IBM Security
Integrated Security: Enabling Government to fight a new era of threats
Andy MacIsaac IBM Government
February, 2017
Imagine if you could…
Transform citizen experience and enhance service delivery, while protecting data and operations against tomorrow’s risks, today 2
2IBM Security
Today the scope and scale of government creates a velocity of cyber security threats that can not be ignored
Financial Markets
Citizens
13K US Financial Institutions 122M Taxpayers
Employees
Operational Data
22M
Volume equal to
Employees
250K Libraries of Congress
Infrastructure
National Security
381M Connected 400 Zettabytes of Vehicles IoT Data
created everyday
ADVANCED ATTACKS
INNOVATION HUMAN ERROR
3
IBM Security
SKILLS GAP COMPLIANCE
Conventional approaches to security are breached every day 2013 800+ Million records
2014 1+ Billion records
2015 Unprecedented Impact
average time to identify data breach
average cost of a U.S. data breach
201 days
$7M
For government the level of threat, impacts and costs can be even greater…
4
IBM Security
Recent attacks highlight the unprecedented threats and costs that poor cyber security postures create for government
Fiscal Costs • Fraud • Litigation • Remediation
5
IBM Security
Operational Costs • System Downtime • Service Delivery Disputation • Emergency Repair and Recovery
Extreme Costs • Loss of Trust • Political Disruption • National Security • Loss of Life
Even after high profile incidents (OPM, FBI, etc) the US Federal Government still faces significant cyber security challenges
Consistent security weakness for federal agencies still remains in the areas of • Network Security • Patching Cadence • Malware
6
IBM Security
Digital transformation is driving connectivity to more users, devices, and data than ever before…creating a greater for opportunity for threats Employees Employees
Partners
Auditors
Users
Consultants
Citizens
Contractors
Data
Structured Structured
Unstructured
On Premises
Applications
Systems Systems Applications Applications
Web Applications
APIs
Infrastructure and Devices
Datacenters
PCs
Laptops
Other Govt Agencies (State, Regional, Local)
Suppliers
Mobile
Off Premises
Mobile Applications
Cloud Services
IoT
Multi Channel
Service Delivery
Data Exchanges
Government agencies must expand from infrastructure to information-centric security
7
IBM Security
Government leaders require a strategic approach with appropriate governance to meet today’s threats Yesterday’s Attacks
Today’s Attacks
Indiscriminate malware, spam and DDoS activity
Advanced, persistent, organized, politically or financially motivated
Tactical Approach
Strategic Approach
Compliance-driven, reactionary
Intelligent, orchestrated, automated
• Build multiple perimeters
• Assume constant compromise
• Protect all systems
• Prioritize high-risk assets
• Use signature-based methods
• Use behavioral-based methods
• Periodically scan for known threats
• Continuously monitor activity
• Shut down systems
• Gather, preserve, retrace evidence
It takes power and precision to stop adversaries and unknown threats
8
IBM Security
As government agencies move towards digital transformation they must also transform their cyber security capability Access the right skills
Reduce complexity
• Advisors, responders, testers, analysts and engineers • 24x7x365 global expertise
• Provide programmatic, automated and integrated outcomes • Consolidate point products to an integrated solution
Build strategy that accelerates new IT trends
Gain access to global threat intelligence
• BYoD, Cloud, Mobile, IoT • SaaS and Cloud based services
• Greater control in real time with actionable insights • Improved visibility to manage the threat lifecycle
Implement Optimize security programs • Modernize Identity and access, application development, privacy policies, data security • Manage and protect against latest threats
9
IBM Security
Governance Strategy
Elevate Governance Strategy • Create influence and authority across the enterprise • Collaborate across agencies, legislators and partners • Communicate urgency to stakeholders and citizens latest threats
Build protected and connected systems • Increase productivity • Grant stakeholders access to the right data without introducing risk
The US Federal Government is taking proactive steps to improve its cybersecurity posture •
Dedicated $19B investment for Cybersecurity in FY 2017 a 35% Increase
•
Calling for High Adaptive Cyber Security Services (HACS) w/ Special Item Numbers in Schedule 70 Contracts
•
Adapting Agile procurement protocols requiring vendors to demonstrate capabilities
•
Setting Clear Strategic Cybersecurity Goals with Cross Agency Priorities (CAP) focused in key areas • • • •
10
Information Security with Continuous Monitoring and Mitigation (ISCM) Identity Credential Management / User Authentication (ICAM) Anti-Phishing and Malware Mitigation, process and training A government wide, cross agency shared services approach
