Into the cybersecurity breach

Dall Information Security alla Cyber Security, e ritorno

CYBER SECURITY, A GROWING CIO PRIORITY

The Importance of Cybersecurity Monitoring for Utilities

Security solutions White paper. Acquire a global view of your organization s security state: the importance of security assessments.

2011 Forrester Research, Inc. Reproduction Prohibited

The Benefits of an Integrated Approach to Security in the Cloud

2012 雲 端 資 安 報 告. 黃 建 榮 資 深 顧 問 - Verizon Taiwan. August 2012

CORE Security and GLBA

Combating a new generation of cybercriminal with in-depth security monitoring

SCADA / Smart Grid Security Who is really in control of our Control Systems?

Addressing Cyber Risk Building robust cyber governance

Session 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness

Cybersecurity and internal audit. August 15, 2014

Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model

Cloud and Critical Infrastructures how Cloud services are factored in from a risk perspective

Security and Privacy

Professional Services Overview

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

Cyber security Building confidence in your digital future

Combating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center

Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs

Alberto Meneghini! Security Leader, IBM Italia! IBM Security IBM Corporation IBM Corporation

Industrial Control Systems Security. Denny Gregianin_Sales Area Manager

Take the Red Pill: Becoming One with Your Computing Environment using Security Intelligence

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

Security. Security consulting and Integration: Definition and Deliverables. Introduction

Symantec Cyber Threat Analysis Program Program Overview. Symantec Cyber Threat Analysis Program Team

1 Introduction Product Description Strengths and Challenges Copyright... 5

CYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility

Application Security in the Software Development Lifecycle

Address C-level Cybersecurity issues to enable and secure Digital transformation

Cybersecurity The role of Internal Audit

SANS Top 20 Critical Controls for Effective Cyber Defense

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

Mobile, Cloud, Advanced Threats: A Unified Approach to Security

Internal audit of cybersecurity. Presentation to the Atlanta IIA Chapter January 2015

North American Electric Reliability Corporation (NERC) Cyber Security Standard

Real World Healthcare Security Exposures. Brian Selfridge, Partner, Meditology Services

IBM Global Technology Services Preemptive security products and services

Gaining the upper hand in today s cyber security battle

MANAGED SECURITY SERVICES (MSS)

Vulnerability Risk Management 2.0. Best Practices for Managing Risk in the New Digital War

Vulnerability Management

A HELPING HAND TO PROTECT YOUR REPUTATION

Worldwide Security and Vulnerability Management Forecast and 2008 Vendor Shares

ITAR Compliance Best Practices Guide

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft

IBM Security QRadar Vulnerability Manager

PCI Compliance for Healthcare

CONSULTING IMAGE PLACEHOLDER

Accenture Intelligent Security for the Digital Enterprise. Archer s important role in solving today's pressing security challenges

Protect the data that drives our customers business. Data Security. Imperva s mission is simple:

Separating Signal from Noise: Taking Threat Intelligence to the Next Level

FIVE PRACTICAL STEPS

Italy. EY s Global Information Security Survey 2013

IBM Security X-Force Threat Intelligence

Industrial Cyber Security Risk Manager. Proactively Monitor, Measure and Manage Cyber Security Risk

IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense

FEDERAL HOUSING FINANCE AGENCY ADVISORY BULLETIN AB Cyber Risk Management Guidance. Purpose

External Supplier Control Requirements

Managing cyber risks with insurance

Attachment A. Identification of Risks/Cybersecurity Governance

Cyber- Attacks: The New Frontier for Fraudsters. Daniel Wanjohi, Technology Security Specialist

Cyber-Security Risk- IP Theft and Data Breaches Protecting your Crown Jewels Internally and with Your Key Third Parties

Changing the Enterprise Security Landscape

January IIA / ISACA Joint Meeting Pre-meeting. Cybersecurity Update for Internal Auditors. Matt Wilson, PwC Risk Assurance Director

2015 GLOBAL THREAT INTELLIGENCE REPORT EXECUTIVE SUMMARY

PCI Compliance: How to ensure customer cardholder data is handled with care

CYBERSECURITY: PROTECTING YOUR ORGANIZATION AGAINST CYBER ATTACKS. Viviana Campanaro CISSP Director, Security and Compliance July 14, 2015

Application Security Center overview

Transcription:

IBM Security Services - Penetration Testing - July 15, 2014 12014 IBM Corporation

THE EVOLVING THREAT LANDSCAPE 2

Success in today s dynamic, data driven global marketplace requires effective enterprise IT security management 3

M O T I V A T I O N IBM Security Services Motivations and sophistication are rapidly evolving National Security, Economic Espionage Nation-state actors, APTs Stuxnet, Aurora, APT-1 Notoriety, Activism, Defamation Hacktivists Lulzsec, Anonymous Monetary Gain Organized crime Zeus, ZeroAccess, Blackhole Exploit Pack Nuisance, Curiosity Insiders, Spammers, Script-kiddies Nigerian 419 Scams, Code Red S O P H I S T I C A T I O N 4

