SlideShare une entreprise Scribd logo
1  sur  12
Télécharger pour lire hors ligne
Before the breach 
Using threat intelligence to stop attackers in their tracks 
IBM Global Technology Services 
White Paper 
Managed Security Services
2 Before the breach 
Data breaches happen. They happen to big companies 
and small companies, government agencies and nonprofit 
organizations, hospitals and hotels. They happen every day, 
everywhere and under virtually every kind of circumstance 
you can imagine. And there’s no reason to believe that they’re 
going to stop happening anytime soon. 
Organized criminals, hacktivists, governments and adversaries 
are compelled by financial gain, strategic advantage and 
notoriety to attack your most valuable assets. Their operations 
are often well funded and businesslike. Attackers patiently 
evaluate targets based on potential effort and reward. They 
use social media and other entry points to track down people 
with access, take advantage of trust and exploit them as 
vulnerabilities. At the same time, negligent employees can 
inadvertently put the business at risk as the result of simple 
human error. 
IBM’s global monitoring operations and analysts have 
determined that the average company experienced more than 
91 million security events in 2013 (see Figure 1)—a 12 percent 
increase over 2012. That reflects the continued worldwide 
growth of data, networks, applications and the new technology 
and innovations they support. It also reflects a growing number 
of targets for potential attacks.1 
Figure 1. Security intelligence makes it possible to reduce the millions of security events detected annually in any one of our clients’ systems to an average of 16,900 
attacks—and under 110 incidents—in a single organization over the course of a year. 
Security events, attacks and incidents for 2013 
Security events 
Annual 91,765,453 
Monthly 7,647,121 
Weekly 1,764,720 
Security attacks 
Annual 16,856 
Monthly 1,405 
Weekly 324 
Security incidents 
Annual 109 
Monthly 9 
Weekly 2 
Security Intelligence 
Correlation and analytics tools 
Security Intelligence 
IBM security analysts
IBM Global Technology Services 3 
The damage can be severe 
If consumers lose faith in a company’s ability to keep their 
personal data safe, that company can ultimately lose customers. 
In some cases, they can lose intellectual property. And they 
most certainly stand to lose money. By one estimate, the 
average cost of a single breach is more than $3.5 million.2 
Taking the cost factor one step further, it’s also estimated that 
each lost data record costs companies an average of $145.3 In 
other words: 
• A major retailer with millions of leaked credit cards 
could face more than $1 billion in direct costs, 
including fines. 
• A university that leaked 40,000 records could suffer over 
$5.4 million in losses. 
Unfortunately, security investments—and approaches—of the 
past may fail to protect against the highly sophisticated attacks 
we’re seeing today. As a result, more severe security breaches 
are taking place more often—and gaining more negative 
attention in the media. In fact, public reaction to these breaches 
has led 61 percent of organizations to say that data theft and 
cybercrime are the greatest threats to their reputation.4 
The sobering truth is, threats and attacker strategies are 
advancing at a pace that most enterprises are unable to 
match. What’s more, sophisticated attackers can continue to 
steal valuable data for months—or even years—before they’re 
even detected. 
Know your enemy 
When it comes to sophisticated attacks, there’s little doubt 
that the attacker has the advantage. Because while you’re busy 
trying to deploy your limited resources in defense of whatever 
attacks may come your way, attackers have the “luxury” of 
being able to zero in on a specific target or set of targets. They 
can choose to devote all their energy and resources to finding 
your vulnerabilities and exploiting them. 
We all know that to protect your organization’s data, you need 
to have the right security strategy, technology, policies, and 
operations in place. But it’s become increasingly clear that 
access to the right information and intelligence may be the 
most important thing you need to help level the playing field 
against today’s attackers. With up-to-date intelligence about 
current and future threats, and a real understanding of how 
well your security strategy stands up to these threats, you’re 
in a better position to manage your defenses, reduce risk and 
make smarter investments. 
Threat intelligence transforms the technical analysis required 
to identify the symptoms of an attack—such as malware and 
security events—into an understanding of who the attackers 
are and what their motives and capabilities may be. Armed 
with that information, you can gain the insight necessary to 
develop a proactive stance that makes it more difficult for 
attackers to succeed.
4 Before the breach 
In other words, you can use information about the threats 
themselves to help manage risk. Taking advantage of threat 
intelligence to help prioritize your security controls can help 
you identify the latest attacks more quickly and increase the 
speed with which you’re able to respond to an incident. 
Where should you start? 
If your organization is like most others today, you’ve probably 
got at least a basic security strategy in place—along with at 
least some defensive measures designed to keep outsiders out. 
But there are lots of ways to look at IT security and plenty 
of areas that can be of particular concern, making it virtually 
impossible to gather information on everything going in and 
out of your organization. So before you start thinking seriously 
about threat intelligence, you need to set your priorities. A 
good way to start is by answering the following questions: 
• Which assets do you need to protect most? Customer data? 
Intellectual property? Financial and personal profiles of 
your organization’s leaders? 
• Where in your organization would a security incident be 
likely to do the most damage? 
• What kind of attack would hurt you the most? 
It’s no coincidence that these are the very same questions 
an attacker might ask about you. That’s precisely why 
understanding attackers and their motivations is so critical to 
protecting your assets. 
Next, you need to determine where you are now on the 
IT security continuum and where you want to end up. For 
example, just about every organization today maintains some 
type of process for handling security-related software updates. 
But you may not be doing much in the way of vulnerability 
assessment, possibly because you don’t have the resources—in 
terms of time, budget or people—to identify your exposures or 
set priorities for eliminating them. 
Or, if you’re already on board with assessing and prioritizing 
your vulnerabilities, you may also have a SIEM (security 
information and event management) system in place. You do? 
Then what are you doing with the monitoring data you’re 
collecting? Do you know which specific types of events should 
be cause for further investigation? You can improve your 
chances of detecting possible problems if you combine your 
SIEM findings with threat intelligence on the actors, tactics, 
tools and practices that are mostly likely to hurt 
your organization. 
This is the type of intelligence that can allow you to spot the 
signs that an attack may be under way. And armed with that 
evidence, you can begin to take action well before an actual 
breach occurs. 
Events, attacks and incidents defined 
Security event: An event on a system or network detected by a 
security device or application. 
Security attack: A security event that has been identified 
by correlation and analytics tools as malicious activity that 
is attempting to collect, disrupt, deny, degrade or destroy 
information system resources or the information itself. 
Security incident: An attack or security event that has been 
reviewed by security analysts and deemed worthy of 
deeper investigation.
IBM Global Technology Services 5 
Set priorities that make sense for 
your situation 
It’s likely that your cyber security priorities will mirror many 
of the threats currently facing your particular industry. Recent 
reports show that the same five industries have topped the list 
of those struck by the most incidents over the past two years,5 
with the same two continuing to hold the top spots (see 
Figure 2). Those two accounted for nearly half of each 
year’s security incidents among the data collected. The only 
difference is that they swapped places in 2013. It’s likely that 
these two industries will continue to battle for the number one 
target spot in the years to come, since a breach in either one 
can result in both major business disruption and big paydays 
for successful cyber criminals. 
Figure 2. The finance and manufacturing industries continue to offer attackers the most significant potential payoff.6 
Retail and 
wholesale 
26.5% 23.8% 
20.9% 21.7% 
2012 2013 
18.7% 18.6% 
7.3% 6.2% 
6.6% 5.8% 
Finance and insurance 
Manufacturing 
Information and 
communication 
Health 
and social 
services 
Retail and 
wholesale 
Finance and insurance 
Manufacturing 
Information and 
communication 
Health 
and social 
services 
Incident rates across monitored industries
6 Before the breach 
Moving down the list, the two industries occupying fourth 
and fifth place have also swapped places—although together 
they accounted for 12 percent of the incidents in 2013, 
compared to 14 percent in 2012. Both the retail and health 
services industries deal directly with consumers, meaning 
they both have high visibility and access to a huge number of 
potential victims. 
To see what it means to set priorities for threat intelligence, 
here’s a look at how companies in those top five industries 
might go about setting theirs. 
In the finance and insurance industry—where business 
is all about handling sensitive customer and financial data— 
governance and compliance issues play a dominant role 
in determining security priorities. But threat intelligence 
priorities need to go beyond a “checking the boxes” 
mentality, which tends to focus on avoiding intrusions by 
patching software and servers, enforcing identity and access 
management policies and other similar programs. A sensible 
approach to developing threat intelligence priorities for the 
finance and insurance industry might include: 
• Access to current insight into known threats and attack 
techniques that target financial businesses 
• Monitoring access to tangible asset data for evidence of 
anomalies that might indicate fraud or criminal activity, 
and increasing the priority of alerts correlated to known 
threat techniques 
• Regular and proactive assessments of security risks— 
including analysis of high-value resources for vulnerability 
to known and emerging attack techniques—and 
identification of highest priority issues, to help focus risk 
mitigation efforts 
In the manufacturing industry intellectual property 
remains the prized catch for attackers. Product designs, 
manufacturing details and business plans for developing and 
marketing everything from next-generation consumer devices 
to government-funded aerospace programs are the big targets 
here. And breaches could result in serious consequences for 
both the companies involved and public safety. The threat of 
industrial espionage also makes it important for manufacturers 
to understand the role that insiders might play as potential 
attackers, which means their priorities could include: 
• Tracking types and sources of email that’s been blocked 
or alerted by email security solutions for correlation with 
known attackers or threat techniques, such as advanced 
spearphishing attempts 
• Reviewing security assessments of issues discovered in 
product development and fabrication systems to determine 
which gaps may be exploitable by known and emerging 
high-priority threats 
• Penetration testing access to internal file sharing systems, 
looking for lapses in control that are known to be targeted 
by threat actors, or for unusual access patterns that could 
indicate internal threats 
In the information and communication industry, which 
includes social media, it’s become increasingly difficult to 
rein in the exchange of sensitive information across systems, 
often making the systems themselves the conduit for attacks. 
While attackers regularly hide in plain sight, they can also 
hack their way into internal media networks and gain access to
IBM Global Technology Services 7 
critical financial market data, where they could wreak havoc— 
undetected—in a matter of minutes. Threat intelligence 
priorities for information and communication organizations 
might include: 
• Correlating detected activity in mission-critical networks 
with known adversaries or attack techniques that pose 
a threat to communications systems, their users, or the 
business-critical processes that depend on them 
• Watching for anomalies in social media usage such 
as unusual access to legitimate accounts or activity 
inconsistent with normal account use, which might indicate 
account takeover or other exploitations of social media 
• Content monitoring to detect the compromise of legitimate 
web properties to propagate “drive by” malware downloads, 
