Presentation is loading. Please wait.

Presentation is loading. Please wait.

IBM Security Pelin Konakçı IBM Security Software Sales Leader

Published byRoderick Stanley Modified over 8 years ago

Similar presentations

Presentation on theme: "IBM Security Pelin Konakçı IBM Security Software Sales Leader"— Presentation transcript:

1 IBM Security Pelin Konakçı IBM Security Software Sales Leader
Burak Özgirgin CISSP-ISSAP, CISM, CISA, CEH, ISO27001LA IBM Security Services – Managing Consultant

2 Attackers break through conventional safeguards every day
Source: IBM X-Force Threat Intelligence Quarterly – 1Q 2015 Attack types % increase ,000,000+ records 2014 Unprecedented impact XSS SQLi Misconfig. Watering Hole Brute Force Physical Access Heartbleed Phishing DDoS Malware Undisclosed A new security reality is here, where… Sophisticated attackers break through conventional safeguards every day. Organized criminals, hacktivists, governments and adversaries are compelled by financial gain, politics and notoriety to attack your most valuable assets. Their operations are well-funded and business-like ‒ attackers patiently evaluate targets based on potential effort and reward. Their methods are extremely targeted ‒ they use social media and other entry points to track down people with access, take advantage of trust, and exploit them as vulnerabilities. Meanwhile, negligent employees inadvertently put the business at risk via human error. Even worse, security investments of the past can fail to protect against these new classes of attacks. The result is more severe security breaches more often. Note: Size of circle indicated estimated relative impact In the past three years, the amount of data records and variety of attacks have expanded to epic levels. 2012: Near Daily Leaks of Sensitive Data 40% increase in reported data breaches and incidents 2013: Relentless Use of Multiple Methods 800,000,000+ records leaked, while the future shows no sign of change 2014: “Insane” Amounts of Records Breached 42% of CISOs claim the risk from external threats increased dramatically from prior years. Source: IBM X-Force Threat Intelligence Quarterly – 1Q2015 According to a recent Ponemon study, 256 days is the average time it takes companies to detect advanced persistent threats; and $6.5million is the average cost of a U.S. data breach Source: 2015 Cost of Data Breach Study, Ponemon Institute $6.5M average cost of a U.S. data breach average time to detect APTs 256 days Source: 2015 Cost of Data Breach Study, Ponemon Institute V

3 CISO Study In 2015, we took a closer look at how CISOs develop cybersecurity strategy and prioritize security investments Cybersecurity risk is a top C-suite priority with funding for security efforts growing to reflect the gravity of the challenge Historically, cybersecurity investment decisions were commonly based on the “checkbox” approach to meet compliance requirements Security leaders are now transforming their programs to be risk-based by using customized frameworks to determine risks and prioritize security investments About this report This IBM Center for Applied Insights report is based on “Identifying How Firms Manage Cybersecurity Investment,” an IBM-sponsored study by the Darwin Deason Institute for Cyber Security, part of the Lyle School of Engineering at Southern Methodist University in Dallas, Texas. In-depth interviews were conducted in a semi-structured approach to explore top cybersecurity risks, how risks are determined, organizational support for cybersecurity initiatives and how investments are prioritized. Security leaders interviewed by industry

4 CISO Study Top challenges facing CISOs in transforming to a risk-based program Focusing on the “strategic” How do I transform from a compliance-based security program to one focused on risk? Communicating priorities How can I best communicate risk to top management and manage expectations? Making cybersecurity strategy consumable Do I have the skills, resources and tools to implement the right controls for success?

