1. Managing Risk and Enabling Business Transformation
Glen Gooding– Director, Institute for Advanced Security
Asia Pacific
August 2012

2. The Journey Toward a Smarter Planet Continues
Smart Supply Chains
Smart Countries
Smart Retail
Smart Water Management
Smart Weather
Smart Energy Grids
INSTRUMENTED
INTERCONNECTED
INTELLIGENT
Smart Oil Field Technologies
Smart Regions
Smart Healthcare
Smart Traffic Systems
Smart Cities
Smart Food Systems
The planet is getting Smarter. And as all of you probably know, at IBM we are spending an inordinate amount of time with customers to help them realize the awesome potential of this new instrumented, interconnected and intelligent reality. Hopefully in the ads we’ve put out you’ve seen cities, grids, hospitals and police departments be able to innovative in amazing new ways.
But the truth is, at least two of these three terms, namely interconnected and instrumented, are a security guy’s worst nightmare. So every time we work with customers, we need to think about security and the risks out there.
So what are those risks?
Smart Customer Case Studies
Dubai Gold & Commodities Exchange
"Our entire business depends on the availability of our network and its performance, and the IBM product helps maintain our uptime. In fact, since we put it in place three years ago, we have maintained system uptimes of over 99.9 percent." - Basab Banerjee, head of technology, Dubai Gold & Commodities Exchange
Dubai Gold & Commodities Exchange works with IBM to better secure its online trading services without sacrificing overall performance.
Challenge Strengthen the overall security of an online trading system without sacrificing system performance Solution Work with IBM Internet Security Systems to protect key IT systems with IBM Proventia® appliances Key benefits - Helps secure 99.9 percent system availability - Increases the security of financial data, preventing outside intrusions or virus attacks - Encourages higher customer-service levels As Dubai has been distinguishing itself as an epicenter for trade in the Middle East and surrounding regions for the past several years, it seemed only logical to the Dubai Multi Commodities Centre (DMCC), Financial Technologies (India) Limited and the Multi Commodity Exchange of India Ltd. (MCX) to form the region’s first commodity derivatives exchange—the Dubai Gold & Commodities Exchange (DGCX). This exchange, trading in gold, silver, currency and oil futures, supports electronic trades from its 230 member organizations located around the globe. An avoidable sacrifice At its founding, DGCX ( distinguished itself as an innovative commodities exchange by deploying a complex online trading system to support members from Japan to New York. And, with transactions coming from so many locations, DGCX had deployed a high performance network infrastructure designed to offer responsive, uninterrupted service to traders. Of course, accompanying this demand for performance was an equal need for data security. “This is financial data, so obviously we need to protect against any unauthorized access,” explains Basab Banerjee, head of technology at DGCX. And, to this end, the business had taken steps to deploy a firewall solution to protect this critical data. However, with the security of its trading data as a priority, DGCX felt that it could do more. An obvious choice Staff from IBM Internet Security Systems deployed the IBM Proventia® Network Intrusion Prevention System within the exchange’s existing infrastructure, leveraging its integrable functionality. The Proventia appliances protect against zero-day attacks and help prevent unauthorized network intrusions. DGCX also signed an ongoing services contract with IBM that secures regular update and tuning support to better enable the security solution to deal with recently identified threats and vulnerabilities. Since the Proventia solution was put in place, DGCX has seen a steady growth in its business, attributing much of its success to its ability to meet uptime targets and customer service levels. And Banerjee feels that part of this high service quality was a result of the IBM solution. He explains, “Our entire business depends on the availability of our network and its performance, and the IBM product helps maintain our uptime. In fact, since we put it in place three years ago, we have maintained system uptimes of over 99.9 percent.” Over that same time period, the client has also avoided any security breaches or any outages associated with worms or viruses.
Gruppo Intergea
Gruppo Intergea protects its infrastructure with behavior-based, automated security monitoring tools, boosting the reliability and continuity of key business systems.
Business need: The organization wanted to strengthen its security processes to protect its IT environment from outside intrusions, as well as spam, virus attacks and related threats.
Solution: Working with IBM Internet Security Systems, the organization deployed a behavior-based, automated security platform that proactively scans its network environment to identify virus-like and suspicious behavior and then takes the appropriate steps to resolve it.
Overview Gruppo Intergea, Turin, Italy
460 Employees Automotive industry Products • IBM Internet Security Systems • IBM Internet Scanner® • IBM Proventia® Desktop Endpoint Security • IBM Proventia Intrusion Prevention System GX3002 A well-recognized Italian business, Gruppo Intergea offers sales and support services to European automobile manufacturers. The company’s 17 dealership chains, 36 showrooms and 225 repair and body shops support a variety of brands, including Fiat, Alfa Romeo and Lancia. Challenge Gruppo Intergea relies heavily on its desktop environment and supporting network to perform day-to-day business operations. Realizing the importance of these systems, the organization wanted to strengthen its security processes to protect its IT environment from outside intrusions, as well as spam, virus attacks and related threats. Furthermore, the company needed a proactive solution because it lacked the internal resources to constantly monitor its IT infrastructure. Solution Working with IBM Internet Security Systems, the organization deployed a behavior-based, automated security platform that proactively scans its network environment to identify virus-like and suspicious behavior and then takes the appropriate steps to resolve it. The solution analyzes security data collected from throughout the network, comparing it with known threats and extrapolating similar behaviors to recognize new, undocumented threats. The solution leverages IBM Proventia® Desktop Endpoint Security technology to protect the client’s personal computers, while an IBM Proventia Intrusion Prevention System GX3002 device and IBM Internet Scanner® software monitor the overall network.
Benefits • Strengthens IT security by analyzing process and user behaviors to identify and address threats that have not been formally recognized • Helps reduce and prevent network downtime • Boosts the reliability and continuity of key business systems with a proactive monitoring system 2
PULSE_2012_SK4-Security.pptx