or to discover integrated third party services—such as 
advertising content—which could be used or hijacked to 
deliver threat payloads 
In the retail industry, major security breaches dominated the 
news in late 2013, revealing the theft of over 110 million credit 
card records and shining a light on the vulnerability of credit 
card data. What’s more, those incidents resulted in serious 
financial and public trust issues for several major retailers. 
Because credit cards have become a hot commodity on the 
black market—and their value will likely keep them there for 
a long time—retailers have an urgent need to know as much 
as possible about the identity and motives of their attackers. 
Therefore, a retailer’s priorities could likely include: 
• Regularly assessing payment processing systems for 
evidence of vulnerabilities known to be targeted by threat 
actors and emerging attack techniques, and hardening those 
systems against the ongoing evolution of attacks revealed by 
threat actor intelligence 
• Performing regular gap analysis on payment card industry 
(PCI) compliance activities to determine whether there are 
patterns that correspond to known threat activity and merit 
further exploration 
• Employing ongoing threat analysis services to help identify 
potential threats before an attack can take place 
In the health and social services industry, complex 
compliance issues, many of which deal with patient and client 
privacy, are major security concerns. Security breaches could 
also disrupt the proper functioning of medical technology. 
Moving on from there, it’s easy to see how a breach could 
compromise an entire healthcare facility and potentially 
threaten critical care technology—which could lead to loss of 
lives. These are some of the reasons why threat intelligence 
priorities in this industry might include: 
• Active vulnerability scanning and assessment informed by 
the latest insight into threat activity for systems handling 
confidential patent and client data 
• Regular penetration testing for systems running life-support 
and medication delivery technologies for 
assessment of known or emerging threats to health 
and safety 
• Investigating SIEM attack data relating to private patient 
and client records for identification of activity correlated to 
recognized health, safety or patient/client privacy threats
8 Before the breach 
Penetration testing with a passion 
When it comes to setting priorities for threat intelligence—in 
virtually any industry—you’re likely to find that penetration 
testing plays an important role. Penetration testing certainly 
isn’t a new idea. But you might want to consider some new 
ways to approach it. 
As we’ve seen over the past few years, attackers are 
continually becoming more sophisticated, developing new 
techniques and finding new ways to exploit their targets. That 
means you need to become more creative in developing your 
penetration testing plans. 
First, you and your testing personnel should determine the 
scope of a realistic test. While most organizations are reluctant 
to allow a penetration test to disrupt operational systems, 
attackers rarely share that concern. But system disruption 
may not be the goal of an attacker who prizes stealth in order 
to remain hidden—and effective—for as long as possible. A 
truly effective test doesn’t need to threaten the availability 
or integrity of business-critical resources. It should, however, 
reflect an understanding of what an attacker would regard as 
the most valuable prizes in your organization. Focus on these 
assets and you’re likely achieve truly actionable results. 
With that in mind, you probably need to update your image 
of the “typical” attacker. Today’s attackers are smart, detail-oriented 
and highly committed to achieving their goals. They’ve 
broadened their repertoires, going beyond perimeter attacks 
to include spear phishing, social engineering and even on-site 
visits, all in the quest for access to an organization’s data. 
These people are passionate about what they’re doing—which 
means you need to be equally passionate about finding ways 
to stop them. Make sure that your penetration testers 
are driven by the same desire to “break things” as today’s 
hackers, who revel in the challenge of getting past your 
security measures. 
Second, ask your testers to try getting past your own users. 
Encourage them to send out fake emails and see how many 
takers they get—or how many users spot the potential scam. 
Give them your company phone directory and let them pose 
as members of your IT team, calling employees and asking for 
their passwords. Or tell them to try gaining access to secure 
areas by posing as employees or repair crews. The idea is not 
to embarrass people or point fingers, but to get an honest view 
of where you may have weak spots. 
And finally, remember that if at first they don’t succeed at 
getting what they want, many attackers will simply try again by 
taking a different approach. So make sure that your testers do 
the same thing and work all the angles—not just email, or only 
an on-premises visit, but both, as in a coordinated attack. You 
may be surprised by what you learn about your vulnerabilities. 
Still, that’s a lot better than being surprised by a breach.
IBM Global Technology Services 9 
Conduct your own incident investigation 
You can learn a lot about your vulnerabilities by carrying out 
your own incident investigation. In fact, you don’t even need 
to have a “real” incident to gain valuable insight into the 
types of vulnerabilities you may be facing. Take advantage 
of penetration testing to discover software or configuration 
defects that wouldn’t necessarily show up in a vulnerability 
assessment that’s looking only for known issues. Penetration 
testing also lets you gain insight into how a human element 
might exploit aspects of your security measures. As a result, you 
can identify gaps in your ability to protect critical assets and see 
exactly what kind of intrusions your systems can withstand. 
The journey from compliance to threat management 
A large international insurance company with over 50,000 
employees and more than 900 locations has made 
considerable progress along its IT security journey over 
the years. After starting out with basic security audits and 
compliance activities, and later incorporating a threat- and risk-focused 
approach, the company is now integrating security into 
its business strategy. 
But it’s taken some serious thought and effort to make 
that happen. 
A few years ago the company became concerned about a 
growing problem. They recognized that both internal and 
external actors could leverage any number of sophisticated 
attacks against its people, processes and technology. And 
if successful, those attacks could result in records theft, 
business disruption, customer dissatisfaction, lost revenue, 
fraud and a devaluation of the company’s brand. 
It turned out that the company’s continued use of its earlier 
security model—which had been designed for compliance, not 
threat detection—was at the root of the problem. The security 
system was reporting over 51 million events per hour, which 
required a manual, resource-intensive process to resolve. 
Not surprisingly, that led to delays in log collection, reporting 
and analysis. It ended up taking five full days from the time an 
attack was first detected until the security analysis could be 
completed. Needless to say, a lot of damage could occur in five 
days if any of those events were found to be serious threats. 
That was when the company asked IBM to help improve the 
situation. Together they worked to create a new security 
model focused on threat detection instead of compliance. 
By developing a new use case-driven tool, they were able to 
reduce the “noise” generated by so many events. They also 
shortened the time it took from the moment an attack was 
detected until action could be taken. Now, instead of taking 
five days, the entire process is completed in a single day. In 
addition, they instituted a closed-loop process for incident 
follow-though and closure. And they began to produce trend 
information and metrics on relevant threats. 
The company has found that shifting their focus from audits 
and compliance to threats and risk required putting the right 
structures in place to support their new approach and then 
putting their security and IT teams in a position to support 
those structures. Finally, they discovered that visibility is key 
to successful threat management and risk mitigation—which 
is what’s now allowing them to measure their performance 
against business priorities.
10 Before the breach 
Develop a strategy for targeting 
today’s threats 
With a security team that’s primed to hunt for attacks and 
breaches by collecting security-relevant data from multiple 
sources—and that’s got insight into the practices and tactics 
of your known adversaries—you can access the information 
you need to recognize evidence of threats before they surface. 
And by deploying security intelligence technologies that let 
you correlate those insights with malicious activity in real 
time, you can take action to thwart serious threats before they 
impact your business. You can also take advantage of new 
and more sophisticated sources of external threat intelligence 
and expertise—along with a set of newly emerging analytics 
capabilities and tools—to augment your own knowhow. 
Why act now? 
The truth is, your business may be just a keystroke or credit 
card swipe away from being in the headlines. And that’s just the 
first reason. Here are a few more: 
• Criminals will not relent: Once you’re a target, criminals 
will spend as much time trying to break into your 
enterprise as you spend on your core business. If you 
don’t have visibility into attacks as they happen, the 
criminals will succeed. 
• Every business is affected: In the past, banks were among 
the primary targets of cyber criminals. Today, diverse 
actors move with lightning speed to steal tangible assets, 
intellectual property, customer information and confidential 
data across all sectors. 
• Your perimeter may already have been breached: Recent 
attacks demonstrate that victims were compromised for 
months before they discovered it. Assuming that you have 
already been breached is today’s prudent security posture. 
Security intelligence technologies let you 
take action to thwart serious threats before 
they impact your business.
IBM Global Technology Services 11 
Why IBM Security? 
Traditional security defenses are no match for today’s 
unrelenting, well-funded attackers. And disruptive 
technologies are continuing to introduce new vulnerabilities 
to exploit. To stop attackers—regardless of how advanced or 
persistent they are—organizations must accelerate their ability 
to limit new risk and take advantage of intelligence to gain 
insight into attackers’ approaches and motives. 
IBM’s advanced cyber threat intelligence services provide 
that insight. Monitoring our worldwide security operations 
centers allows us to collect information on billions of security 
events that occur daily. But that’s just the beginning. We then 
combine that information with our technology partners’ threat 
analyses to deliver the kind of meaningful data that can help 
you improve your security strategy. 
IBM security experts have the industry knowledge to 
understand which threats are most applicable to you. And 
they coordinate with IBM managed and professional security 
services to provide you with the guidance you need to build a 
stronger security posture. 
For more information 
To learn more about how IBM can help you protect your 
organization from cyber threats and strengthen your IT 
security, contact your IBM representative or IBM Business 
Partner, or visit this website: 
ibm.com/services/security 
Follow us
© Copyright IBM Corporation 2014 
IBM Corporation 
IBM Global Technology Services 
Route 100 
Somers, NY 10589 
Produced in the United States of America 
June 2014 
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at “Copyright and trademark information” at ibm.com/legal/copytrade. shtml 
This document is current as of the initial date of publication and may be changed by IBM at any time. THE INFORMATION IN THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING WITHOUT ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OR CONDITION OF NON-INFRINGEMENT. IBM products are warranted according to the terms and conditions of the agreements under which they are provided. 
The client is responsible for ensuring compliance with laws and regulations applicable to it. IBM does not provide legal advice or represent or warrant that its services or products will ensure that the client is in compliance with any law or regulation. 
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. 
1 IBM Security Services 2014 Cyber Security Intelligence Index, 
April 2014. 
2,3 2014 Cost of Data Breach Study: Global Analysis, Ponemon Institute, May 2014. 
4 2012 Global Reputational Risk & IT Study, IBM. 
5 IBM Security Services 2014 Cyber Security Intelligence Index, 
April 2014. 
6 IBM Security Services 2014 Cyber Security Intelligence Index, June 2013, IBM Security Services 2014 Cyber Security Intelligence Index, April 2014. 
Please RecycleSEW03042-USEN-00