Security Incidents are rising: Data from the IBM 2014 Cyber Security Index Security events Annual 91,765,453 Monthly 7,647,121 Weekly 1,764,121 Security attacks Annual 16,857 Monthly 1,405 Weekly 324 Security incidents Annual 109 Monthly 9 Weekly 2 Events: up 12% year on year to 91m Observable occurrences in a system or network Security Intelligence Correlation and analytics tools Attacks: Increased efficiencies achieved More efficiency in security processing to help clients focus on identified malicious events Security Intelligence Human security analysts Incidents: up 22% year on year Attacks deemed worthy of deeper investigation Source: IBM Security Services 2014 Cyber Security Intelligence Index 5

At the same time, according to Ponemon Institute, the cost of a data breach to global organizations is on the rise up 9% up 15% $145 Average cost per record compromised $3.5 million Average total cost per data breach 15% increase year-to-year in rate of customer churn NEW DATA from the 2014 Ponemon Institute Cost of Data Breach Study: United States, sponsored by IBM www.ibm.com/services/costofbreach 6

According to 2014 Ponemon Institute the average cost of a data breach per record varies from country to country In Italy the cost of data breach increased from 95 in 2013 to 102 in 2014 for one compromised record In Italy the total organizational cost of data breach increased from 1.73 million to 1.93 million. Source 2014 Ponemon Institute Cost of Data Breach Study: Italy 7 IBM Confidential

What happens in Italy? - Data from latest Clusit Report - Hacktivism: Hacktivism is the act of hacking a website or computer network in an effort to convey a social or political message. The person who carries out the act of hacktivism is known as a hacktivist. 8 IBM Confidential

IT Security is a board-room discussion CEO CFO/COO CIO CHRO CMO Loss of market share and reputation Legal exposure Audit failure Fines and criminal charges Financial loss Loss of data confidentiality, integrity and/or availability Violation of employee privacy Loss of customer trust Loss of brand reputation Increasingly, companies are appointing CROs and CISOs with a direct line to the Audit Committee 9 Source: Discussions with more than 13,000 C-suite executives as part of the IBM C-suite Study Series

IBM provides unmatched global coverage and security awareness 10

IBM has a commitment to security research, development, monitoring & analysis 4,300 strategic outsourcing security delivery resources 1,200 professional services security consultants 650 field security specialists 400 security operations analysts 10 security research centers 10 security operations centers (SOCs) 14 security development labs IBM X-Force Expertise 150M intrusion attempts monitored daily 46,000 documented vulnerabilities 40M unique phishing/spam attacks Millions of unique malware samples Billions of analyzed web pages 1000+ security patents Managed Services Excellence Tens of thousands of devices under management Thousands of MSS clients worldwide Billions of events managed per day Countries monitored in all geographies Industry-leading research and reports 11

IBM is widely recognized as a leader in this market Security Consulting Managed Security IBM has the largest client base of the participants... Clients praised the flexibility, knowledge, and responsiveness while also noting the company s excellent documentation. Organizations looking for a high-quality vendor that can do it all and manage it afterwards should consider IBM. Sources: Forrester Research Inc. Forrester Wave TM : Information Security Consulting Services, Q1 2013 Forester Wave: Managed Security Services providers Q1, 2012. 12

Penetration Test Overview 13

IBM Secuity Services Portfolio Overview Built to address the Security Essentials, within context of the integrated Security Framework IBM Security Services Portfolio = Channel Enabled Strategy, Risk & Compliance Security Maturity Benchmarking Security Strategy & Roadmap Development Security Risk Assessment & Program Design Industrial Controls (NIST, SCADA) PCI Advisory Cybersecurity Assessment & Response Threat Intelligence Advisory X-Force Threat Analysis Penetration Testing Incident Preparation Emergency Response Security Operations Security Intelligence Operations Center Design & Build Out Services People Data Applications Infrastructure Identity Assessment & Strategy Crown Jewels Discovery & Protection SDLC Program Development Security Optimization User Provisioning/Access Mgmt Database Security Dynamic and Static Testing Design, Deployment & Migration Total Authentication Solution Managed/Cloud Identity Encryption and Data Loss Prevention Embedded Device Testing Mobile Application Testing Staff Augmentation Firewall / Unified Threat Management Intrusion Detection & Prevention Cloud and Managed Services Web Protection & Managed DDoS Hosted E-Mail & Web Vulnerability Mgmt Powered by IBM s Next Generation Threat Monitoring and Analytics Platform Managed SIEM & Log Management 14