IBM Security
With CAP the US Government is building towards an integrated and intelligent security posture Indicators of compromise IP reputation
Threat sharing
Endpoint detection and response
Network forensics and threat management Firewalls Sandboxing Virtual patching Network visibility and segmentation
Endpoint patching and management Malware protection
Anti-Phishing and Malware Mitigation
Information Security with Continuous Monitoring and Mitigation
Threat and anomaly detection Transaction protection
Vulnerability management
User behavior analysis Fraud protection
Incident response
Device management Content security
Criminal detection Cognitive security
Threat hunting and investigation
Identity Credential Management / User Authentication
Data monitoring Data access control Application scanning Application security management
Cloud access security broker
Workload protection
Cross Agency Shared Services 11
IBM Security
Privileged identity management Entitlements and roles Access management Identity management
Today government leaders need to invest in capabilities that ENABLE Digital Transformation Information and Analytics
Cloud
Mobile and Internet of Things
Ensure Compliance
ACCELERATE innovation to build for the future Blockchain
Open Data
Cognitive
Cloud
Enhance Service Delivery
Agile
Collaboration
Information Security with Continuous Monitoring and Mitigation
ACHIEVE CAP goals for Cyber Security
Identity Credential Management / User Authentication
Anti-Phishing and Malware Mitigation Cross Agency Shared Services
Security Transformation Services Management Consulting | Systems Integration | Managed Security
The IBM Security portfolio creates an agile integrated approach to Cyber Security
Security Operations and Response
Information Risk and Protection Cloud Security
Incident Response Cyber Threat Analysis
Identity Governance and Access Management
Security Intelligence and Analytics
Advanced Fraud Prevention
Vulnerability and Patch Management
Endpoint and Network Protection
User Behavior Analytics
Data Protection
Security Research and Threat Intelligence 12
IBM Security
Mobile Security
Application Security
IBM’s deep security portfolio maps to the CAP goals of the Federal Government App Exchange
X-Force Exchange
Information Security with Continuous Monitoring and Mitigation BigFix
Network Protection XGS QRadar Incident Forensics
SECURITY OPERATIONS AND RESPONSE Anti-Phishing and Malware Mitigation
QRadar SIEM
QRadar Vulnerability / Risk Manager
QRadar User Behavior Analytics Resilient Incident Response
MaaS360
Trusteer Pinpoint Trusteer Mobile
QRadar Advisor with Watson
i2 Enterprise Insight Analysis
Trusteer Rapport
Identity Credential Management / User Authentication
INFORMATION RISK AND PROTECTION Guardium Key Manager AppScan Cloud Security
Cross Agency Shared Services
SECURITY TRANSFORMATION SERVICES Management consulting | Systems integration | Managed security 13
IBM Security
Identity Governance and Access Privileged Identity Manager Cloud Identity Service zSecure
With IBM Security government leaders can transform citizen experience and service delivery, while protecting data and operations against tomorrow’s risks, today
Deep Threat Intelligence and Analysis • Put threat matrix in context allowing you to inspect events, flows, users, and more across the enterprise, agencies and operations • Fast analysis with visuals, query, and auto-discovery across multiple points • Machine learning algorithms to spot unusual behaviors and vulnerabilities
14
IBM Security
An Open Agile Ecosystem
Cognitive Analytics
• Better security without disrupting operations and service delivery
• Natural language processing to speed interaction and insight
• Agile Out-of-the-box allowing integration with 500+ third-party security products
• Intelligent analytics that understands, reasons, and learns at speed and scale
• Open APIs allow for custom integrations and apps
• Augmented intelligence allowing your analysts to stay ahead of the latest threats and attacks
Integrated Service Delivery • Deep government industry service delivery experience across numerous types of operations • 35 billion+ security events analyzed daily across 4,500+ global clients • Integrated portfolio of security services and technology • Vast experience in strategy and change management implementation
THANK YOU FOLLOW US ON: ibm.com/security securityintelligence.com xforce.ibmcloud.com @ibmsecurity youtube/user/ibmsecuritysolutions
© Copyright IBM Corporation 2017. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. Any statement of direction represents IBM's current intent, is subject to change or withdrawal, and represent only goals and objectives. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM does not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party.