Contenu connexe

Tendances

2018 State of Cyber Resilience for Insurance
2018 State of Cyber Resilience for Insurance2018 State of Cyber Resilience for Insurance
2018 State of Cyber Resilience for InsuranceAccenture Insurance
 
2013 Incident Response Survey
2013 Incident Response Survey2013 Incident Response Survey
2013 Incident Response SurveyFireEye, Inc.
 
Whitepaper | Cyber resilience in the age of digital transformation
Whitepaper | Cyber resilience in the age of digital transformationWhitepaper | Cyber resilience in the age of digital transformation
Whitepaper | Cyber resilience in the age of digital transformationNexon Asia Pacific
 
White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite  defining and understanding risk in the moder...White paper cyber risk appetite  defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...balejandre
 
Executive Summary of the 2016 Scalar Security Study
Executive Summary of the 2016 Scalar Security StudyExecutive Summary of the 2016 Scalar Security Study
Executive Summary of the 2016 Scalar Security StudyScalar Decisions
 
How to Establish a Cyber Security Readiness Program
How to Establish a Cyber Security Readiness ProgramHow to Establish a Cyber Security Readiness Program
How to Establish a Cyber Security Readiness ProgramMatt Moneypenny
 
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)Sarah Jarvis
 
Data security: How a proactive C-suite can reduce cyber-risk for the enterprise
Data security: How a proactive C-suite can reduce cyber-risk for the enterpriseData security: How a proactive C-suite can reduce cyber-risk for the enterprise
Data security: How a proactive C-suite can reduce cyber-risk for the enterpriseThe Economist Media Businesses
 
Best practices for_implementing_security_awareness_training
Best practices for_implementing_security_awareness_trainingBest practices for_implementing_security_awareness_training
Best practices for_implementing_security_awareness_trainingwardell henley
 
Cybersecurity in the Boardroom
Cybersecurity in the BoardroomCybersecurity in the Boardroom
Cybersecurity in the BoardroomMarko Suswanto
 
IT Executive Guide to Security Intelligence
IT Executive Guide to Security IntelligenceIT Executive Guide to Security Intelligence
IT Executive Guide to Security IntelligencethinkASG
 
Kaspersky: Global IT Security Risks
Kaspersky: Global IT Security RisksKaspersky: Global IT Security Risks
Kaspersky: Global IT Security RisksConstantin Cocioaba
 
Cyber Security Planning: Preparing for a Data Breach
Cyber Security Planning: Preparing for a Data BreachCyber Security Planning: Preparing for a Data Breach
Cyber Security Planning: Preparing for a Data BreachFletcher Media
 
2017 cost of cyber crime study accenture
2017 cost of cyber crime study   accenture2017 cost of cyber crime study   accenture
2017 cost of cyber crime study accenturejob Titri company
 
HSN Risk Assessment Report
HSN Risk Assessment ReportHSN Risk Assessment Report
HSN Risk Assessment ReportBelinda Edwards
 
The 4 Challenges of Managing Privacy Incident Response
The 4 Challenges of Managing Privacy Incident ResponseThe 4 Challenges of Managing Privacy Incident Response
The 4 Challenges of Managing Privacy Incident ResponseElizabeth Dimit
 
A CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementA CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementDaren Dunkel
 

Tendances (20)

2018 State of Cyber Resilience for Insurance
2018 State of Cyber Resilience for Insurance2018 State of Cyber Resilience for Insurance
2018 State of Cyber Resilience for Insurance
 
2013 Incident Response Survey
2013 Incident Response Survey2013 Incident Response Survey
2013 Incident Response Survey
 
Outsourcing
OutsourcingOutsourcing
Outsourcing
 
Whitepaper | Cyber resilience in the age of digital transformation
Whitepaper | Cyber resilience in the age of digital transformationWhitepaper | Cyber resilience in the age of digital transformation
Whitepaper | Cyber resilience in the age of digital transformation
 
White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite  defining and understanding risk in the moder...White paper cyber risk appetite  defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...
 