5 Top drivers of information security investment
CISO Study Top drivers of information security investment

6 Top prioritization approaches
CISO Study Top prioritization approaches

7 CISO Study CISOs are increasingly turning to frameworks as the strategic tool of choice to assess risk and prioritize threats Key elements of a cybersecurity program: Consider business priorities, assets, processes Document formal cybersecurity strategy, objectives and goals Define formal framework of risk management controls Evaluate and prioritize gaps in current vs desired state across risk management controls Build a plan to address, monitor and reassess the prioritized control gaps

8 CISO Study Customized frameworks help to move beyond compliance to risk-based strategy Traditional focus on security compliance doesn’t ensure organizations are best prepared for potential security breaches Frameworks provide a better basis for risk assessment to thoroughly and consistently assess security challenges and determine gaps Companies developing their own cyber-risk frameworks are more likely to have a deeper understanding of the real risks to their organizations “Security has to have a basis to argue its point of view in a compelling story with some thought behind it, rather than ‘I want to get these things because it’s the next cool security thing that’s out there’.” -- CISO, Retail

9 CISO Study Frameworks help increase collaboration with the C-suite to communicate priorities Frameworks are an effective communication tool for CISOs to relay cybersecurity strategy to upper management for buy-in 85% of CISOs reported that upper-management support for cybersecurity efforts has increased 88% of CISOs reported that their security budgets have increased 25% of CISOs surveyed who thought they were spending appropriately also used frameworks as a strategic tool “Senior leadership is looking for me to articulate what the security strategy is in words, in projects, and in dollars that make sense to them.” -- CISO, Retail

10 External collaboration is often valuable
CISO Study External collaboration is often valuable When CISOs got push back over budgets, it was often because boards worry about ability to absorb budget given talent shortages The talent shortage has led many CISOs to look externally to supplement skills and resources CISOs rely on peer networks, third-party information and third-party threat intelligence data Most US-based CISOs we interviewed participate in information-sharing organizations and value what they learn; participation was lower for foreign CISOs

11 Key takeaways for developing risk-based cybersecurity programs
CISO Study Key takeaways for developing risk-based cybersecurity programs Move beyond compliance to risk-based strategy Customize frameworks to enable strategic assessment of the real risks to the organization, highlighting cybersecurity priorities. Increase collaboration with the C-Suite Use frameworks as an effective communications tool to relay cybersecurity strategy in a more consumable way to stakeholders for buy-in. Apply framework-driven cybersecurity insights Engage the right skills, third-party intelligence and industry best practices to implement the guidance derived from frameworks.

12 Mobile and Internet of Things
IBM Security Strategy Support the CISO agenda 1 Buyers CISO, CIO, and Line-of-Business Deliver a broad portfolio of solutions differentiated through their integration and innovation to address the latest trends HELP! Innovate around megatrends 2 Key Security Trends Advanced Threats Skills Shortage Cloud Mobile and Internet of Things Compliance Mandates Lead in selected segments 3 IBM Security Portfolio Strategy, Risk and Compliance Cybersecurity Assessment and Response Security Intelligence and Operations Advanced Fraud Protection Identity and Access Management Data Security Application Security Network, Mobile and Endpoint Protection Advanced Threat and Security Research In support of the critical role of the CISO, IBM offers integrated security intelligence and industry-leading experience enabled by the IBM Security Portfolio. All of the IBM Security offerings are backed by an extensive business partner ecosystem which consists of industry-leading technology, sales and service partners. <PRESENTER: See the optional portfolio slides in backup if more details are needed for your prospects>

13 Expand the value of security solutions through integration
DataPower Web Security Gateway AppScan BigFix MobileFirst Protect (MaaS360) QRadar SIEM QRadar Vulnerability Manager Key Lifecycle Manager IBM X-Force Research QRadar Incident Forensics QRadar Log Manager Guardium zSecure Trusteer Mobile Trusteer Pinpoint Trusteer Rapport Consulting Services Managed Services Network Advanced Fraud Data Mobile Applications Endpoint Identity and Access Security Intelligence SiteProtector Network Protection XGS Trusteer Apex QRadar Risk Manager Identity Manager Access Manager Identity Governance and Intelligence Privileged Identity Manager Continuous actionable intelligence More and more clients are taking a strategic approach to upgrading their defenses. They realize disconnected point products and services are expensive, hard to manage, and cannot solve today’s challenges. We’re witnessing a major shift in demand to partners who offer a platform of integrated security solutions – and we have the best in the business. In support of the critical role of the CISO, IBM offers integrated security intelligence and industry-leading experience enabled by the IBM Security Portfolio. All of the IBM Security offerings are backed by an extensive business partner ecosystem which consists of industry-leading technology, sales and service partners. <PRESENTER: See the optional portfolio slides in backup if more details are needed for your prospects>