Background Additional Reading Commission on Enhancing National Cybersecurity: https://www.nist.gov/sites/default/files/documents/2016/12/02/cybersecurity-commissionreport-final-post.pdf
Security Scorecard: 2016 US Government Cybersecurity Report: https://cdn2.hubspot.net/hubfs/533449/SecurityScorecard_2016_Govt_Cybersecurity_Rep ort.pdf
16
IBM Security
IBM Security product portfolio Security Operations and Response
Information Risk and Protection
Incident Response
Cloud Security
Mobile Security
Resilient Incident Response Platform
Cloud Identity Service and IBM SaaS, PaaS, and IaaS security products
MaaS360
Cyber Threat Analysis Identity Governance and Access Management
i2 Enterprise Insight Analysis
Identity Governance and Intelligence | Access Manager Security Intelligence and Analytics
Privileged Identity Manager | Directory Suite
QRadar SIEM | QRadar on Cloud | QRadar Incident Forensics
Identity Manager | zSecure suite
QRadar Advisor with Watson Advanced Fraud Prevention Vulnerability and Patch Management
Endpoint and Network Protection
User Behavior Analytics
QRadar Vulnerability Manager
BigFix
QRadar User Behavior Analytics
BigFix
Carbon Black Protection / Response
Trusteer Rapport | Trusteer Fraud Protection Trusteer Pinpoint Malware Detection | Trusteer Mobile Data Protection
Application Security
Guardium
AppScan
Key Lifecycle Manager
Application Security on Cloud
Network Protection
Arxan App Protection
Security Research and Threat Intelligence X-Force | X-Force Exchange | App Exchange
17
IBM Security
IBM Security offers the industry’s first integrated, end-to-end Security Operations and Response Platform Prevent, detect, and respond to threats with an intelligent, orchestrated, automated platform HR
LEGAL
CEO
CISO
IT
• See, understand, and act on all endpoint threats IBM BigFix • Prevent network exploits and limit malware communications IBM Security Network Protection
SECURITY OPERATIONS AND RESPONSE Incident Response
Security Intelligence and Analytics Endpoint and Network Protection
User Behavior Analytics
Security Operations and Incident Response Services
IDS | NIPS | AV | DLP | FW | DBs | Apps | …
18
IBM Security
• Significantly reduce threat research and response time IBM QRadar Advisor with Watson
• Use cyber analysis to hunt for attackers and predict threats IBM i2 Enterprise Insight Analysis
Cyber Threat Analysis
Vulnerability and Patch Management
• Use advanced analytics to discover and eliminate threats IBM QRadar Security Intelligence
• Orchestrate and automate the incident response process IBM Resilient Incident Response Platform • Enhance attack detection and investigation with threat intelligence IBM X-Force Exchange
• Quickly defend your organization with apps and add-ons IBM App Exchange • Deliver operations consulting to help implement processes and response experts when something goes wrong IBM Security Services
IBM Security has the industry’s most comprehensive solution for Information Risk and Protection Keep your information protected while securely interacting with employees and consumers LOB
RISK
CISO
AUDIT
IT
• Deliver visibility, control and protection of cloud apps IBM Cloud Security • Mobile productivity and enterprise security without compromise IBM MaaS360
INFORMATION RISK AND PROTECTION
• Govern and enforce context-based access to critical assets IBM Identity Governance and Access Management • Protect crown jewels across the enterprise and cloud IBM Guardium
Cloud Security
Mobile Security
Identity Governance and Access Management Advanced Fraud Prevention Data Protection
Application Security
Governance, Risk and Compliance Services
19
IBM Security
• Scan and remediate vulnerabilities in modern applications IBM AppScan • Stop financial and phishing fraud, and account takeovers IBM Trusteer • Deliver governance, risk and compliance consulting, systems integration and managed security services IBM Security Services
With proven global expertise, IBM Security Transformation Services deploys and manages optimized security programs • Automate governance, risk and compliance programs Security Strategy, Risk and Compliance CEO
CIO
CISO
CRO
CCO
CLO
• Build security operations and security fusion centers Security Intelligence and Operations • Take a programmatic approach to security testing X-Force Red Offensive Security
SECURITY TRANSFORMATION SERVICES Management Consulting
Systems Integration
Security Strategy, Risk and Compliance Security Intelligence and Operations X-Force Red Offensive Security X-Force Incident Response and Intelligence Identity and Access Management Data and Application Security Infrastructure and Endpoint Security
20
IBM Security
Managed Security
• Establish proactive incident response programs X-Force Incident Response and Intelligence • Modernize identity and access management for the cloud and mobile era Identity and Access Management • Deploy robust critical data protection programs Data and Application Security • Redefine infrastructure and endpoint solutions with secure software-defined networks Infrastructure and Endpoint Security
