2. 2 IBM Security
Enterprise security programs face harsh realities every day
Top questions from leadership:
Are we protected from the latest threats?
Have we protected our most critical data?
Do we have access to the right skill sets?
Are we adapting to changing platforms?
Are we operating at an appropriate
maturity level for our industry?
Are we communicating our risks clearly
to our leaders and our board?
Are we maximizing the value
of our security investments?
3. 3 IBM Security
Transform your security program
Build strategy that
accelerates new IT trends
• BYoD , Cloud, Mobile, IoT
• SaaS and Cloud based services
Access the right skills
• Advisors, responders, testers,
analysts and engineers
• 24x7x365 global expertise
Build protected and
connected systems
• Increase productivity
• Grant stakeholders access to the
right data without introducing risk
Optimize security programs
• Modernize Identity and access,
application development, privacy
policies, data security
• Manage and protect against
latest threats
Gain access to global
threat intelligence
• Greater control in real time
with actionable insights
• Improved visibility to manage
the threat lifecycle
Reduce complexity
• Provide programmatic, automated
and integrated outcomes
• Consolidate point products
to an integrated solution
4. 4 IBM Security
IBM helps drive overall transformation with a business friendly framework
to assess and mature your security posture
10 Manage the digital
identity lifecycle
8 Manage third-
party security
compliance
7 Address security
complexity of cloud
and virtualization
3 Secure collaboration in
social and mobile
workplace
6 Create a security-rich
and resilient network
9 Assure data
security and
privacy
5 Manage IT
hygienically
4 Develop security-
rich products, by
design
2 Establish intelligent
security operations
and rapid threat
response
1 Build a risk-aware
culture and
management
system
GOAL:
Drive transformation
without introducing new risk
5. 5 IBM Security
1. INITIAL
Ad-hoc processes
2. REPEATABLE
Incorporate replicable process management
discipline
3. DEFINED
Integration of processes across the
organization
4. MANAGED
Metric-driven measurability of processes
5. OPTIMIZING
Continuous process improvement through
feedback
Aligning to a maturity model offers a prescriptive assessment
of your company versus best practice
Capability Maturity Model
(CMM)
Reactive Proactive
ManualAutomated
6. 6 IBM Security
With proven global expertise, IBM Security Transformation Services
deploys and manages optimized security programs
• Security Strategy, Risk and Compliance
Automate governance, risk and compliance programs
• Security Intelligence and Operations
Build security operations and security fusion centers
• Cyber Security Assessment and Response
Establish robust security testing and incident
management programs
• Identity and Access Management
Modernize identity and access management
for the cloud and mobile era
• Data and Application Security
Deploy robust critical data protection programs
• Infrastructure and Endpoint Security
Redefine infrastructure and endpoint solutions
with secure software-defined networks
SECURITY TRANSFORMATION SERVICES
CEO CIO CISO CRO CCO CLO
Security Strategy, Risk and Compliance
Security Intelligence and Operations
Cyber Security Assessment and Response
Identity and Access Management
Data and Application Security
Infrastructure and Endpoint Security
Systems
Integration
Management
Consulting
Managed
Security
7. 7 IBM Security
The vast majority of GRC programs
fall in first three, with 80% not
integrated, 51% underutilized*
*2014 GRC Technology Strategy Survey Report http://www.oceg.org/resources/2014-grc-strategy-survey-report/
State of GRC maturity is classified by technology, content,
and processes
Automate GRC
Build advanced security
operations centers
Establish robust
security testing and
incident management
Modernize IAM for the
cloud and mobile era
Deploy robust critical
data protection
Redefine infrastructure
and endpoint security
8. 8 IBM Security
Automate your IT GRC program to manage IT Risk and
establish governance
Note: Key risk indicators (KRI), key performance indicators (KPI)
Continuous Monitoring to Facilitate Risk-Based Decision Making
IT GRC IS KEY
COMPONENT Risk Mitigation:
Build, Deploy and Operate
Continuous IT Controls
Monitoring
Security Incident
Management
Threat and Vulnerability