Executive Summary of the 2016 Scalar Security Study
Executive Summary of the 2016 Scalar Security StudyExecutive Summary of the 2016 Scalar Security Study
Executive Summary of the 2016 Scalar Security Study
 
How to Establish a Cyber Security Readiness Program
How to Establish a Cyber Security Readiness ProgramHow to Establish a Cyber Security Readiness Program
How to Establish a Cyber Security Readiness Program
 
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
SYMANTEC_DELOITTE_PARTNERSHIP-UK (3)
 
2017 global-cyber-risk-transfer-report-final
2017 global-cyber-risk-transfer-report-final2017 global-cyber-risk-transfer-report-final
2017 global-cyber-risk-transfer-report-final
 
Data security: How a proactive C-suite can reduce cyber-risk for the enterprise
Data security: How a proactive C-suite can reduce cyber-risk for the enterpriseData security: How a proactive C-suite can reduce cyber-risk for the enterprise
Data security: How a proactive C-suite can reduce cyber-risk for the enterprise
 
Best practices for_implementing_security_awareness_training
Best practices for_implementing_security_awareness_trainingBest practices for_implementing_security_awareness_training
Best practices for_implementing_security_awareness_training
 
Cybersecurity in the Boardroom
Cybersecurity in the BoardroomCybersecurity in the Boardroom
Cybersecurity in the Boardroom
 
IT Executive Guide to Security Intelligence
IT Executive Guide to Security IntelligenceIT Executive Guide to Security Intelligence
IT Executive Guide to Security Intelligence
 
Kaspersky: Global IT Security Risks
Kaspersky: Global IT Security RisksKaspersky: Global IT Security Risks
Kaspersky: Global IT Security Risks
 
Cyber Security Planning: Preparing for a Data Breach
Cyber Security Planning: Preparing for a Data BreachCyber Security Planning: Preparing for a Data Breach
Cyber Security Planning: Preparing for a Data Breach
 
2017 cost of cyber crime study accenture
2017 cost of cyber crime study   accenture2017 cost of cyber crime study   accenture
2017 cost of cyber crime study accenture
 
Cost of Cybercrime 2017
Cost of Cybercrime 2017Cost of Cybercrime 2017
Cost of Cybercrime 2017
 
HSN Risk Assessment Report
HSN Risk Assessment ReportHSN Risk Assessment Report
HSN Risk Assessment Report
 
The 4 Challenges of Managing Privacy Incident Response
The 4 Challenges of Managing Privacy Incident ResponseThe 4 Challenges of Managing Privacy Incident Response
The 4 Challenges of Managing Privacy Incident Response
 
A CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementA CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk Management
 

En vedette

Preventing Deceased Identity Theft
Preventing Deceased Identity TheftPreventing Deceased Identity Theft
Preventing Deceased Identity Theft- Mark - Fullbright
 
Small Businesses: Tips to Avoiding Fraudulent Chargebacks
Small Businesses: Tips to Avoiding Fraudulent ChargebacksSmall Businesses: Tips to Avoiding Fraudulent Chargebacks
Small Businesses: Tips to Avoiding Fraudulent Chargebacks- Mark - Fullbright
 
Identity Theft - Proactive / Reactive First Steps
Identity Theft - Proactive / Reactive First Steps Identity Theft - Proactive / Reactive First Steps
Identity Theft - Proactive / Reactive First Steps - Mark - Fullbright
 
Consumer Sentinel Data Book 2015
Consumer Sentinel Data Book 2015Consumer Sentinel Data Book 2015
Consumer Sentinel Data Book 2015- Mark - Fullbright
 

En vedette (7)

Cable Flipping
Cable FlippingCable Flipping
Cable Flipping
 
Business Identity Theft
Business Identity TheftBusiness Identity Theft
Business Identity Theft
 
Preventing Deceased Identity Theft
Preventing Deceased Identity TheftPreventing Deceased Identity Theft
Preventing Deceased Identity Theft
 
Small Businesses: Tips to Avoiding Fraudulent Chargebacks
Small Businesses: Tips to Avoiding Fraudulent ChargebacksSmall Businesses: Tips to Avoiding Fraudulent Chargebacks
Small Businesses: Tips to Avoiding Fraudulent Chargebacks
 
KNOW YOUR RIGHTS
KNOW YOUR RIGHTSKNOW YOUR RIGHTS
KNOW YOUR RIGHTS
 
Identity Theft - Proactive / Reactive First Steps
Identity Theft - Proactive / Reactive First Steps Identity Theft - Proactive / Reactive First Steps
Identity Theft - Proactive / Reactive First Steps
 
Consumer Sentinel Data Book 2015
Consumer Sentinel Data Book 2015Consumer Sentinel Data Book 2015
Consumer Sentinel Data Book 2015
 

Similaire à Before the Breach: Using threat intelligence to stop attackers in their tracks

Cyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of CybercrimeCyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of CybercrimeNishantSisodiya
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperCMR WORLD TECH
 
Insuring your future: Cybersecurity and the insurance industry
Insuring your future: Cybersecurity and the insurance industryInsuring your future: Cybersecurity and the insurance industry
Insuring your future: Cybersecurity and the insurance industryAccenture Insurance
 
Under cyber attack: EY's Global information security survey 2013
Under cyber attack: EY's Global information security survey 2013Under cyber attack: EY's Global information security survey 2013
Under cyber attack: EY's Global information security survey 2013EY
 
Intelligence-Driven Fraud Prevention
Intelligence-Driven Fraud PreventionIntelligence-Driven Fraud Prevention
Intelligence-Driven Fraud PreventionEMC
 
Protecting the brand—cyber-attacks and the reputation of the enterprise
Protecting the brand—cyber-attacks and the reputation of the enterprise Protecting the brand—cyber-attacks and the reputation of the enterprise
Protecting the brand—cyber-attacks and the reputation of the enterprise The Economist Media Businesses
 
InformationSecurity_11141
InformationSecurity_11141InformationSecurity_11141
InformationSecurity_11141sraina2
 
2016 Scalar Security Study Executive Summary
2016 Scalar Security Study Executive Summary2016 Scalar Security Study Executive Summary
2016 Scalar Security Study Executive Summarypatmisasi
 
The challenges of Retail Security
The challenges of Retail SecurityThe challenges of Retail Security
The challenges of Retail SecurityIBM Software India
 
Mobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementMobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementDMIMarketing
 
Risk & Advisory Services: Quarterly Risk Advisor Nov. 2015
Risk & Advisory Services: Quarterly Risk Advisor Nov. 2015Risk & Advisory Services: Quarterly Risk Advisor Nov. 2015
Risk & Advisory Services: Quarterly Risk Advisor Nov. 2015CBIZ, Inc.
 
5 Steps to Mobile Risk Management
5 Steps to Mobile Risk Management5 Steps to Mobile Risk Management
5 Steps to Mobile Risk ManagementDMIMarketing
 
Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONS
Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONSCybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONS
Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONSRandall Chase
 
Managed security services for financial services firms
Managed security services for financial services firmsManaged security services for financial services firms
Managed security services for financial services firmsJake Weaver
 
ZoomLens - Loveland, Subramanian -Tackling Info Risk
ZoomLens - Loveland, Subramanian -Tackling Info RiskZoomLens - Loveland, Subramanian -Tackling Info Risk
ZoomLens - Loveland, Subramanian -Tackling Info RiskJohn Loveland
 
Threat Intelligen.pptx
Threat Intelligen.pptxThreat Intelligen.pptx
Threat Intelligen.pptxCompanySeceon
 
managed-security-for-a-not-so-secure-world-wp090991
managed-security-for-a-not-so-secure-world-wp090991managed-security-for-a-not-so-secure-world-wp090991
managed-security-for-a-not-so-secure-world-wp090991Jim Romeo
 

Similaire à Before the Breach: Using threat intelligence to stop attackers in their tracks (20)

Cyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of CybercrimeCyber Threat Intelligence − How to Get Ahead of Cybercrime
Cyber Threat Intelligence − How to Get Ahead of Cybercrime
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaper
 
IBM Security Services
IBM Security ServicesIBM Security Services
IBM Security Services
 
MP_OneSheet_VulnThreat
MP_OneSheet_VulnThreatMP_OneSheet_VulnThreat
MP_OneSheet_VulnThreat
 
Insuring your future: Cybersecurity and the insurance industry
Insuring your future: Cybersecurity and the insurance industryInsuring your future: Cybersecurity and the insurance industry
Insuring your future: Cybersecurity and the insurance industry
 
Ey giss-under-cyber-attack
Ey giss-under-cyber-attackEy giss-under-cyber-attack
Ey giss-under-cyber-attack
 
Under cyber attack: EY's Global information security survey 2013
Under cyber attack: EY's Global information security survey 2013Under cyber attack: EY's Global information security survey 2013
Under cyber attack: EY's Global information security survey 2013
 
Intelligence-Driven Fraud Prevention
Intelligence-Driven Fraud PreventionIntelligence-Driven Fraud Prevention
Intelligence-Driven Fraud Prevention
 
Protecting the brand—cyber-attacks and the reputation of the enterprise
Protecting the brand—cyber-attacks and the reputation of the enterprise Protecting the brand—cyber-attacks and the reputation of the enterprise
Protecting the brand—cyber-attacks and the reputation of the enterprise
 
InformationSecurity_11141
InformationSecurity_11141InformationSecurity_11141
InformationSecurity_11141
 
2016 Scalar Security Study Executive Summary
2016 Scalar Security Study Executive Summary2016 Scalar Security Study Executive Summary
2016 Scalar Security Study Executive Summary
 
The challenges of Retail Security
The challenges of Retail SecurityThe challenges of Retail Security
The challenges of Retail Security
 
Mobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk ManagementMobile Security: 5 Steps to Mobile Risk Management
Mobile Security: 5 Steps to Mobile Risk Management
 
Risk & Advisory Services: Quarterly Risk Advisor Nov. 2015
Risk & Advisory Services: Quarterly Risk Advisor Nov. 2015Risk & Advisory Services: Quarterly Risk Advisor Nov. 2015
Risk & Advisory Services: Quarterly Risk Advisor Nov. 2015
 
