IBM Security. Managed Security Services. SOC Poland / GSOC. Damian Staroscic Security Operations Center (SOC) Manager.



Similar documents
IBM Security Operations Center Poland! Wrocław! Daniel Donhefner SOC Manager!

IBM QRadar Security Intelligence April 2013

Security Intelligence

The webinar will begin shortly

IBM Security Intelligence Strategy

and Security in the Era of Cloud

The Current State of Cyber Security

Data Security: Fight Insider Threats & Protect Your Sensitive Data

Addressing Security for Hybrid Cloud

Take the Red Pill: Becoming One with Your Computing Environment using Security Intelligence

Mobile, Cloud, Advanced Threats: A Unified Approach to Security

Securing the Cloud infrastructure with IBM Dynamic Cloud Security

Security strategies to stay off the Børsen front page

Mobile Security. Luther Knight Mobility Management Technical Specialist, Europe IOT IBM Security April 28, 2015.

IBM Security Systems Support

How to Choose the Right Security Information and Event Management (SIEM) Solution

Under the Hood of the IBM Threat Protection System

El costo oculto de las aplicaciones Vulnerables. Faustino Sanchez. WW Security Sales Enablement. IBM Canada

Cloud Security. Vaughan Harper IBM Security Architect

IBM Security QRadar Risk Manager

IBM Security QRadar Risk Manager

Let s talk about assets in QRadar

Protecting against cyber threats and security breaches

IBM Security. Alle Risiken im Blick und bessere Compliance Kumulierte und intelligente Security Alerts mit QRadar Security Intelligence

Application Security from IBM Karl Snider, Market Segment Manager March 2012

Introduction to PCI DSS

IBM SECURITY QRADAR INCIDENT FORENSICS

IBM Security X-Force Threat Intelligence

Strengthen security with intelligent identity and access management

Safeguarding the cloud with IBM Dynamic Cloud Security

Applying IBM Security solutions to the NIST Cybersecurity Framework

IBM Security Intrusion Prevention Solutions

IBM QRadar Security Intelligence Platform appliances

IBM Security Privileged Identity Manager helps prevent insider threats

IBM Security SiteProtector System Migration Utility Guide

IBM Security QRadar Vulnerability Manager

IBM Security IBM Corporation IBM Corporation

BIG DATA: Big Opportunity, Big Headaches Protect your Big Data with data security

Packet Capture Users Guide

QRadar SIEM 7.2 Windows Event Collection Overview

IBM Security re-defines enterprise endpoint protection against advanced malware

Security Intelligence Solutions

Boosting enterprise security with integrated log management

IBM Tivoli Federated Identity Manager

Introducing IBM s Advanced Threat Protection Platform

Rational Asset Manager 7.2 Editions and Licensing

L evoluzione del Security Operation Center tra Threat Detection e Incident Response & Management

Reducing the cost and complexity of endpoint management

Best Practices with IBM Cognos Framework Manager & the SAP Business Warehouse Agnes Chau Cognos SAP Solution Specialist

Single Sign-on (SSO) technologies for the Domino Web Server

Simplify security management in the cloud

Gain a competitive edge through optimized B2B file transfer

Business Case Outsourcing Information Security: The Benefits of a Managed Security Service

Security for a Smarter Planet IBM Corporation All Rights Reserved.

Web application security Executive brief Managing a growing threat: an executive s guide to Web application security.

IBM Security SiteProtector System Configuring Firewalls for SiteProtector Traffic

IBM Security QRadar SIEM Product Overview

The following chart indicates the Career Academy courses eligible for transfer credit by challenge exam.

Managed Security Services

IBM Advanced Threat Protection Solution

AMPLIFYING SECURITY INTELLIGENCE

Ten questions to ask when evaluating contract management solutions

Three significant risks of FTP use and how to overcome them

Beyond passwords: Protect the mobile enterprise with smarter security solutions

How To Use An Ibm Cloud Server For Business

Win the race against time to stay ahead of cybercriminals

IBM Innovate AppScan: Introducin g Security, a first. Bobby Walters Consultant, ATSC bwalters@atsc.com Application Security & Compliance

Don t let your SIeM become your Nightmare!

Four keys to effectively monitor and control secure file transfer

Breaking down silos of protection: An integrated approach to managing application security

Extreme Networks Security Upgrade Guide

Why Certify? Why IT? Brian Matzelle

IBM Security QRadar SIEM Version MR1. Vulnerability Assessment Configuration Guide

Network Support. Technical Certificate. Program Outcomes: FOUNDATION COURSES. 1 of 7

IBM Sterling Warehouse Management System

Risk-based solutions for managing application security

Business Process Management IBM Business Process Manager V7.5

IBM Tivoli Provisioning Manager V 7.1

Web application security: automated scanning versus manual penetration testing.