Management
IT Policy Management
Fraud and Money
Laundering
Regulatory Change
Management
Incident Response – Corrective
Action Cyber Incident Investigations
HOT
COLD
Security Research – Preventive
Security Intelligence and Analytics
External
Security
Sources
SecurityMonitoringandSOCOperations
SECURITYINFORMATION
Security
Intelligence
Generate Risk and
Compliance Reports
and Dashboards
Governance,
Risk and
Compliance
Remediate
Security Policy
and Control
Management
IT Risk
Management
IT Risk
Assessment
Risk and
Compliance
Monitoring,
Measurement
and Analysis
Business Continuity
Management
Automate GRC
Build advanced security
operations centers
Establish robust
security testing and
incident management
Modernize IAM for the
cloud and mobile era
Deploy robust critical
data protection
Redefine infrastructure
and endpoint security
9. 9 IBM Security
A consultative approach can help transform and modernize
your security operations
Assess, plan and develop your security maturity and operations
• Deploy intelligence-driven security capabilities
• Optimize your ability to react to and contain events,
while reducing impact
SOC Transformation
Build next generation security operations
Deploy
Optimize
Build
Plan
Design
Automate GRC
Build advanced security
operations centers
Establish robust
security testing and
incident management
Modernize IAM for the
cloud and mobile era
Deploy robust critical
data protection
Redefine infrastructure
and endpoint security
10. 10 IBM Security
Integrate human intelligence and advanced automation
to better manage threats
Leverage IBM’s depth of experience
to build and manage optimized security operations
• Maturity assessment
Identify gaps and key focus areas
• SOC strategy and planning
Create a SOC model, while optimizing
existing resources
• Design and build the SOC
Operate within budget and risk tolerance
• Implement and Optimize SIEM
Provide leading security intelligence
capabilities
• Optimize the SOC
Deploy best practices in security operations
Automate GRC
Build advanced security
operations centers
Establish robust
security testing and
incident management
Modernize IAM for the
cloud and mobile era
Deploy robust critical
data protection
Redefine infrastructure
and endpoint security
11. 11 IBM Security
Avert incidents with programmatic testing of targets
for risks and vulnerabilities
• Programmatic approach
Simplifies program
implementation
• Vulnerability analytics
Helps create more efficient
remediation plans, analyze
risks and identify trends
across enterprise domains
• Simple scope testing
Offers customized options
for testing any target
TESTING
ANALYSISASSESSMENT
TESTING
• Entry level
• Standard
• Advanced
ANALYSIS
• Manual code
review
• Automated static
assessment
ASSESSMENT
• Application
• Network
• Human
Automate GRC
Build advanced security
operations centers
Establish robust
security testing and
incident management
Modernize IAM for the
cloud and mobile era
Deploy robust critical
data protection
Redefine infrastructure
and endpoint security
12. 12 IBM Security
Plan, prepare and respond to incidents with proven expertise
Onsite expertise
within 24 hours
Incident containment,
handling and remediation
Forensics collection
and analysis
ONSITE
INCIDENT
RESPONSE
Help clients build effective
incident response plans
Test plans and procedures
with simulated exercises
Assist with removal
of known threats
Continuous monitoring
and rapid response
to confirmed threats
Intelligent correlation
to reduce alert fatigue
Initiate proactive incident
response activities
INCIDENT
RESPONSE
PLANNING
REMOTE
THREAT
RESPONSE
IBM X-Force®
Incident Response
Services
Automate GRC
Build advanced security
operations centers
Establish robust
security testing and
incident management
Modernize IAM for the
cloud and mobile era
Deploy robust critical
data protection
Redefine infrastructure
and endpoint security
13. 13 IBM Security
Are you enabling your lines
of business?
Inability to fully embrace SaaS
apps, BYOD, BYOI, or IoT
Shadow IT and rogue access
• By 2020, 1/3 of successful
attacks will be on shadow
IT resources2
Modernize your identity and access program to help quickly
detect and remediate attacks
Insider threats and identity fraud Line of business access Compliance
Are you at risk?
60% of data breaches involved
insiders in 20151
45% of incidents involved
unauthorized access1
Are you meeting your
compliance requirements?