5 Steps to Mobile Risk Management
5 Steps to Mobile Risk Management5 Steps to Mobile Risk Management
5 Steps to Mobile Risk Management
 
Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONS
Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONSCybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONS
Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONS
 
Managed security services for financial services firms
Managed security services for financial services firmsManaged security services for financial services firms
Managed security services for financial services firms
 
ZoomLens - Loveland, Subramanian -Tackling Info Risk
ZoomLens - Loveland, Subramanian -Tackling Info RiskZoomLens - Loveland, Subramanian -Tackling Info Risk
ZoomLens - Loveland, Subramanian -Tackling Info Risk
 
Threat Intelligen.pptx
Threat Intelligen.pptxThreat Intelligen.pptx
Threat Intelligen.pptx
 
managed-security-for-a-not-so-secure-world-wp090991
managed-security-for-a-not-so-secure-world-wp090991managed-security-for-a-not-so-secure-world-wp090991
managed-security-for-a-not-so-secure-world-wp090991
 

Plus de - Mark - Fullbright

ISTR Internet Security Threat Report 2019
ISTR Internet Security Threat Report 2019ISTR Internet Security Threat Report 2019
ISTR Internet Security Threat Report 2019- Mark - Fullbright
 
2020 Data Breach Investigations Report (DBIR)
2020 Data Breach Investigations Report (DBIR)2020 Data Breach Investigations Report (DBIR)
2020 Data Breach Investigations Report (DBIR)- Mark - Fullbright
 
Consumer Sentinel Network Data Book 2019
Consumer Sentinel Network Data Book 2019Consumer Sentinel Network Data Book 2019
Consumer Sentinel Network Data Book 2019- Mark - Fullbright
 
CFPB Consumer Reporting Companies 2019
CFPB Consumer Reporting Companies 2019CFPB Consumer Reporting Companies 2019
CFPB Consumer Reporting Companies 2019- Mark - Fullbright
 
Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...
Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...
Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...- Mark - Fullbright
 
2019 Data Breach Investigations Report (DBIR)
2019 Data Breach Investigations Report (DBIR)2019 Data Breach Investigations Report (DBIR)
2019 Data Breach Investigations Report (DBIR)- Mark - Fullbright
 
2018 Privacy & Data Security Report
2018 Privacy & Data Security Report2018 Privacy & Data Security Report
2018 Privacy & Data Security Report- Mark - Fullbright
 
Consumer Sentinel Network Data Book 2018
Consumer Sentinel Network Data Book 2018 Consumer Sentinel Network Data Book 2018
Consumer Sentinel Network Data Book 2018 - Mark - Fullbright
 
The Geography of Medical Identity Theft
The Geography of Medical Identity TheftThe Geography of Medical Identity Theft
The Geography of Medical Identity Theft- Mark - Fullbright
 
Consumer Sentinel Data Book 2017
Consumer Sentinel Data Book 2017Consumer Sentinel Data Book 2017
Consumer Sentinel Data Book 2017- Mark - Fullbright
 
Protecting Personal Information: A Guide for Business
Protecting Personal Information: A Guide for BusinessProtecting Personal Information: A Guide for Business
Protecting Personal Information: A Guide for Business- Mark - Fullbright
 
Data Breach Response: A Guide for Business
Data Breach Response: A Guide for BusinessData Breach Response: A Guide for Business
Data Breach Response: A Guide for Business- Mark - Fullbright
 
2017 Data Breach Investigations Report
2017 Data Breach Investigations Report2017 Data Breach Investigations Report
2017 Data Breach Investigations Report- Mark - Fullbright
 
Consumer Sentinel Network Data Book for January 2016 - December 2016
Consumer Sentinel Network Data Book for January 2016 - December 2016Consumer Sentinel Network Data Book for January 2016 - December 2016
Consumer Sentinel Network Data Book for January 2016 - December 2016- Mark - Fullbright
 

Plus de - Mark - Fullbright (20)

ISTR Internet Security Threat Report 2019
ISTR Internet Security Threat Report 2019ISTR Internet Security Threat Report 2019
ISTR Internet Security Threat Report 2019
 
IC3 2019 Internet Crime Report
IC3 2019 Internet Crime ReportIC3 2019 Internet Crime Report
IC3 2019 Internet Crime Report
 
Police, Protesters, Press, 2020
Police, Protesters, Press, 2020Police, Protesters, Press, 2020
Police, Protesters, Press, 2020
 
2020 Data Breach Investigations Report (DBIR)
2020 Data Breach Investigations Report (DBIR)2020 Data Breach Investigations Report (DBIR)
2020 Data Breach Investigations Report (DBIR)
 
FCPA Guidance 2020
FCPA Guidance 2020FCPA Guidance 2020
FCPA Guidance 2020
 
Consumer Sentinel Network Data Book 2019
Consumer Sentinel Network Data Book 2019Consumer Sentinel Network Data Book 2019
Consumer Sentinel Network Data Book 2019
 
CFPB Consumer Reporting Companies 2019
CFPB Consumer Reporting Companies 2019CFPB Consumer Reporting Companies 2019
CFPB Consumer Reporting Companies 2019
 
Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...
Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...
Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...
 
2018 IC3 Report
2018 IC3 Report2018 IC3 Report
2018 IC3 Report
 
2019 Data Breach Investigations Report (DBIR)
2019 Data Breach Investigations Report (DBIR)2019 Data Breach Investigations Report (DBIR)
2019 Data Breach Investigations Report (DBIR)
 
2018 Privacy & Data Security Report
2018 Privacy & Data Security Report2018 Privacy & Data Security Report
2018 Privacy & Data Security Report
 
Consumer Sentinel Network Data Book 2018
Consumer Sentinel Network Data Book 2018 Consumer Sentinel Network Data Book 2018
Consumer Sentinel Network Data Book 2018
 
Credit Score Explainer
Credit Score ExplainerCredit Score Explainer
Credit Score Explainer
 
The Geography of Medical Identity Theft
The Geography of Medical Identity TheftThe Geography of Medical Identity Theft
The Geography of Medical Identity Theft
 
Consumer Sentinel Data Book 2017
Consumer Sentinel Data Book 2017Consumer Sentinel Data Book 2017
Consumer Sentinel Data Book 2017
 
Protecting Personal Information: A Guide for Business
Protecting Personal Information: A Guide for BusinessProtecting Personal Information: A Guide for Business
Protecting Personal Information: A Guide for Business
 
Data Breach Response: A Guide for Business
Data Breach Response: A Guide for BusinessData Breach Response: A Guide for Business
Data Breach Response: A Guide for Business
 
2017 Data Breach Investigations Report
2017 Data Breach Investigations Report2017 Data Breach Investigations Report
2017 Data Breach Investigations Report
 
Consumer Sentinel Network Data Book for January 2016 - December 2016
Consumer Sentinel Network Data Book for January 2016 - December 2016Consumer Sentinel Network Data Book for January 2016 - December 2016
Consumer Sentinel Network Data Book for January 2016 - December 2016
 
DATA BREACH CHARTS
DATA BREACH CHARTSDATA BREACH CHARTS
DATA BREACH CHARTS
 

Dernier

Practical Research 1: Lesson 8 Writing the Thesis Statement.pptx
Practical Research 1: Lesson 8 Writing the Thesis Statement.pptxPractical Research 1: Lesson 8 Writing the Thesis Statement.pptx
Practical Research 1: Lesson 8 Writing the Thesis Statement.pptxKatherine Villaluna
 
Presentation on the Basics of Writing. Writing a Paragraph
Presentation on the Basics of Writing. Writing a ParagraphPresentation on the Basics of Writing. Writing a Paragraph
Presentation on the Basics of Writing. Writing a ParagraphNetziValdelomar1
 
Philosophy of Education and Educational Philosophy
Philosophy of Education  and Educational PhilosophyPhilosophy of Education  and Educational Philosophy
Philosophy of Education and Educational PhilosophyShuvankar Madhu
 
3.21.24 The Origins of Black Power.pptx
3.21.24  The Origins of Black Power.pptx3.21.24  The Origins of Black Power.pptx
3.21.24 The Origins of Black Power.pptxmary850239
 
CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 11 - GLOBAL SUCCESS - NĂM HỌC 2023-2024 - HK...
CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 11 - GLOBAL SUCCESS - NĂM HỌC 2023-2024 - HK...CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 11 - GLOBAL SUCCESS - NĂM HỌC 2023-2024 - HK...
CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 11 - GLOBAL SUCCESS - NĂM HỌC 2023-2024 - HK...Nguyen Thanh Tu Collection
 
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRADUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRATanmoy Mishra
 
How to Solve Singleton Error in the Odoo 17
How to Solve Singleton Error in the  Odoo 17How to Solve Singleton Error in the  Odoo 17
How to Solve Singleton Error in the Odoo 17Celine George
 