3. ATTACK SOPHISTICATION
The speed and dexterity of attacks has increased coupled with new motivations from cyber crime to terrorism to state-sponsored intrusions 3
PULSE_2012_SK4-Security.pptx

4. IBM PULSE 2011
3/25/2017
3/25/2017 1:09 PM
CLOUD
Organizations continue to move to new platforms including cloud, virtualization, mobile, social business and more
First, Everything is Everywhere. Where did the boarders of your business go? Is your company’s data sored in the Cloud? Is it the provider you selected? Or a Cloud an employee just likes to post stuff too? We recently asked a room of software developers using Rational tools how many of them posted source code to Drop Box vs. how many of their companies knew they’re doing it? How many employees forward to Gmail when they’re on vacation? Easier to keep u that way. Everything is everywhere. Your data’s in the Cloud. 4
Steve Robinson_v11
PULSE_2012_SK4-Security.pptx 4

5. IBM PULSE 2011
3/25/2017
3/25/2017 1:09 PM
CONSUMERIZATION OF IT
With the advent of Enterprise 2.0 and social business, the line between personal and professional hours, devices and data has disappeared 5
PULSE_2012_SK4-Security.pptx
Steve Robinson_v11 5

6. DATA EXPLOSION
The age of Big Data – the explosion of digital information – has arrived and is facilitated by the pervasiveness of applications accessed from everywhere
Data explosion is the other dimension. There’s just more and more diverse types of data out there. Social media is fueling this… analytics is fueling it… where is your data? Which is confidential and how do you secure what matters? Tricky topics.
Data explosion examples:
Data explosion: Every day we create 2.5 quintillion bytes of data – so much that 90 percent of the world’s data today has been created in the last two years alone. The increasing volume, variety and velocity of data available from new digital sources like social networks, in addition to traditional sources such as sales data and market research, tops the list of CMO challenges. The difficulty is how to analyze these vast quantities of data to extract the meaningful insights, and use them effectively to improve products, services and the customer experience. Social platforms: Social media enables anyone to become a publisher, broadcaster and critic. Facebook has more than 750 million active users, with the average user posting 90 pieces of content a month. Twitter users send about 140 million tweets a day. And YouTube’s 490 million users upload more video content in a 60-day period than the three major U.S. television networks created in 60 years. (
Case Study
Data Security and Compliance in Healthcare
Published on 31-Jan-2011
Customer: Leading Healthcare Payer Organization
Industry: Healthcare
Deployment country: United States
Solution: Information Governance, Integrated Data Management, Security: Governance, Risk and Compliance
Overview
Case Study: Implementing database activity monitoring and auditing in a leading healthcare payer organization.
Business need: Finding a cost effective means of implementing controls to protect sensitive data and validating compliance with multiple mandates.
Solution: This organization evaluated multiple vendors and chose the IBM InfoSphere Guardium solution. IBM’s appliance-based technology allows companies to secure their enterprise data and rapidly address auditors’ requirements without affecting performance or requiring changes to databases or applications.
Benefits: InfoSphere Guardium centralizes and automates controls across distributed heterogeneous database environments, while streamlining compliance process with centralized workflow automation.
A leading healthcare payer organization with more than 500,000 members needed to implement database auditing in order to comply with SOX and HIPAA regulatory requirements. The organization wanted to: • Monitor access to all critical databases, including access by privileged insiders. • Create a centralized audit trail for all their database systems. • Produce detailed compliance reports (SOX and HIPAA) for their auditors. • Implement proactive security via real-time alerts for critical events. • Acquire a solution that integrated easily with their existing environment (LDAP, SIM/SEM, Cisco switches, MOM, etc.) and could be managed remotely. • Select a solution that does not rely on database-resident functions (such as triggers, trace or transaction logs, etc.) which can affect database performance and stability. Environment The healthcare payer infrastructure includes nearly 50 database instances in Production, Staging, Test, and Development environments, that need to be monitored for unauthorized or suspicious access. These databases support a range of financial, customer, and patient applications. The InfoSphere Guardium solution is complementary to existing security investments such as perimeter firewalls, SSL VPNs, identity management, SIM/SEM, IDS, and configuration policy management. About IBM InfoSphere Guardium InfoSphere Guardium is the most widely-used solution for preventing information leaks from the data center and ensuring the integrity of enterprise data. It is installed in more than 400 customers worldwide, including 5 of the top 5 global banks; 4 of the top 6 insurers; top government agencies; 2 of the top 3 retailers; 20 of the world’s top telcos; 2 of the world’s favorite beverage brands; the most recognized name in PCs; a top 3 auto maker; a top 3 aerospace company; and a leading supplier of business intelligence software. InfoSphere Guardium was the first solution to address the core data security gap by providing a scalable, cross-DBMS enterprise platform that both protects databases in real-time and automates the entire compliance auditing process. Guardium is part of IBM InfoSphere; an integrated platform for defining, integrating, protecting and managing trusted information across your systems. The InfoSphere Platform provides all the foundational building blocks of trusted information, including data integration, data warehousing, master data management, and information governance, all integrated around a core of shared metadata and models. The portfolio is modular, allowing you to start anywhere, and mix and match InfoSphere software building blocks with components from other vendors, or choose to deploy multiple building blocks together for increased acceleration and value. The InfoSphere Platform provides an enterprise-class foundation for information-intensive projects, providing the performance, scalability, reliability and acceleration needed to simplify difficult challenges and deliver trusted information to your business faster. 6
PULSE_2012_SK4-Security.pptx

