Security Intelligence

IBM Security Security Intelligence Security for a New Era of Computing Erno Doorenspleet Consulting Security Executive 1

PARADIGM SHIFT in crime

Sophistication is INCREASING Attacks are More Targeted Attackers are More Organized

Cyber criminals use BUSINESS INTELLIGENCE

Criminals COLLABORATE on a global scale

EVERYONE in this room is a target

NOBODY IS IMMUNE Attack types Year of the Breach 40% Increase 500,000,000+ Records 2011 2012 2013 Source: IBM X-Force Threat Intelligence Quarterly 1Q 2014

A new way to think about SECURITY

Your company IS NOT infected

REALITY Attackers bypass traditional defenses every day

NETWORKS ENDPOINTS DATA APPLICATIONS Stop unknown threats Identify anomalies and weaknesses Understand and remediate incidents Global Behavioral Advanced Threat Analytics Intelligence Controls PHYSICAL VIRTUAL CLOUD

DETECT Security IBM QRadar Intelligence Security Managed Intelligence Services Platform Global IBM Security Security Operations Information Centers IBM Global Threat Data PREVENT Behavioral IBM Trusteer Malware Apex Prevention Malware Prevention Zero-day IBM Security Exploit Prevention Network Protection Real-time IBM Guardium Data Data Security Security RESPOND Incident IBM QRadar Forensics Endpoint Incident Forensics Management Emergency IBM Endpoint Response Manager IBM Emergency Response Services

You can do this ALONE

REALITY Security requires collective defense

LEVEL THE PLAYING FIELD with IBM threat research and information sharing Monitoring of more than 23B web pages and images 83K vulnerabilities 8M spam and phishing attacks 860K malicious IP addresses 1,000 malware samples collected IBM X-Force and Trusteer 1,000+ security threat researchers

Open Beta: IBM X-FORCE EXCHANGE A threat intelligence exchange

FIGHT CYBERCRIME with IBM Trusteer experts and technology Assess activity on MILLIONS of endpoints and Websites A North American health care organization Global Threat Database Malware Research Phishing Sites 30K endpoints protected advanced threats 200 blocked in first 8 weeks

DEPLOY DEEP EXPERTISE with IBM Security Services ASSESS 10,000+ customers BUILD 6,000 security experts MANAGE 100M 20B endpoints events per day Strategy, Risk and Compliance, Cybersecurity Assessment and Response, and Security Operations

You are investing WISELY

REALITY Focus on your most critical assets.01 % to 2 % is your critical data ~70 % of the company s value

up 6% $154 Average cost per record compromised $3.79 million Average total cost per data breach 23% increase Total cost of a data breach net change over two years REALITY Cost of a data breach is on the rise Source: Ponemon Institute Cost of Data Breach Study up 7% $136 $145 $154 Net change over 1 year = 6% Net change over 2 years = 12% FY 2013 FY 2014 FY 2015 Average per capita cost

ADOPT A RISK-BASED DEFENSE Discover your organization s crown jewels Protect critical data and applications Monitor data access and usage IBM Data Security Services, IBM InfoSphere Guardium, IBM Security AppScan, and IBM Identity and Access Manager

Innovation is TOO RISKY

REALITY Cloud and Mobile will reinvent security IaaS PaaS SaaS Protect Cloud Manage Access Protect Data Gain Visibility Protect Mobile Devices Applications Transactions

Security INTELLIGENCE

IBM Security Twitter @ibmsecurity and @ibmxforce IBM X-Force Threat Intelligence Quarterly and other research reports: http://www.ibm.com/security/xforce/ Find more on SecurityIntelligence.com

Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. www.ibm.com/security Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.