How to Add Existing Field in One2Many Tree View in Odoo 17
How to Add Existing Field in One2Many Tree View in Odoo 17How to Add Existing Field in One2Many Tree View in Odoo 17
How to Add Existing Field in One2Many Tree View in Odoo 17Celine George
 
P4C x ELT = P4ELT: Its Theoretical Background (Kanazawa, 2024 March).pdf
P4C x ELT = P4ELT: Its Theoretical Background (Kanazawa, 2024 March).pdfP4C x ELT = P4ELT: Its Theoretical Background (Kanazawa, 2024 March).pdf
P4C x ELT = P4ELT: Its Theoretical Background (Kanazawa, 2024 March).pdfYu Kanazawa / Osaka University
 
How to Add a New Field in Existing Kanban View in Odoo 17
How to Add a New Field in Existing Kanban View in Odoo 17How to Add a New Field in Existing Kanban View in Odoo 17
How to Add a New Field in Existing Kanban View in Odoo 17Celine George
 
M-2- General Reactions of amino acids.pptx
M-2- General Reactions of amino acids.pptxM-2- General Reactions of amino acids.pptx
M-2- General Reactions of amino acids.pptxDr. Santhosh Kumar. N
 
The basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptxThe basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptxheathfieldcps1
 
General views of Histopathology and step
General views of Histopathology and stepGeneral views of Histopathology and step
General views of Histopathology and stepobaje godwin sunday
 
In - Vivo and In - Vitro Correlation.pptx
In - Vivo and In - Vitro Correlation.pptxIn - Vivo and In - Vitro Correlation.pptx
In - Vivo and In - Vitro Correlation.pptxAditiChauhan701637
 
AUDIENCE THEORY -- FANDOM -- JENKINS.pptx
AUDIENCE THEORY -- FANDOM -- JENKINS.pptxAUDIENCE THEORY -- FANDOM -- JENKINS.pptx
AUDIENCE THEORY -- FANDOM -- JENKINS.pptxiammrhaywood
 
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptxClinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptxraviapr7
 
How to Make a Field read-only in Odoo 17
How to Make a Field read-only in Odoo 17How to Make a Field read-only in Odoo 17
How to Make a Field read-only in Odoo 17Celine George
 
How to Manage Cross-Selling in Odoo 17 Sales
How to Manage Cross-Selling in Odoo 17 SalesHow to Manage Cross-Selling in Odoo 17 Sales
How to Manage Cross-Selling in Odoo 17 SalesCeline George
 
Patient Counselling. Definition of patient counseling; steps involved in pati...
Patient Counselling. Definition of patient counseling; steps involved in pati...Patient Counselling. Definition of patient counseling; steps involved in pati...
Patient Counselling. Definition of patient counseling; steps involved in pati...raviapr7
 
Benefits & Challenges of Inclusive Education
Benefits & Challenges of Inclusive EducationBenefits & Challenges of Inclusive Education
Benefits & Challenges of Inclusive EducationMJDuyan
 

Dernier (20)

Practical Research 1: Lesson 8 Writing the Thesis Statement.pptx
Practical Research 1: Lesson 8 Writing the Thesis Statement.pptxPractical Research 1: Lesson 8 Writing the Thesis Statement.pptx
Practical Research 1: Lesson 8 Writing the Thesis Statement.pptx
 
Presentation on the Basics of Writing. Writing a Paragraph
Presentation on the Basics of Writing. Writing a ParagraphPresentation on the Basics of Writing. Writing a Paragraph
Presentation on the Basics of Writing. Writing a Paragraph
 
Philosophy of Education and Educational Philosophy
Philosophy of Education  and Educational PhilosophyPhilosophy of Education  and Educational Philosophy
Philosophy of Education and Educational Philosophy
 
3.21.24 The Origins of Black Power.pptx
3.21.24  The Origins of Black Power.pptx3.21.24  The Origins of Black Power.pptx
3.21.24 The Origins of Black Power.pptx
 
CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 11 - GLOBAL SUCCESS - NĂM HỌC 2023-2024 - HK...
CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 11 - GLOBAL SUCCESS - NĂM HỌC 2023-2024 - HK...CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 11 - GLOBAL SUCCESS - NĂM HỌC 2023-2024 - HK...
CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 11 - GLOBAL SUCCESS - NĂM HỌC 2023-2024 - HK...
 
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRADUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
 
How to Solve Singleton Error in the Odoo 17
How to Solve Singleton Error in the  Odoo 17How to Solve Singleton Error in the  Odoo 17
How to Solve Singleton Error in the Odoo 17
 
How to Add Existing Field in One2Many Tree View in Odoo 17
How to Add Existing Field in One2Many Tree View in Odoo 17How to Add Existing Field in One2Many Tree View in Odoo 17
How to Add Existing Field in One2Many Tree View in Odoo 17
 
P4C x ELT = P4ELT: Its Theoretical Background (Kanazawa, 2024 March).pdf
P4C x ELT = P4ELT: Its Theoretical Background (Kanazawa, 2024 March).pdfP4C x ELT = P4ELT: Its Theoretical Background (Kanazawa, 2024 March).pdf
P4C x ELT = P4ELT: Its Theoretical Background (Kanazawa, 2024 March).pdf
 
How to Add a New Field in Existing Kanban View in Odoo 17
How to Add a New Field in Existing Kanban View in Odoo 17How to Add a New Field in Existing Kanban View in Odoo 17
How to Add a New Field in Existing Kanban View in Odoo 17
 
M-2- General Reactions of amino acids.pptx
M-2- General Reactions of amino acids.pptxM-2- General Reactions of amino acids.pptx
M-2- General Reactions of amino acids.pptx
 
The basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptxThe basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptx
 
General views of Histopathology and step
General views of Histopathology and stepGeneral views of Histopathology and step
General views of Histopathology and step
 
In - Vivo and In - Vitro Correlation.pptx
In - Vivo and In - Vitro Correlation.pptxIn - Vivo and In - Vitro Correlation.pptx
In - Vivo and In - Vitro Correlation.pptx
 
AUDIENCE THEORY -- FANDOM -- JENKINS.pptx
AUDIENCE THEORY -- FANDOM -- JENKINS.pptxAUDIENCE THEORY -- FANDOM -- JENKINS.pptx
AUDIENCE THEORY -- FANDOM -- JENKINS.pptx
 
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptxClinical Pharmacy  Introduction to Clinical Pharmacy, Concept of clinical pptx
Clinical Pharmacy Introduction to Clinical Pharmacy, Concept of clinical pptx
 
How to Make a Field read-only in Odoo 17
How to Make a Field read-only in Odoo 17How to Make a Field read-only in Odoo 17
How to Make a Field read-only in Odoo 17
 
How to Manage Cross-Selling in Odoo 17 Sales
How to Manage Cross-Selling in Odoo 17 SalesHow to Manage Cross-Selling in Odoo 17 Sales
How to Manage Cross-Selling in Odoo 17 Sales
 
Patient Counselling. Definition of patient counseling; steps involved in pati...
Patient Counselling. Definition of patient counseling; steps involved in pati...Patient Counselling. Definition of patient counseling; steps involved in pati...
Patient Counselling. Definition of patient counseling; steps involved in pati...
 
Benefits & Challenges of Inclusive Education
Benefits & Challenges of Inclusive EducationBenefits & Challenges of Inclusive Education
Benefits & Challenges of Inclusive Education
 