Ever increasing regulations
• EU GDPR fines could add
up to 5% of global
revenues3
Complex organizations
Challenging audit frequency
Help prevent insider
threat and reduce
identity fraud
Support
productivity
and innovation for
your business
Systematically achieve
and maintain better
regulatory compliance
management
1IBM Cyber Security Intelligence Report 2016
2Gartner Predicts 2016: Threat and Vulnerability Management
3Forrester Predictions 2016: The Trust Imperative For Security and Risk Pros
Automate GRC
Build advanced security
operations centers
Establish robust
security testing and
incident management
Modernize IAM for the
cloud and mobile era
Deploy robust critical
data protection
Redefine infrastructure
and endpoint security
14. 14 IBM Security
Govern and administer users and their access
to increase productivity and manage risk
Directory Services
Access Management
• Adaptive access control and federation
• Application content protection
• Authentication and single sign on
Identity Management
• Identity governance and intelligence
• User lifecycle management
• Privileged identity control
Datacenter Web Social Mobile Cloud
Automate GRC
Build advanced security
operations centers
Establish robust
security testing and
incident management
Modernize IAM for the
cloud and mobile era
Deploy robust critical
data protection
Redefine infrastructure
and endpoint security
15. 15 IBM Security
Protect critical assets with context-aware controls
to prevent unauthorized access and data loss
Govern and
administer users
and their access
Identify
and protect
sensitive data
Manage
application
security risk
Manage and
secure network
and endpoints
Automate GRC
Build advanced security
operations centers
Establish robust
security testing and
incident management
Modernize IAM for the
cloud and mobile era
Deploy robust critical
data protection
Redefine infrastructure
and endpoint security
16. 16 IBM Security
Identify and protect sensitive data – safeguard your
“crown jewels” and protect your brand
Harden Repositories
• Encrypt and mask sensitive data
• Archive / purge dormant data
• Revoke dormant entitlements
Identify Risk
• Discover and classify sensitive data
• Assess database vulnerabilities
Monitor Access
• Monitor and alert on attacks in real-time
• Identify suspicious activity
• Produce detailed compliance reports
Protect Data
• Prevent unauthorized access
to sensitive data
• Enforce change control
Automate GRC
Build advanced security
operations centers
Establish robust
security testing and
incident management
Modernize IAM for the
cloud and mobile era
Deploy robust critical
data protection
Redefine infrastructure
and endpoint security
17. 17 IBM Security
Next-gen
firewalls
Unified threat
management
Network and
server IDS/IPS
Network
sandbox
Secure web
and e-mail
gateway
Endpoint
protection,
detection and
response
Protect networks, servers and endpoints with
around-the-clock management and monitoring
Automate GRC
Build advanced security
operations centers
Establish robust
security testing and
incident management
Modernize IAM for the
cloud and mobile era
Deploy robust critical
data protection
Redefine infrastructure
and endpoint security
• Better secure information
assets from Internet attacks
• Reduce security investment
and management costs
• Better manage compliance
• Improve system uptime and performance
• Simplify management of multiple
security devices
Protect networks, servers and endpoints
VAST PARTNER
ECOSYSTEM
18. 18 IBM Security
Flat
networks
Security
infra sprawl
Simplified,
agile
management
Secure
end-to-end
fabric
The evolution of IT Infrastructure opens the doors
for clients to advance their security
Traditional Managed Security Services:
Management and monitoring of security infrastructure
to quickly respond to attacks
Automate GRC
Build advanced security
operations centers
Establish robust
security testing and
incident management
Modernize IAM for the
cloud and mobile era
Deploy robust critical
data protection
Redefine infrastructure
and endpoint security
Hybrid Infrastructures and Virtualization
Private and Public Cloud, Virtualization in Datacenters
Software Defined Networks
Advances in networking, such as SDN and SD-WAN
Design and prove
• Build a business case
• Create a macro design
