© 2014 IBM Corporation

¿Como seguir innovando sin comprometer la seguridad? Strong security enables transformation

Santiago Cavanna IBM Security

e-mail: cavanna@ar.ibm.com Twitter: @scavanna

2

Why Security?

Motivation and Sophistication is rapidly evolving!

Anything that is connected to the Internet can be hacked. Everything is being connected to the Internet!

We are in an era of continuous breaches.

Security is a board room discussion, and security leaders are more accountable than ever before

Cloud, Analytics, Mobile and Social can power enterprise growth

CLOUD ANALYTICS MOBILE Social

To help our client’s solve business issues, we must first identify their security concerns.

Cloud

Identify the Security Concerns Technology forces

I want to adopt Cloud technology but I need to be sure that my data is secure

I want to allow my employees to use there own mobile devices to access our network – without compromising our security.

Business issues §  What are the security risks that I need to

consider before migrating my applications to the Cloud?"

§  How can my business enable robust protection of critical assets in the Cloud (private or public or Hybrid) without impacting productivity or compliance?"

§  How can I prevent, detect and remediate external breaches and internal theft in real time, through the hybrid infrastructure?"

§  I already have a network security system in place – won’t that suffice for Mobile?"

§  Prohibiting unauthorized users from accessing our network through a Mobile device is a high security concern. How can we address this? "

§  How can my organization identify vulnerabilities in our Mobile Applications? "

Mobile

To help our client’s solve business issues, we must first identify their security concerns (Continued)

Analytics and big data

Identify the Security Concern Technology forces

Social §  What is the best strategy that we can deploy

for managing and securing data? "§  How can we ensure that the personnel data

we are obtaining through social channels is well protected?"

§  Are there best practices that we can apply to help recognize and respond to a breach ?"

I must protect personal and proprietary information wherever it sits

How can I increase my ability to detect attacks while filtering out the noise that t overburdens my resources?

Business issues

§  What solutions in the market today can detect and help mitigate network breaches from stealthy or Unknown attacks?

§  What is anomaly detection and how does it help protect me against zero day attacks ?"

§  How do I stay ahead of the threat and prevent network breaches before they occur ?

6

Security is a Category that stands by itself but it also opens doors to Cloud, Analytics, Mobile, and Social opportunities

A radical notion: Cloud is an opportunity for enhanced security

Protect applications and workloads in private Cloud stacks

Private Cloud

Security for the Cloud

Public Cloud

Securing workloads on virtual infrastructures

Secure usage of Public Cloud applications

Security from the Cloud

Security-as-a-Service

Delivering and consuming secure applications

Deliver security capabilities as cloud services

IaaS PaaS SaaS

Integrated security for public and private clouds Protecting the cloud data center, and next-gen business and application platforms

IBM Security Solutions •  Federated Identity Manager •  Directory Integrator •  Access Manager Virtual Appliance •  Privileged Identity Manager •  Cloud Hosted Identity

•  InfoSphere Guardium •  AppScan •  Key Lifecycle Manager •  Managed Security Services

for SoftLayer

•  Network Protection (XGS) •  QRadar SIEM •  QRadar Log Manager •  QRadar VFlow

Manage Identities and Protect User Access

Monitor and Audit Applications

and Data

Scan and Protect the Network from Threats

Establish Intelligence

Across the Cloud

Cloud-based Security Services (Security-aaS)

IBM Trusteer Cybercrime Solutions Fraud and advanced threat protection delivered from the cloud to block online threats such as malware and phishing

IBM Cloud Identity Solution (Lighthouse) Agile and scalable cloud-hosted IAM service providing IAM integration with cloud-based social identities using Single-Sign-On for a more personalized online experience for goods and services

IBM Web Presence Protection Service Combines IBM security expertise with the cloud-based Kona Site Defender technology from Akamai for multilayered Web and DDoS protection

Identity Anti-Fraud Web and DDoS

10

Security is a Category that stands by itself but it also opens doors to Cloud, Analytics, Mobile, and Social opportunities

Analytics presents security risks and opportunities

Big data explosion

•  Personally identifiable •  Credit card data •  Health data •  Intellectual property •  Social media •  Sensor data

Analytic insights for security

•  Larger more diverse data sets •  Faster analysis •  Deeper insights •  Predictive models

Data security in a big data environment Discover and harden your most valuable assets while enabling access

Identify and Classify Data

Record Events Assess

Vulnerabilities

Protect Sensitive Data

Monitor Privileged Users

Protect data at rest, in motion, and in use

IBM Security Solutions •  Guardium Database Activity Monitoring •  Guardium Encryption Expert •  Guardium / Optim Data Masking

•  Key Lifecycle Manager •  Critical Data Protection Program

Gain visibility with an integrated architecture in a unified console

14

Security is a Category that stands by itself but it also opens doors to Cloud, Analytics, Mobile, and Social opportunities

Device Security Content Security Application Security Transaction Security

•  Manage the mobile enterprise with BYOD, BYOA, secure e-mail and document sharing

•  Secure file and document sharing across devices and employees including integration with SharePoint

•  Instrument applications with security protection by design

•  Identify vulnerabilities in new, existing or purchased applications

•  Secure mobile transactions from customers, partners and suppliers

Security Intelligence

Correlate mobile security events with broader infrastructure including log management, anomaly detection and vulnerability management for proactive threat avoidance

IT Operations

Line-of-Business Application Developer

Security Specialist

• Mitigate security risk across devices, applications, content and transactions • Monitor enterprise security across all endpoints • Manage mobility across the enterprise

CISO / CIO Chief Information Security Officer

Chief Information Officer

Imperatives for securing the mobile enterprise

Enterprise Applications and Cloud Services

Identity, Fraud, and Data Protection

Device Security Content Security Application Security Transaction Security

IBM Security AppScan

IBM Security Access Manager

IBM Mobile Security Solutions

IBM Mobile Security Services

Security Intelligence

IBM QRadar Security Intelligence Platform

Security solutions for the mobile enterprise

17

Security is a Category that stands by itself but it also opens doors to Cloud, Analytics, Mobile, and Social opportunities

30 billion pieces of content are shared on Facebook each month More companies now use social

internally than externally

66% of top financially performing companies leverage social in their business processes

Social technologies raise the productivity of interaction workers by 20-25%

You are what you share, the social transformation

Security Implications

•  Information is exposed in new ways that can pose security concerns •  Mixing of personal and corporate data on social platforms creates risk •  Social further erodes traditional security perimeters

Build security around users on social platforms

Endpoint Limit reuse of passwords and block exploits used to deliver malware from social platforms Powered by •  IBM Security Trusteer Apex

Forensics If inappropriate content sharing occurs, reduce the time to fully discover what and when it occurred Powered by •  IBM Security QRadar Incident

Forensics

Identity Enable user access to services using social identities Powered by •  IBM Security Federated Identity

Manager

Social User

Network Protect against web application misuse Powered by •  IBM Security Network Protection XGS

With a secure approach, CAMS can revolutionize business

CLOUD ANALYTICS MOBILE Social

SECURITY

IBM Security Portfolio

Learn more about IBM Security

Visit our website IBM Security Website

Watch our videos IBM Security YouTube Channel

Read new blog posts SecurityIntelligence.com

Follow us on Twitter @ibmsecurity

IBM Security Intelligence. Integration. Expertise.

www.ibm.com/security

© Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.

Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.