Before the Breach: Using threat intelligence to stop attackers in their tracks

  • 1. Before the breach Using threat intelligence to stop attackers in their tracks IBM Global Technology Services White Paper Managed Security Services
  • 2. 2 Before the breach Data breaches happen. They happen to big companies and small companies, government agencies and nonprofit organizations, hospitals and hotels. They happen every day, everywhere and under virtually every kind of circumstance you can imagine. And there’s no reason to believe that they’re going to stop happening anytime soon. Organized criminals, hacktivists, governments and adversaries are compelled by financial gain, strategic advantage and notoriety to attack your most valuable assets. Their operations are often well funded and businesslike. Attackers patiently evaluate targets based on potential effort and reward. They use social media and other entry points to track down people with access, take advantage of trust and exploit them as vulnerabilities. At the same time, negligent employees can inadvertently put the business at risk as the result of simple human error. IBM’s global monitoring operations and analysts have determined that the average company experienced more than 91 million security events in 2013 (see Figure 1)—a 12 percent increase over 2012. That reflects the continued worldwide growth of data, networks, applications and the new technology and innovations they support. It also reflects a growing number of targets for potential attacks.1 Figure 1. Security intelligence makes it possible to reduce the millions of security events detected annually in any one of our clients’ systems to an average of 16,900 attacks—and under 110 incidents—in a single organization over the course of a year. Security events, attacks and incidents for 2013 Security events Annual 91,765,453 Monthly 7,647,121 Weekly 1,764,720 Security attacks Annual 16,856 Monthly 1,405 Weekly 324 Security incidents Annual 109 Monthly 9 Weekly 2 Security Intelligence Correlation and analytics tools Security Intelligence IBM security analysts
  • 3. IBM Global Technology Services 3 The damage can be severe If consumers lose faith in a company’s ability to keep their personal data safe, that company can ultimately lose customers. In some cases, they can lose intellectual property. And they most certainly stand to lose money. By one estimate, the average cost of a single breach is more than $3.5 million.2 Taking the cost factor one step further, it’s also estimated that each lost data record costs companies an average of $145.3 In other words: • A major retailer with millions of leaked credit cards could face more than $1 billion in direct costs, including fines. • A university that leaked 40,000 records could suffer over $5.4 million in losses. Unfortunately, security investments—and approaches—of the past may fail to protect against the highly sophisticated attacks we’re seeing today. As a result, more severe security breaches are taking place more often—and gaining more negative attention in the media. In fact, public reaction to these breaches has led 61 percent of organizations to say that data theft and cybercrime are the greatest threats to their reputation.4 The sobering truth is, threats and attacker strategies are advancing at a pace that most enterprises are unable to match. What’s more, sophisticated attackers can continue to steal valuable data for months—or even years—before they’re even detected. Know your enemy When it comes to sophisticated attacks, there’s little doubt that the attacker has the advantage. Because while you’re busy trying to deploy your limited resources in defense of whatever attacks may come your way, attackers have the “luxury” of being able to zero in on a specific target or set of targets. They can choose to devote all their energy and resources to finding your vulnerabilities and exploiting them. We all know that to protect your organization’s data, you need to have the right security strategy, technology, policies, and operations in place. But it’s become increasingly clear that access to the right information and intelligence may be the most important thing you need to help level the playing field against today’s attackers. With up-to-date intelligence about current and future threats, and a real understanding of how well your security strategy stands up to these threats, you’re in a better position to manage your defenses, reduce risk and make smarter investments. Threat intelligence transforms the technical analysis required to identify the symptoms of an attack—such as malware and security events—into an understanding of who the attackers are and what their motives and capabilities may be. Armed with that information, you can gain the insight necessary to develop a proactive stance that makes it more difficult for attackers to succeed.
  • 4. 4 Before the breach In other words, you can use information about the threats themselves to help manage risk. Taking advantage of threat intelligence to help prioritize your security controls can help you identify the latest attacks more quickly and increase the speed with which you’re able to respond to an incident. Where should you start? If your organization is like most others today, you’ve probably got at least a basic security strategy in place—along with at least some defensive measures designed to keep outsiders out. But there are lots of ways to look at IT security and plenty of areas that can be of particular concern, making it virtually impossible to gather information on everything going in and out of your organization. So before you start thinking seriously about threat intelligence, you need to set your priorities. A good way to start is by answering the following questions: • Which assets do you need to protect most? Customer data? Intellectual property? Financial and personal profiles of your organization’s leaders? • Where in your organization would a security incident be likely to do the most damage? • What kind of attack would hurt you the most? It’s no coincidence that these are the very same questions an attacker might ask about you. That’s precisely why understanding attackers and their motivations is so critical to protecting your assets. Next, you need to determine where you are now on the IT security continuum and where you want to end up. For example, just about every organization today maintains some type of process for handling security-related software updates. But you may not be doing much in the way of vulnerability assessment, possibly because you don’t have the resources—in terms of time, budget or people—to identify your exposures or set priorities for eliminating them. Or, if you’re already on board with assessing and prioritizing your vulnerabilities, you may also have a SIEM (security information and event management) system in place. You do? Then what are you doing with the monitoring data you’re collecting? Do you know which specific types of events should be cause for further investigation? You can improve your chances of detecting possible problems if you combine your SIEM findings with threat intelligence on the actors, tactics, tools and practices that are mostly likely to hurt your organization. This is the type of intelligence that can allow you to spot the signs that an attack may be under way. And armed with that evidence, you can begin to take action well before an actual breach occurs. Events, attacks and incidents defined Security event: An event on a system or network detected by a security device or application. Security attack: A security event that has been identified by correlation and analytics tools as malicious activity that is attempting to collect, disrupt, deny, degrade or destroy information system resources or the information itself. Security incident: An attack or security event that has been reviewed by security analysts and deemed worthy of deeper investigation.
  • 5. IBM Global Technology Services 5 Set priorities that make sense for your situation It’s likely that your cyber security priorities will mirror many of the threats currently facing your particular industry. Recent reports show that the same five industries have topped the list of those struck by the most incidents over the past two years,5 with the same two continuing to hold the top spots (see Figure 2). Those two accounted for nearly half of each year’s security incidents among the data collected. The only difference is that they swapped places in 2013. It’s likely that these two industries will continue to battle for the number one target spot in the years to come, since a breach in either one can result in both major business disruption and big paydays for successful cyber criminals. Figure 2. The finance and manufacturing industries continue to offer attackers the most significant potential payoff.6 Retail and wholesale 26.5% 23.8% 20.9% 21.7% 2012 2013 18.7% 18.6% 7.3% 6.2% 6.6% 5.8% Finance and insurance Manufacturing Information and communication Health and social services Retail and wholesale Finance and insurance Manufacturing Information and communication Health and social services Incident rates across monitored industries
  • 6. 6 Before the breach Moving down the list, the two industries occupying fourth and fifth place have also swapped places—although together they accounted for 12 percent of the incidents in 2013, compared to 14 percent in 2012. Both the retail and health services industries deal directly with consumers, meaning they both have high visibility and access to a huge number of potential victims. To see what it means to set priorities for threat intelligence, here’s a look at how companies in those top five industries might go about setting theirs. In the finance and insurance industry—where business is all about handling sensitive customer and financial data— governance and compliance issues play a dominant role in determining security priorities. But threat intelligence priorities need to go beyond a “checking the boxes” mentality, which tends to focus on avoiding intrusions by patching software and servers, enforcing identity and access management policies and other similar programs. A sensible approach to developing threat intelligence priorities for the finance and insurance industry might include: • Access to current insight into known threats and attack techniques that target financial businesses • Monitoring access to tangible asset data for evidence of anomalies that might indicate fraud or criminal activity, and increasing the priority of alerts correlated to known threat techniques • Regular and proactive assessments of security risks— including analysis of high-value resources for vulnerability to known and emerging attack techniques—and identification of highest priority issues, to help focus risk mitigation efforts In the manufacturing industry intellectual property remains the prized catch for attackers. Product designs, manufacturing details and business plans for developing and marketing everything from next-generation consumer devices to government-funded aerospace programs are the big targets here. And breaches could result in serious consequences for both the companies involved and public safety. The threat of industrial espionage also makes it important for manufacturers to understand the role that insiders might play as potential attackers, which means their priorities could include: • Tracking types and sources of email that’s been blocked or alerted by email security solutions for correlation with known attackers or threat techniques, such as advanced spearphishing attempts • Reviewing security assessments of issues discovered in product development and fabrication systems to determine which gaps may be exploitable by known and emerging high-priority threats • Penetration testing access to internal file sharing systems, looking for lapses in control that are known to be targeted by threat actors, or for unusual access patterns that could indicate internal threats In the information and communication industry, which includes social media, it’s become increasingly difficult to rein in the exchange of sensitive information across systems, often making the systems themselves the conduit for attacks. While attackers regularly hide in plain sight, they can also hack their way into internal media networks and gain access to