14 Mobile and Internet of Things
IBM Security Strategy Support the CISO agenda 1 Buyers CISO, CIO, and Line-of-Business Deliver a broad portfolio of solutions differentiated through their integration and innovation to address the latest trends HELP! Innovate around megatrends 2 Key Security Trends Advanced Threats Skills Shortage Cloud Mobile and Internet of Things Compliance Mandates Lead in selected segments 3 IBM Security Portfolio Strategy, Risk and Compliance Cybersecurity Assessment and Response Security Intelligence and Operations Advanced Fraud Protection Identity and Access Management Data Security Application Security Network, Mobile and Endpoint Protection Advanced Threat and Security Research In support of the critical role of the CISO, IBM offers integrated security intelligence and industry-leading experience enabled by the IBM Security Portfolio. All of the IBM Security offerings are backed by an extensive business partner ecosystem which consists of industry-leading technology, sales and service partners. <PRESENTER: See the optional portfolio slides in backup if more details are needed for your prospects>

15 Holistic Approach in Security Operations
Governance Strategy SOC program governance Security policy & awareness IBM QRadar is the foundation to build an effective SOC on top of it Security Operations Center Journey Metrics IBM QRadar Governance Processes Organization Organization Structure Sourcing Staffing Education Role definitions Metrics Performance Efficiency Quality Capacity Cost Technology SIEM architecture Log sources Correlation Rules Ticketing & Portal Platform Integrations Process and Procedures Security intelligence Event monitoring Triage & Investigation Response

16 SIEM is Managed and Monitored
For the average client, IBM filters 1,764,720 security events weekly to identify 2 security incidents that can potentially do harm. Security Events Security Attacks Security Incidents Annual 91,765,453 Annual 16,856 Annual 109 Monthly 7,647,121 Monthly 1,405 Monthly 9 Weekly 1,764,720 Weekly 324 Weekly 2 Security Intelligence Correlation and analytics tools Security Intelligence Human security analysts

17 Protecting the Crown Jewels
DEFINE DISCOVER BASELINE SECURE MONITOR Phases What are the “crown jewels”? Where are they? How are they used? What is required to protect “crown jewels”? How to plan, design, and implement protection? What to consider operationally? Questions Answered Consulting Approach Strategic + Technical Assessment Gap Assessment and Strategic Planning System Integration Consulting Approach Method Approach

18 Governing and Managing the Identity
Management Provisioning Identity Mgmt Create Modify De- activate Role Mgmt Terminology: Entitlements Entitlement Groups Roles (Technical) Create Modify De- comms. Terminology: Identities Roles (Business) Attestation Identity Governance