7. Security Threats Are Accelerating7
PULSE_2012_SK4-Security.pptx

8. Targeted attacks shake businesses and governments
Source: IBM X-Force® 2011 Trend and Risk Report JK

9. IT Security Is a Board Room Discussion
Business Results
Brand Image
Supply Chain
Legal Exposure
Impact of Hacktivism
Audit Risk
Sony estimates potential $1B long term impact – $171M / 100 customers
HSBC data breach discloses 24K private banking customers
Epsilon breach impacts 100 national brands
TJX estimates $150M class action settlement in release of credit / debit card info
Lulzsec 50-day hack-at-will spree impacts Nintendo, CIA, PBS, UK NHS, UK SOCA,
Sony …
Zurich Insurance PLc fined £2.275M ($3.8M) for the loss and exposure of 46K customer records
Sources
Sony breach:
HSBC breach:
Epsilon breach:
TJX breach: TJX Companies, Inc. press release, 8/14/2007,
Lulzec breach:
Zurich Insurance breach: (Financial Services Authority of Britain)
IT Security Is a Board Room Discussion 9
PULSE_2012_SK4-Security.pptx

11. IBM’s Security Strategy11
PULSE_2012_SK4-Security.pptx

12. Solving a Security Issue Is a Complex, four-dimensional Puzzle
People
Data
Applications
Infrastructure
Employees
Hackers
Outsourcers
Suppliers
Consultants
Terrorists
Customers
Structured
Unstructured
At rest
In motion
Systems applications
Web applications
Web 2.0
Mobile apps
Attempting to protect the perimeter is not enough – siloed point products cannot adequately secure the enterprise

13. Intelligence Integration Expertise
Delivering intelligence, integration and expertise across a comprehensive framework
IBM Security Systems
End-to-end coverage of the security foundation
6K+ security engineers and consultants
Award-winning X-Force® research
One of the largest vulnerability databases in the world
Intelligence Integration Expertise

14. Intelligence: A comprehensive portfolio of products and services across security domains

15. Integration: Increased security, collapsed silos, reduced complexity
Consolidate and correlate siloed information
Detect, notify and respond to threats
Automate compliance tasks and assess risks
Detect the latest exploits, vulnerabilities, and malware
Automatically update SW
Add security intelligence to non-intelligent systems
Block specific vulnerabilities using scan results
Converge access mgmt with web service gateways
Link identity information with database security

16. World Wide Managed Security Services Coverage
Expertise: Global coverage and security awareness
9 Security Operations Centers
9 Security Research Centers
14 Security Solution Development Centers
3 Institute for Advanced Security Branches
World Wide Managed Security Services Coverage
20K+ devices under contract
3,700+ MSS clients worldwide
13B+ events managed per day
1,000+ security patents
133 monitored countries (MSS)
14B analyzed Web pages & images
40M spam & phishing attacks
54K documented vulnerabilities
Billions of intrusion attempts daily
Millions of unique malware samples
IBM Research

17. The Path to Security Intelligence17
PULSE_2012_SK4-Security.pptx

18. Regulation and Compliance
IBM is investing in solutions to key trends driving the next wave of security innovation
Advanced Threats
Cloud Computing
Advanced Persistent Threats. Designer Malware. Stealth Bots. Zero-days. Targeted Attacks.
Enterprise Customers
Mobile Computing
Regulation and Compliance
GLBA

19. Security Intelligence is enabling progress to optimized security

20. Helping define the new role of the information security leader and tracking security trends