  • 7. IBM Global Technology Services 7 critical financial market data, where they could wreak havoc— undetected—in a matter of minutes. Threat intelligence priorities for information and communication organizations might include: • Correlating detected activity in mission-critical networks with known adversaries or attack techniques that pose a threat to communications systems, their users, or the business-critical processes that depend on them • Watching for anomalies in social media usage such as unusual access to legitimate accounts or activity inconsistent with normal account use, which might indicate account takeover or other exploitations of social media • Content monitoring to detect the compromise of legitimate web properties to propagate “drive by” malware downloads, or to discover integrated third party services—such as advertising content—which could be used or hijacked to deliver threat payloads In the retail industry, major security breaches dominated the news in late 2013, revealing the theft of over 110 million credit card records and shining a light on the vulnerability of credit card data. What’s more, those incidents resulted in serious financial and public trust issues for several major retailers. Because credit cards have become a hot commodity on the black market—and their value will likely keep them there for a long time—retailers have an urgent need to know as much as possible about the identity and motives of their attackers. Therefore, a retailer’s priorities could likely include: • Regularly assessing payment processing systems for evidence of vulnerabilities known to be targeted by threat actors and emerging attack techniques, and hardening those systems against the ongoing evolution of attacks revealed by threat actor intelligence • Performing regular gap analysis on payment card industry (PCI) compliance activities to determine whether there are patterns that correspond to known threat activity and merit further exploration • Employing ongoing threat analysis services to help identify potential threats before an attack can take place In the health and social services industry, complex compliance issues, many of which deal with patient and client privacy, are major security concerns. Security breaches could also disrupt the proper functioning of medical technology. Moving on from there, it’s easy to see how a breach could compromise an entire healthcare facility and potentially threaten critical care technology—which could lead to loss of lives. These are some of the reasons why threat intelligence priorities in this industry might include: • Active vulnerability scanning and assessment informed by the latest insight into threat activity for systems handling confidential patent and client data • Regular penetration testing for systems running life-support and medication delivery technologies for assessment of known or emerging threats to health and safety • Investigating SIEM attack data relating to private patient and client records for identification of activity correlated to recognized health, safety or patient/client privacy threats
  • 8. 8 Before the breach Penetration testing with a passion When it comes to setting priorities for threat intelligence—in virtually any industry—you’re likely to find that penetration testing plays an important role. Penetration testing certainly isn’t a new idea. But you might want to consider some new ways to approach it. As we’ve seen over the past few years, attackers are continually becoming more sophisticated, developing new techniques and finding new ways to exploit their targets. That means you need to become more creative in developing your penetration testing plans. First, you and your testing personnel should determine the scope of a realistic test. While most organizations are reluctant to allow a penetration test to disrupt operational systems, attackers rarely share that concern. But system disruption may not be the goal of an attacker who prizes stealth in order to remain hidden—and effective—for as long as possible. A truly effective test doesn’t need to threaten the availability or integrity of business-critical resources. It should, however, reflect an understanding of what an attacker would regard as the most valuable prizes in your organization. Focus on these assets and you’re likely achieve truly actionable results. With that in mind, you probably need to update your image of the “typical” attacker. Today’s attackers are smart, detail-oriented and highly committed to achieving their goals. They’ve broadened their repertoires, going beyond perimeter attacks to include spear phishing, social engineering and even on-site visits, all in the quest for access to an organization’s data. These people are passionate about what they’re doing—which means you need to be equally passionate about finding ways to stop them. Make sure that your penetration testers are driven by the same desire to “break things” as today’s hackers, who revel in the challenge of getting past your security measures. Second, ask your testers to try getting past your own users. Encourage them to send out fake emails and see how many takers they get—or how many users spot the potential scam. Give them your company phone directory and let them pose as members of your IT team, calling employees and asking for their passwords. Or tell them to try gaining access to secure areas by posing as employees or repair crews. The idea is not to embarrass people or point fingers, but to get an honest view of where you may have weak spots. And finally, remember that if at first they don’t succeed at getting what they want, many attackers will simply try again by taking a different approach. So make sure that your testers do the same thing and work all the angles—not just email, or only an on-premises visit, but both, as in a coordinated attack. You may be surprised by what you learn about your vulnerabilities. Still, that’s a lot better than being surprised by a breach.
  • 9. IBM Global Technology Services 9 Conduct your own incident investigation You can learn a lot about your vulnerabilities by carrying out your own incident investigation. In fact, you don’t even need to have a “real” incident to gain valuable insight into the types of vulnerabilities you may be facing. Take advantage of penetration testing to discover software or configuration defects that wouldn’t necessarily show up in a vulnerability assessment that’s looking only for known issues. Penetration testing also lets you gain insight into how a human element might exploit aspects of your security measures. As a result, you can identify gaps in your ability to protect critical assets and see exactly what kind of intrusions your systems can withstand. The journey from compliance to threat management A large international insurance company with over 50,000 employees and more than 900 locations has made considerable progress along its IT security journey over the years. After starting out with basic security audits and compliance activities, and later incorporating a threat- and risk-focused approach, the company is now integrating security into its business strategy. But it’s taken some serious thought and effort to make that happen. A few years ago the company became concerned about a growing problem. They recognized that both internal and external actors could leverage any number of sophisticated attacks against its people, processes and technology. And if successful, those attacks could result in records theft, business disruption, customer dissatisfaction, lost revenue, fraud and a devaluation of the company’s brand. It turned out that the company’s continued use of its earlier security model—which had been designed for compliance, not threat detection—was at the root of the problem. The security system was reporting over 51 million events per hour, which required a manual, resource-intensive process to resolve. Not surprisingly, that led to delays in log collection, reporting and analysis. It ended up taking five full days from the time an attack was first detected until the security analysis could be completed. Needless to say, a lot of damage could occur in five days if any of those events were found to be serious threats. That was when the company asked IBM to help improve the situation. Together they worked to create a new security model focused on threat detection instead of compliance. By developing a new use case-driven tool, they were able to reduce the “noise” generated by so many events. They also shortened the time it took from the moment an attack was detected until action could be taken. Now, instead of taking five days, the entire process is completed in a single day. In addition, they instituted a closed-loop process for incident follow-though and closure. And they began to produce trend information and metrics on relevant threats. The company has found that shifting their focus from audits and compliance to threats and risk required putting the right structures in place to support their new approach and then putting their security and IT teams in a position to support those structures. Finally, they discovered that visibility is key to successful threat management and risk mitigation—which is what’s now allowing them to measure their performance against business priorities.
  • 10. 10 Before the breach Develop a strategy for targeting today’s threats With a security team that’s primed to hunt for attacks and breaches by collecting security-relevant data from multiple sources—and that’s got insight into the practices and tactics of your known adversaries—you can access the information you need to recognize evidence of threats before they surface. And by deploying security intelligence technologies that let you correlate those insights with malicious activity in real time, you can take action to thwart serious threats before they impact your business. You can also take advantage of new and more sophisticated sources of external threat intelligence and expertise—along with a set of newly emerging analytics capabilities and tools—to augment your own knowhow. Why act now? The truth is, your business may be just a keystroke or credit card swipe away from being in the headlines. And that’s just the first reason. Here are a few more: • Criminals will not relent: Once you’re a target, criminals will spend as much time trying to break into your enterprise as you spend on your core business. If you don’t have visibility into attacks as they happen, the criminals will succeed. • Every business is affected: In the past, banks were among the primary targets of cyber criminals. Today, diverse actors move with lightning speed to steal tangible assets, intellectual property, customer information and confidential data across all sectors. • Your perimeter may already have been breached: Recent attacks demonstrate that victims were compromised for months before they discovered it. Assuming that you have already been breached is today’s prudent security posture. Security intelligence technologies let you take action to thwart serious threats before they impact your business.
  • 11. IBM Global Technology Services 11 Why IBM Security? Traditional security defenses are no match for today’s unrelenting, well-funded attackers. And disruptive technologies are continuing to introduce new vulnerabilities to exploit. To stop attackers—regardless of how advanced or persistent they are—organizations must accelerate their ability to limit new risk and take advantage of intelligence to gain insight into attackers’ approaches and motives. IBM’s advanced cyber threat intelligence services provide that insight. Monitoring our worldwide security operations centers allows us to collect information on billions of security events that occur daily. But that’s just the beginning. We then combine that information with our technology partners’ threat analyses to deliver the kind of meaningful data that can help you improve your security strategy. IBM security experts have the industry knowledge to understand which threats are most applicable to you. And they coordinate with IBM managed and professional security services to provide you with the guidance you need to build a stronger security posture. For more information To learn more about how IBM can help you protect your organization from cyber threats and strengthen your IT security, contact your IBM representative or IBM Business Partner, or visit this website: ibm.com/services/security Follow us
  • 12. © Copyright IBM Corporation 2014 IBM Corporation IBM Global Technology Services Route 100 Somers, NY 10589 Produced in the United States of America June 2014 IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at “Copyright and trademark information” at ibm.com/legal/copytrade. shtml This document is current as of the initial date of publication and may be changed by IBM at any time. THE INFORMATION IN THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING WITHOUT ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OR CONDITION OF NON-INFRINGEMENT. IBM products are warranted according to the terms and conditions of the agreements under which they are provided. The client is responsible for ensuring compliance with laws and regulations applicable to it. IBM does not provide legal advice or represent or warrant that its services or products will ensure that the client is in compliance with any law or regulation. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. 1 IBM Security Services 2014 Cyber Security Intelligence Index, April 2014. 2,3 2014 Cost of Data Breach Study: Global Analysis, Ponemon Institute, May 2014. 4 2012 Global Reputational Risk & IT Study, IBM. 5 IBM Security Services 2014 Cyber Security Intelligence Index, April 2014. 6 IBM Security Services 2014 Cyber Security Intelligence Index, June 2013, IBM Security Services 2014 Cyber Security Intelligence Index, April 2014. Please RecycleSEW03042-USEN-00