• Security can be an enabler for these infrastructure changes
• Better security can be enabled by these changes in infrastructures
Integrate and test
• Develop a micro design
• Execute an implementation plan
Manage and optimize
• Run a healthy security infrastructure
• Respond to changes
IBM will help you in partnership with your infrastructure teams to:
19. 19 IBM Security
Security Services operates as a globally integrated practice,
providing expertise from strategy through operations
TRANSFORMATION PROGRAMS
Security Strategy, Risk and Compliance Automate governance, risk and compliance
• Strategy and Planning
• Security Framework and Risk Assessments
• Automated GRC and IT Risk Management
Security Intelligence and Operations Build advanced security operations centers
• Security Operations Consulting
• Security Intelligence Programs
• Managed and Monitored SIEM Services
Cyber Security Assessment and
Response
Establish robust security testing and
incident management
• Security Testing
• Incident Response and Planning
• Advanced Threat Assessments
Identity and Access Management
Modernize identity and access management
for cloud and mobile era
• Identity and Access Strategy and Design
• Managed and Cloud Identity Services
• Identity Governance and Authorization
Data and Application Security
Deploy robust critical data protection
• Critical Data Protection
• Data Discovery and Classification
• Data Security Design and Deploy
Infrastructure and Endpoint Security
Redefine infrastructure and endpoint
security
• 24x7 Security Infrastructure Monitoring
• Security Infrastructure Management
• Vulnerability Management
COMPETENCIES BEST PRACTICES OFFERINGS
Management Consulting Systems Integration Managed Security
20. 20 IBM Security
Why IBM Security Transformation Services?
Unparalleled
Expertise
Best-in-class Managed
Security Services
Integrated
Approach
• IBM X-Force® Exchange and
Threat Research teams providing
zero-day threat alerts to clients
• 1400+ employees
serving 130+ countries,
with a 95% retention rate
• 35 billion+ security events
analyzed daily across
4,500+ global clients
• Access to a global network of
recognized security experts
• Deep industry service
delivery experience across
numerous types of operations
• Ability to lead and execute
large, transformational
projects
• Integrated portfolio
of security services
and technology
• Open ecosystem with 100+
technology partners and
30+ services partners
• 800+ technical vendor and
150+ professional security
certifications
21. 21 IBM Security
SECURITY TRANSFORMATION SERVICES
Management consulting | Systems integration | Managed security
IBM has the world’s broadest and deepest security portfolio
SECURITY
ECOSYSTEM
App Exchange
MaaS360
INFORMATION RISK
AND PROTECTION
Trusteer Pinpoint
Trusteer Mobile
Trusteer Rapport
Privileged Identity Manager
Identity Governance and Access
AppScan
Guardium
Cloud Security
Enforcer
Cloud Identity Service
zSecure
Key Manager
QRadar Vulnerability Manager Resilient Incident Response
X-Force Exchange
QRadar Incident Forensics
Network Protection XGSBigFix
SECURITY OPERATIONS
AND RESPONSE
QRadar SIEM QRadar Risk Manager
22. 22 IBM Security
COGNITIVE, CLOUD,
and COLLABORATION
The next era of security
INTELLIGENCE
and INTEGRATION
PERIMETER
CONTROLS
23. 23 IBM Security
IBM Security invests in best-of-breed solutions
Incident
response
Cloud-enabled
identity management
Identity governance
Application security
Risk management
Data management
Security services
and network
security
Database monitoring
and protection
Application security
SOA
management
and security
“…IBM Security is making all the right moves...”
Forbes
2011 2012 2013 2014 2015 20162005 2006 2007 2008 2009 20102002
IBM Security
Systems
IBM Security
Services
Identity
management
Directory
integration
Enterprise
single-sign-on
Endpoint
management
and security
Security
Intelligence
Advanced fraud
protection
Secure mobile mgmt.
CyberTap
24. 24 IBM Security
Adaptive integration with ecosystem partners
100+ ecosystem partners, 500+ QRadar integrations
25. 25 IBM Security
A Global Leader in Enterprise Security
• #1 in enterprise security
software and services*
• 7,500+ people
• 12,000+ customers
• 133 countries
• 3,500+ security patents
• 15 acquisitions since 2005
*According to Technology Business Research, Inc. (TBR) 2016