Andy MacIsaac IBM Government
February, 2017
Imagine if you could…
Transform citizen experience and enhance service delivery, while protecting data and operations against tomorrow’s risks, today 2
2IBM Security
Today the scope and scale of government creates a velocity of cyber security threats that can not be ignored
Financial Markets
Citizens
13K US Financial Institutions 122M Taxpayers
Employees
Operational Data
22M
Volume equal to
Employees
250K Libraries of Congress
Infrastructure
National Security
381M Connected 400 Zettabytes of Vehicles IoT Data
created everyday
ADVANCED ATTACKS
INNOVATION HUMAN ERROR
3
IBM Security
SKILLS GAP COMPLIANCE
Conventional approaches to security are breached every day 2013 800+ Million records
2014 1+ Billion records
2015 Unprecedented Impact
average time to identify data breach
average cost of a U.S. data breach
201 days
$7M
For government the level of threat, impacts and costs can be even greater…
4
IBM Security
Recent attacks highlight the unprecedented threats and costs that poor cyber security postures create for government
Fiscal Costs • Fraud • Litigation • Remediation
5
IBM Security
Operational Costs • System Downtime • Service Delivery Disputation • Emergency Repair and Recovery
Extreme Costs • Loss of Trust • Political Disruption • National Security • Loss of Life
Even after high profile incidents (OPM, FBI, etc) the US Federal Government still faces significant cyber security challenges
Consistent security weakness for federal agencies still remains in the areas of • Network Security • Patching Cadence • Malware
6
IBM Security
Digital transformation is driving connectivity to more users, devices, and data than ever before…creating a greater for opportunity for threats Employees Employees
Partners
Auditors
Users
Consultants
Citizens
Contractors
Data
Structured Structured
Unstructured
On Premises
Applications
Systems Systems Applications Applications
Web Applications
APIs
Infrastructure and Devices
Datacenters
PCs
Laptops
Other Govt Agencies (State, Regional, Local)
Suppliers
Mobile
Off Premises
Mobile Applications
Cloud Services
IoT
Multi Channel
Service Delivery
Data Exchanges
Government agencies must expand from infrastructure to information-centric security
7
IBM Security
Government leaders require a strategic approach with appropriate governance to meet today’s threats Yesterday’s Attacks
Today’s Attacks
Indiscriminate malware, spam and DDoS activity
Advanced, persistent, organized, politically or financially motivated
Tactical Approach
Strategic Approach
Compliance-driven, reactionary
Intelligent, orchestrated, automated
• Build multiple perimeters
• Assume constant compromise
• Protect all systems
• Prioritize high-risk assets
• Use signature-based methods
• Use behavioral-based methods
• Periodically scan for known threats
• Continuously monitor activity
• Shut down systems
• Gather, preserve, retrace evidence
It takes power and precision to stop adversaries and unknown threats
8
IBM Security
As government agencies move towards digital transformation they must also transform their cyber security capability Access the right skills
Reduce complexity
• Advisors, responders, testers, analysts and engineers • 24x7x365 global expertise
• Provide programmatic, automated and integrated outcomes • Consolidate point products to an integrated solution
Build strategy that accelerates new IT trends
Gain access to global threat intelligence
• BYoD, Cloud, Mobile, IoT • SaaS and Cloud based services
• Greater control in real time with actionable insights • Improved visibility to manage the threat lifecycle
Implement Optimize security programs • Modernize Identity and access, application development, privacy policies, data security • Manage and protect against latest threats
9
IBM Security
Governance Strategy
Elevate Governance Strategy • Create influence and authority across the enterprise • Collaborate across agencies, legislators and partners • Communicate urgency to stakeholders and citizens latest threats
Build protected and connected systems • Increase productivity • Grant stakeholders access to the right data without introducing risk
The US Federal Government is taking proactive steps to improve its cybersecurity posture •
Dedicated $19B investment for Cybersecurity in FY 2017 a 35% Increase
•
Calling for High Adaptive Cyber Security Services (HACS) w/ Special Item Numbers in Schedule 70 Contracts
•
Adapting Agile procurement protocols requiring vendors to demonstrate capabilities
•
Setting Clear Strategic Cybersecurity Goals with Cross Agency Priorities (CAP) focused in key areas • • • •
10
Information Security with Continuous Monitoring and Mitigation (ISCM) Identity Credential Management / User Authentication (ICAM) Anti-Phishing and Malware Mitigation, process and training A government wide, cross agency shared services approach
