Strategic threat assessment helping organizations understand how threat actors Attack vulnerable assets

Cyber attacks will remain rampant until businesses prioritize and implement security tools across the entire organization The average cost of a data breach globally continues to rise

Every organization faces security risks, but the risks aren’t the same for everyone Threat actor Motive Impact Personal advantage, monetary gain Sabotage for personal reasons Bribery Disclosure of trade secrets Disrupt business activities Brand damage External Threats Financial gain Collect information for future financial gain  Espionage or influence Regulatory inquiry/penalty Brand/reputation damage Consumer lawsuits Organized crime/ Nation State Political change Pressure business to change their practices Create fear or uncertainty Disrupt business activities Consumer confidence loss Every organization faces security risks, but the risks aren’t the same for everyone. An attacker targeting a retail organization, for example, will likely go after different assets than an attacker targeting a hospital. Within the organization, targets vary, too. An attack on the accounting department might target financial data or employees’ personal information, while an attack on the engineering department might target trade secrets and other intellectual property. Hacktivists

Strategic threat assessment from IBM X-Force IRIS Take Action at Different Levels of Intelligence Outsiders Outsiders 45% 40% TACTICAL OPERATIONAL STRATEGIC MACHINE-TO-MACHINE INTELLIGENCE TO DETECT AND PREVENT THE KNOWN AND UNKNOWN ATTACKS IDENTIFY RISK LEVEL, ATTACKER INSIGHTS, AND PRIORTIZE ALERT RESPONSE THREAT ACTOR AND INDUSTRY INSIGHTS TO STAY AHEAD OF THE ATTACKER AND TAKE ACTIONS HOW DOES IT WORK? Review a client’s key assets to characterize threat events by the typical attackers, the likely infection vectors, and the techniques and procedures that adversaries employ. Our unique understanding of adversaries and their tactics is derived from fusing information gathered at incident response investigations, technical observations, and open sources.  

It’s vital to understand the types of attackers and where an attack might occur and the procedures attackers are likely to employ What is discovered with STA? What can we do about it? it? Employ malicious code protection mechanisms at entry and exit points to detect and eradicate malicious code. Include practical exercises in security awareness training that simulate actual cyber attacks. Manages excess capacity, bandwidth, or other redundancy to limit the effects of information flooding denial of service attacks. Malicious code execution in unsecured databases Phishing Commodity Malware URL spoofing to gain credentials SQL-attacks Third-party access Credential Theft DDoS Attacks Exploit Kits Removable media Social Engineering Based on data IBM gathers for the client, threats are characterized by types of attackers, common points where an infection might occur and the procedures attackers are likely to employ—information an organization can use to protect itself.  

Combining our knowledge about threats to a report for senior leaders Malware Threat Groups Threat Activity Industry Using incident response investigations and technical observations by IBM experts, plus information on previous attacks at the organization and data from open sources, X-Force IRIS assigns a risk rating for the client. It then provides recommendations for improving security measures, such as utilizing threat intelligence to update risk assessment plans or briefing leaders on key threat intelligence regarding attackers, tools, vectors of infection and methods of exfiltration.

Through a better understanding of how bad actors behave you can target your company’s protection of asset Prioritize security investment decisions across the business based on potential impact of threat activity from similar firms Inform the board about changing strategic risks to company operations and assets Breakdown internal security silos by developing a common understanding of threats and business harms Implement threat intelligence to enhance enterprise security operations

IBM Security provides the expertise, talent, and end-to-end approach you need to deliver value Unparalleled Expertise Best-in-class Managed Security Services Integrated Approach IBM X-Force® Exchange and Threat Research teams providing zero-day threat alerts to clients Over 1400 employees serving 130+ countries, with a 95% retention rate 35 billion security events analyzed daily across 4,500+ global clients Access to a global network of skilled industry experts Deep industry service delivery experience across numerous types of operations Ability to lead and execute large, transformational projects Integrated portfolio of security services and technology Open ecosystem with 100+ technology alliances and 30+ services partners 800+ technical vendor and 150+ professional security certifications

4/19/2019 Mandatory closing slide with copyright and legal disclaimers.