19 IBM Security Services Portfolio
Security Strategy, Risk and Compliance Security Intelligence and Operations Cyber Security Assessment and Response Identity and Access Management Data and Application Security Infrastructure and Endpoint Security Security Essentials and Maturity Consulting Security Strategy and Planning Security Architecture and Program Design Critical Infrastructure Security Services PCI Compliance Advisory Services Information Security Assessment Security Framework and Risk Assessments Integrated Account Security Management Security Operations Consulting SIEM Design and Deploy Emergency Response Services Incident Response Planning Active Threat Assessment Penetration Testing Smart and Embedded Device Security APT3 Survival Kit Identity and Access Strategy and Assessment Access Management Design and Deploy Multi-factor Authentication Design and Deploy Identity and Access Solution Migration Identity Governance and Administration, Design and Deploy Critical Data Protection Program Data Discovery and Classification Data Security Strategy and Architecture Data Loss Prevention and Encryption Application Security Assessment Application Source Code Security Assessment Deployment and Migration Staff Augmentation Services Managed SIEM Security Intelligence Analyst Advanced Cyber Threat Intelligence Services Firewall Management Unified Threat Management Intrusion Detection and Prevention System Management Managed Protection Services Secure Web Gateway Management Malware Defense Management Intelligent Log Management IBM® X-Force® Hosted Threat Analysis Service Executive Protection Managed Identity Hosted Application Security Management <Presenter: This is a more detailed view of the services portfolio> From infrastructure, data and application protection to cloud and managed security services, IBM has the expertise to help safeguard your company’s IT infrastructure. We protect some of the most sophisticated networks in the world, and employ some of the best minds in the business. Cloud Identity Cloud Security Strategy Managed Web Defense Hosted and Web Security Hosted Vulnerability Management Consulting and Systems Integration Managed Security Services Cloud Security Services

20

Download ppt "IBM Security Pelin Konakçı IBM Security Software Sales Leader"

Similar presentations

1© Copyright 2011 EMC Corporation. All rights reserved. The Future of the Advance Soc 3rd Annual Privacy, Access and Security Congress, Ottawa, 2012 Mike.

1© Copyright 2011 EMC Corporation. All rights reserved. The Future of the Advance Soc 3rd Annual Privacy, Access and Security Congress, Ottawa, 2012 Mike.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.
“High Performing Financial Institutions and the Keys to Success in an Uncertain Environment”

“High Performing Financial Institutions and the Keys to Success in an Uncertain Environment”
A Covenant University Presentation By Favour Femi-Oyewole, BSc, MSc (Computer Science), MSc (Information Security) Certified COBIT 5 Assessor /Certified.

A Covenant University Presentation By Favour Femi-Oyewole, BSc, MSc (Computer Science), MSc (Information Security) Certified COBIT 5 Assessor /Certified.
Security Controls – What Works

Security Controls – What Works
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.

Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.
IBM Security A New Era of Security for a New Era of Computing Pelin Konakcı IBM Security Software Sales Leader.

IBM Security A New Era of Security for a New Era of Computing Pelin Konakcı IBM Security Software Sales Leader.
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.

Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

Resiliency Rules: 7 Steps for Critical Infrastructure Protection.
Financial Advisory & Litigation Consulting Services Risk Management 2006 September 14-15, 2006 The Metropolitan Club, New York, NY Workshop B: Information.

Financial Advisory & Litigation Consulting Services Risk Management 2006 September 14-15, 2006 The Metropolitan Club, New York, NY Workshop B: Information.
Lessons Learned in Smart Grid Cyber Security

Lessons Learned in Smart Grid Cyber Security
© 2014 IBM Corporation Smarter Workforce Services Business Process Innovation.

© 2014 IBM Corporation Smarter Workforce Services Business Process Innovation.
1. 2 IT innovations in specialized areas where competitors will have difficulty copying Excellence in design of processes and activities and how they.

1. 2 IT innovations in specialized areas where competitors will have difficulty copying Excellence in design of processes and activities and how they.
What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.

What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.
Copyright © 2011 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
© 2001 Carnegie Mellon University S8A-1 OCTAVE SM Process 8 Develop Protection Strategy Workshop A: Protection Strategy Development Software Engineering.

© 2001 Carnegie Mellon University S8A-1 OCTAVE SM Process 8 Develop Protection Strategy Workshop A: Protection Strategy Development Software Engineering.
Copyright © 2011 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
1 CISCO SAFE: VALIDATED SECURITY REFERENCE ARCHITECTURE What It Is Business Transformation Top Questions To Ask To Initiate The Sale Where It Fits KEY.

1 CISCO SAFE: VALIDATED SECURITY REFERENCE ARCHITECTURE What It Is Business Transformation Top Questions To Ask To Initiate The Sale Where It Fits KEY.

Similar presentations

Ads by Google