IBM Security
With CAP the US Government is building towards an integrated and intelligent security posture Indicators of compromise IP reputation
Threat sharing
Endpoint detection and response
Network forensics and threat management Firewalls Sandboxing Virtual patching Network visibility and segmentation
Endpoint patching and management Malware protection
Anti-Phishing and Malware Mitigation
Information Security with Continuous Monitoring and Mitigation
Threat and anomaly detection Transaction protection
Vulnerability management
User behavior analysis Fraud protection
Incident response
Device management Content security
Criminal detection Cognitive security
Threat hunting and investigation
Identity Credential Management / User Authentication
Data monitoring Data access control Application scanning Application security management
Cloud access security broker
Workload protection
Cross Agency Shared Services 11
IBM Security
Privileged identity management Entitlements and roles Access management Identity management
Today government leaders need to invest in capabilities that ENABLE Digital Transformation Information and Analytics
Cloud
Mobile and Internet of Things
Ensure Compliance
ACCELERATE innovation to build for the future Blockchain
Open Data
Cognitive
Cloud
Enhance Service Delivery
Agile
Collaboration
Information Security with Continuous Monitoring and Mitigation
ACHIEVE CAP goals for Cyber Security
Identity Credential Management / User Authentication
Anti-Phishing and Malware Mitigation Cross Agency Shared Services
Security Transformation Services Management Consulting | Systems Integration | Managed Security
The IBM Security portfolio creates an agile integrated approach to Cyber Security
Security Operations and Response
Information Risk and Protection Cloud Security
Incident Response Cyber Threat Analysis
Identity Governance and Access Management
Security Intelligence and Analytics
Advanced Fraud Prevention
Vulnerability and Patch Management
Endpoint and Network Protection
User Behavior Analytics
Data Protection
Security Research and Threat Intelligence 12
IBM Security
Mobile Security
Application Security
IBM’s deep security portfolio maps to the CAP goals of the Federal Government App Exchange
X-Force Exchange
Information Security with Continuous Monitoring and Mitigation BigFix
Network Protection XGS QRadar Incident Forensics
SECURITY OPERATIONS AND RESPONSE Anti-Phishing and Malware Mitigation
QRadar SIEM
QRadar Vulnerability / Risk Manager
QRadar User Behavior Analytics Resilient Incident Response
MaaS360
Trusteer Pinpoint Trusteer Mobile
QRadar Advisor with Watson
i2 Enterprise Insight Analysis
Trusteer Rapport
Identity Credential Management / User Authentication
INFORMATION RISK AND PROTECTION Guardium Key Manager AppScan Cloud Security
Cross Agency Shared Services
SECURITY TRANSFORMATION SERVICES Management consulting | Systems integration | Managed security 13
IBM Security
Identity Governance and Access Privileged Identity Manager Cloud Identity Service zSecure
With IBM Security government leaders can transform citizen experience and service delivery, while protecting data and operations against tomorrow’s risks, today
Deep Threat Intelligence and Analysis • Put threat matrix in context allowing you to inspect events, flows, users, and more across the enterprise, agencies and operations • Fast analysis with visuals, query, and auto-discovery across multiple points • Machine learning algorithms to spot unusual behaviors and vulnerabilities
14
IBM Security
An Open Agile Ecosystem
Cognitive Analytics
• Better security without disrupting operations and service delivery
• Natural language processing to speed interaction and insight
• Agile Out-of-the-box allowing integration with 500+ third-party security products
• Intelligent analytics that understands, reasons, and learns at speed and scale
• Open APIs allow for custom integrations and apps
• Augmented intelligence allowing your analysts to stay ahead of the latest threats and attacks
Integrated Service Delivery • Deep government industry service delivery experience across numerous types of operations • 35 billion+ security events analyzed daily across 4,500+ global clients • Integrated portfolio of security services and technology • Vast experience in strategy and change management implementation
THANK YOU FOLLOW US ON: ibm.com/security securityintelligence.com xforce.ibmcloud.com @ibmsecurity youtube/user/ibmsecuritysolutions
© Copyright IBM Corporation 2017. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. Any statement of direction represents IBM's current intent, is subject to change or withdrawal, and represent only goals and objectives. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM does not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party.