The Evolution of Managed Security Services ISS Virtual-SOC Solution, Security the Way You Need It

IBM Security QRadar QFlow Collector appliances for security intelligence

IBM WebSphere Partner Gateway V6.2.1 Advanced and Enterprise Editions

QRadar SIEM 7.2 Flows Overview

IBM Security QRadar Vulnerability Manager Version User Guide

Manage your IT Resources with IBM Capacity Management Analytics (CMA)

CaaS Think as a bad guy Petr Hněvkovský, CISA, CISSP HP Enterprise Security

Global Service Delivery: Industrialising Service Management

Corporate Overview. Who We Are: What We Do: Quick Facts: Products. Services. Training. Support. Monitored and Managed Services

IBM Rational Software

IBM Tivoli Directory Integrator

Leveraging Rational Team Concert's build capabilities for Continuous Integration

Increased Agility with Integration Testing

IBM Internet Security Systems. The IBM Internet Security Systems approach for Health Insurance Portability and Accountability Act compliance overview

Transcription:

IBM Security Managed Security Services SOC Poland / GSOC Damian Staroscic Security Operations Center (SOC) Manager IBM Security Damian.Staroscic@pl.ibm.com +48-727-036-464 November 27, 2015

Why setting up, managing SOC and delivering high quality security services is similar to running best in class sport club? w SOCcer VS

Agenda. It s all about People, Processes, Technology and Strategy. Never ending game Owning various sports clubs Build a stadium and training fields Get team members Players positioning. In a flashlights and behind the scene Invest in players and train them every single day Teach juniors what the game is Readiness to play always and everywhere Record your game Match stats Motivation, concentration, stress management 3

The game: Never ending... $5.85M average cost of a U.S. data breach Source: 2014 Cost of Data Breach Study: Global Analysis, Ponemon Institute 4

Technology: Owning various sports clubs. IBM Security invests in best-of-breed IBM Security Systems IBM Security Services 2002 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 5

Build a stadium and training fields. SOC facilities and lab. Unified and collaborative work environment. 6

Get team members. SOC Poland now. Service operative since November 2011 Official opening in Sep 2012 Facility fully operational 2nd largest IBM SOC worldwide 7

Players positioning. In a flashlights and behind the scene Security Service Managers Quality Analysts Operations Desk Analysts Device Analysts SIEM Analysts TM Analysts SI Analysts Device Engineers SIEM Correlation Engineer SIEM Administrator VMS Administrators Deployment Engineers Project Managers Software Engineers Architecture X-Force ITRM Analysts Device Engineers Integration Engineers 8

Train every single day / Invest in players. SOC Analyst Profiles ITIL v3 CCNA, CCNA Sec. CCNP Juniper JNCIA-SEC JunOS CompTIA Security+ Network + CEH, SANS GCIH Computer Forensics Specialist IT Security Academy professional: Security Academy IBM Security QRadar SIEM Foundations & Administration ArcSight ACSA / ACIA RedHat Certified Engineer SUSE Certified Linux Administrator Microsoft MCSA / MCITP / MCTS / MCP CISSP, CISM 9

Teach juniors what the game is. Cooperation with major technical academies. Special programmes like internships, graduates hiring in place to attract best students. Wrocław University of Technology WSB School of Banking Szczecin (1) University of Bussiness Profession Zielona Góra (1) Wrocław University of Economis Wroclaw School of Information Technology Częstochowa (1) Silesian University Wrocław University of Business Kraków (4) Opole (1) Silesian University of Technology Wrocław University Academy of Business Katowice Katowice University of Econmics 10

Readiness to play always and everywhere. Global SOC 24/7/365 A.M. 17:30 21:00 Tokyo Japan UTC+9 22:00 Brisbane Australia UTC+10 DR site Data Center Sterling Forest, NY USA Bangalore India UTC+5:30 Atlanta, GA USA Global Command Center Core Data Center Boulder USA UTC-6 Heredia Costa Rica UTC-6 06:00 Atlanta USA 24/7 Operations Atlanta Boulder 15:00 Wroclaw Poland UTC+2 14:00 Brussels Belgium UTC+2 Hortolandia Brazil UTC-3 09:00 UTC-4 08:00 Hortolandia Wroclaw P.M. Tokyo 11

Record your game. Follow processes. Sweat the details. Every SOC task is a ticket. This ranges from a firewall change to a simple question. Every single action is documented in the ticket s audit log. Audit log is read-only, only adding is allowed. All tickets, including full audit log is available to the customer through the portal. Makes real time follow-up by customer possible. 12

Match stats. IBM Security has global reach 13 13

Motivation, concentration, stress management Upskilling and training Internal promotions / cascades Hall of Fame Internal Employee Satisfaction Survey Constant market study Social Fund packages Employee driven actions 14

Questions & Answers Damian Staroscic Security Operations Center (SOC) Manager IBM Security Damian.Staroscic@pl.ibm.com +48-727-036-464 November 27, 2015

Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. THANK YOU www.ibm.com/security Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and / or capabilities referenced in these materials may change at any time at IBM s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information