Questo servizio effettua prove che mostrano le tecniche di attacco e identificano i sistemi vulnerabili Descrizione dei servizi: I servizi di penetration test dimostrano, per mezzo di scenari reali, il modo in cui gli attaccanti possono impattare significativamente sul business. Durante delle prove controllate, i consulenti degli IBM Professional Security Services (PSS) tentano di penetrare remotamente i dispositivi di rete e di fornire l evidenza che i sistemi e i dati critici possono essere compromessi. Si documentano le scoperture di sicurezza insieme alle soluzioni raccomandate per eliminarle o contenerle. Al di là di un semplice assessment di vulnerabilità (scan), un penetration test può mostrare l impatto reale delle vulnerabilità piuttosto che indicare delle debolezze teoriche. Soddisfare i requisiti normativi Requisiti dei clienti Validare l efficacia dei controlli di sicurezza implementati Aiutare a definire le priorità degli investimenti di sicurezza 15

I clienti comprendono meglio l impatto di un attacco sul proprio business e possono decidere di conseguenza le azioni a rimedio I benefici del penetration test possono includere: La dimostrazione di come degli attaccanti possano impattare in modo significativo sul business del Cliente La validazione dell efficacia della attuali contromisure di sicurezza del Cliente Estendere e approfondire la prospettiva sulle tecniche e le motivazioni degli hacker Incoraggiare il supporto del top management alla strategia e alle risorse di sicurezza Identificare la azioni raccomandate per ridurre efficacemente il rischio Facilitare la gestione della conformità alle normative industriali e statali 16

Penetration Test Activities Project Initiation The purpose of this activity is to finalize the project team members, develop a common understanding of the project objectives, roles and responsibilities, and assess your readiness to implement the Services by confirming that the appropriate information is documented. Network Discovery and Assessment The purpose of this activity is to identify active hosts and services within the target network range(s) and assess the security posture of those systems. Network Attack and Exploitation The purpose of this activity is to attempt to exploit identified vulnerabilities and demonstrate the impact of those vulnerabilities in terms of successful attack scenarios for the target network range(s), IP addresses, and in-scope active Devices specified in the Schedule. Web Application Testing (Add-on) The purpose of this activity is to attempt to identify and exploit web application vulnerabilities and demonstrate the impact of those vulnerabilities in terms of successful attack scenarios against in-scope websites. Internal Network Exploitation (Add-on) The purpose of this activity is to utilize discovered successful attacks to initiate mutually agreed upon breach scenarios for the target network range(s). Network Vulnerability Assessment (Add-on) The purpose of this activity is to identify active host systems and associated services within the targeted network range, assess such systems for known vulnerabilities, and evaluate the identified vulnerabilities. Onsite Internal Penetration Test (Add-on) The purpose of this activity is to attempt to investigate weaknesses in the internal network by mimicking malicious behaviors that could be exhibited by a trusted user with access to the network. 17

Penetration Test Scope and Methodology Scope Identify active services, their nature and the published services Identify the current vulnerabilities Analyze Web security exposures Leverage the identified vulnerabilities to access the Client s systems and provide actual risks entity and evidence Document the possible countermeasures and exposures resolutions Phases* Discovery: get an overview of the tested systems and their usage Vulnerabilities assessment: perform network, host and port mapping, run vulnerability scanners to identify any existing network, operating system or service vulnerabilities, manual vulnerability mapping, application testing. Penetration (or exploiting): exploit vulnerabilities found Keep access: ensure constant access to exploited systems Cover tracks: hide presence on exploited systems Final reports: Executive summary, Main Observations, Vulnerabilities technical details, Recommendations 18 * Based on the scope of the engagement, the methodology can utilise all steps, a particular steps or a phase based approach

Penetration Test - Typical Exploit Sequence 1) Exploit 2) Crack local passwords 3) Exploit 4) Next: - crack passwords of domain users - Attack other domains Vulnerable Server Domain Controller DOMAIN COMPROMISED Domain Systems 19

Penetration Testing Summary Solution Overview IBM Penetration testing services perform safe and controlled exercises that demonstrate covert and hostile attack techniques designed to identity vulnerable systems. It validates existing security controls and quantifies real-world risks, providing clients with a detailed security roadmap that prioritizes the weaknesses in the network environment. Customer Pain Points Address and maintain security needs satisfying regulatory compliance Lack of skill and resources to build an efficient and effective security program Needs to protect business critical data Maintain network and application availability during hostile activities typical of malicious attackers Helps to prevent network compromise and downtime by identifying vulnerabilities, validating current safeguards and outlining steps for remediation Raises executive awareness of corporate liability to emphasize the importance of IT security efforts Validates effectiveness of the security measures currently in place Quantifies system and business critical data risk Provides recommendations to resolve identified security vulnerabilities to prevent network downtime. Helps to protect integrity of online assets Supports efforts and investiments to reach and maintain compliancy with security regulations and industry standards 20 Key Features Provides a detailed analysis of your network security, including demonstrated attacks and their effects on your online operations Delivers a quality service designed to be safely conducted by expert security professionals, through manual penetration techniques and automated scanning Conducts real-life simulations of covert and hostile activities typical of malicious attackers attempts to compromise perimeter devices and security controls Final reports show, for priorities, identified risks and set out the elements for immediate action to resolve identified vulnerabilities

GRAZIE 21

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information