Background Additional Reading Commission on Enhancing National Cybersecurity: https://www.nist.gov/sites/default/files/documents/2016/12/02/cybersecurity-commissionreport-final-post.pdf
Security Scorecard: 2016 US Government Cybersecurity Report: https://cdn2.hubspot.net/hubfs/533449/SecurityScorecard_2016_Govt_Cybersecurity_Rep ort.pdf
16
IBM Security
IBM Security product portfolio Security Operations and Response
Information Risk and Protection
Incident Response
Cloud Security
Mobile Security
Resilient Incident Response Platform
Cloud Identity Service and IBM SaaS, PaaS, and IaaS security products
MaaS360
Cyber Threat Analysis Identity Governance and Access Management
i2 Enterprise Insight Analysis
Identity Governance and Intelligence | Access Manager Security Intelligence and Analytics
Privileged Identity Manager | Directory Suite
QRadar SIEM | QRadar on Cloud | QRadar Incident Forensics
Identity Manager | zSecure suite
QRadar Advisor with Watson Advanced Fraud Prevention Vulnerability and Patch Management
Endpoint and Network Protection
User Behavior Analytics
QRadar Vulnerability Manager
BigFix
QRadar User Behavior Analytics
BigFix
Carbon Black Protection / Response
Trusteer Rapport | Trusteer Fraud Protection Trusteer Pinpoint Malware Detection | Trusteer Mobile Data Protection
Application Security
Guardium
AppScan
Key Lifecycle Manager
Application Security on Cloud
Network Protection
Arxan App Protection
Security Research and Threat Intelligence X-Force | X-Force Exchange | App Exchange
17
IBM Security
IBM Security offers the industry’s first integrated, end-to-end Security Operations and Response Platform Prevent, detect, and respond to threats with an intelligent, orchestrated, automated platform HR
LEGAL
CEO
CISO
IT
• See, understand, and act on all endpoint threats IBM BigFix • Prevent network exploits and limit malware communications IBM Security Network Protection
SECURITY OPERATIONS AND RESPONSE Incident Response
Security Intelligence and Analytics Endpoint and Network Protection
User Behavior Analytics
Security Operations and Incident Response Services
IDS | NIPS | AV | DLP | FW | DBs | Apps | …
18
IBM Security
• Significantly reduce threat research and response time IBM QRadar Advisor with Watson
• Use cyber analysis to hunt for attackers and predict threats IBM i2 Enterprise Insight Analysis
Cyber Threat Analysis
Vulnerability and Patch Management
• Use advanced analytics to discover and eliminate threats IBM QRadar Security Intelligence
• Orchestrate and automate the incident response process IBM Resilient Incident Response Platform • Enhance attack detection and investigation with threat intelligence IBM X-Force Exchange
• Quickly defend your organization with apps and add-ons IBM App Exchange • Deliver operations consulting to help implement processes and response experts when something goes wrong IBM Security Services
IBM Security has the industry’s most comprehensive solution for Information Risk and Protection Keep your information protected while securely interacting with employees and consumers LOB
RISK
CISO
AUDIT
IT
• Deliver visibility, control and protection of cloud apps IBM Cloud Security • Mobile productivity and enterprise security without compromise IBM MaaS360
INFORMATION RISK AND PROTECTION
• Govern and enforce context-based access to critical assets IBM Identity Governance and Access Management • Protect crown jewels across the enterprise and cloud IBM Guardium
Cloud Security
Mobile Security
Identity Governance and Access Management Advanced Fraud Prevention Data Protection
Application Security
Governance, Risk and Compliance Services
19
IBM Security
• Scan and remediate vulnerabilities in modern applications IBM AppScan • Stop financial and phishing fraud, and account takeovers IBM Trusteer • Deliver governance, risk and compliance consulting, systems integration and managed security services IBM Security Services
With proven global expertise, IBM Security Transformation Services deploys and manages optimized security programs • Automate governance, risk and compliance programs Security Strategy, Risk and Compliance CEO
CIO
CISO
CRO
CCO
CLO
• Build security operations and security fusion centers Security Intelligence and Operations • Take a programmatic approach to security testing X-Force Red Offensive Security
SECURITY TRANSFORMATION SERVICES Management Consulting
Systems Integration
Security Strategy, Risk and Compliance Security Intelligence and Operations X-Force Red Offensive Security X-Force Incident Response and Intelligence Identity and Access Management Data and Application Security Infrastructure and Endpoint Security
20
IBM Security
Managed Security
• Establish proactive incident response programs X-Force Incident Response and Intelligence • Modernize identity and access management for the cloud and mobile era Identity and Access Management • Deploy robust critical data protection programs Data and Application Security • Redefine infrastructure and endpoint solutions with secure software-defined networks Infrastructure and Endpoint Security
