information risk and protection

INFORMATION RISK AND PROTECTIONPROTECT YOUR INFORMATION, CONTAIN THE RISK

Ahmed Sharaf

July 13, 2016

Managing Director – Xband Enterprises, Inc.

2 IBM Security

Data

Applications

Connectivity to more users, devices, and data than ever before

Web Applications

Systems Applications APIs Mobile

Applications

Infrastructure and Devices

Datacenters PCs Mobile Cloud Services IoT

On Premises Off PremisesUnstructuredStructured

UsersAuditors Suppliers

Consultants Contractors

Employees Partners

Customers

Systems Applications

Partners

Structured

Laptops

It’s time to expand from infrastructure to information-centric security

Employees

Unstructured

APIs

Off Premises

Customers

Mobile Applications

3 IBM Security

Protect your information, contain the risk

Gain control • Govern all users and their privileges• Protect data usage across enterprise and cloud• Improve DevOps security• Secure mobile devices and apps

Identify risks• Discover, classify business critical data and apps • Expose over privileges with identity analytics• Analyze cloud app usage and activity • Detect web fraud with real time alerts

Safeguard interactions• Deploy adaptive access and web app protection• Federate to and from the cloud• Maintain data compliance and stop attacks• Secure mobile collaboration

IDENTITY

CLOUD

FRAUD

APP

DATA

MOBILE

4 IBM Security

IBM Security has the industry’s most comprehensive solution forInformation Risk and Protection

Keep your information protected while securely interacting with employees and consumers

• IBM Cloud SecurityDeliver visibility, control and protection of cloud apps

• IBM MaaS360Mobile productivity and enterprise security without compromise

• IBM Identity Governance and Access ManagementGovern and enforce context-based access to critical assets

• IBM GuardiumProtect crown jewels across the enterprise and cloud

• IBM AppScanScan and remediate vulnerabilities in modern applications

• IBM TrusteerStop financial and phishing fraud, and account takeovers

• IBM Security ServicesDeliver governance, risk and compliance consulting, systems integration and managed security services

LOB RISK AUDITCISO IT

INFORMATION RISK AND PROTECTION

Governance, Risk and Compliance Services

Identity Governance and Access Management

Cloud Security Mobile Security

ApplicationSecurity

Data Protection

AdvancedFraud Protection

5 IBM Security

Manage and control digital identities in the era of cloud and mobile

Govern users and enforce access

Protect crown jewels wherever they are

Build and deploy safe apps

Protect consumers from fraud

Secure and manage mobile

Enforce cloud security

Get help from security experts

Directory Services

Access Management • Adaptive access control and federation• Application content protection• Authentication and single sign on

Identity Management • Identity governance and intelligence• User lifecycle management• Privileged identity control

Datacenter Web Social Mobile Cloud

6 IBM Security

IBM Identity Governance and Intelligence brings IT and lines of business together

Analytics

Compliance

Lifecycle

Delivering actionable identity intelligence

• Align auditors, Line of Business and IT perspectives

• Risk analytics and intelligence to represent complex user data

• Easy to launch access certification and requests

• Enhanced role mining and segregation of duties reviews

• In-depth SAP and RACF governance reviews

• Built in provisioning and identity management capabilities








7 IBM Security

IBM Security Access Manager helps you take control

IBM Security Access Manager

• Authentication• Authorization

• Single Sign-on• Federation

• Risk-based Access• Application Protection

EmployeesConsumers Partners and Contractors

Cloud Workloads

SaaS Applications

Enterprise Applications








8 IBM Security

Discover and build roles to create new roles or optimize existing ones








9 IBM Security

Safeguard sensitive data, protect your brand








Harden Repositories• Encrypt and mask sensitive data• Archive / purge dormant data• Revoke dormant entitlements

Identify Risk• Discover and classify sensitive data• Assess database vulnerabilities

Monitor Access• Monitor and alert on attacks in real-time• Identify suspicious activity• Produce detailed compliance reports

Protect Data• Prevent unauthorized access

to sensitive data• Enforce change control

10 IBM Security

IBM Guardium helps monitor access and protect data across the enterprise and beyond

Discovery, classification,vulnerability assessment, entitlement management

Encryption, masking, and redaction

Data and file activity monitoring

Dynamic blocking and masking, alerts, and quarantine

Compliance automation and auditing

ANALYTICS








11 IBM Security

Automatically discover sensitive data and uncover risks

• Automatically discover and classify sensitive data to expose compliance risks

• Analyze data usage patterns to uncover and remediate risks

• Understand who is accessing data, spot anomalies, and stop data loss in real time

Identify and respond to detected outliers with a convenient graphical interface

• Anomaly hours flagged red or yellow

• Click bubble for Outlier view








12 IBM Security

Manage application security risk

Application Security ManagementUse a single console for managing application testing, reporting and policies

Static Application ScanningAddress application security from day one to production

Dynamic Application ScanningIdentify and remediate vulnerabilities in live applications








13 IBM Security

AssessImpact

IdentifyInventory

Report Compliance

TrackProgress

Prioritize Vulnerabilities

IBM AppScan helps clients manage application security risk








Application Security Management

14 IBM Security

An integrated application risk management dashboard

Which applications present the highest risk?

How many applications have we assessed?

Is our application security posture improving?








15 IBM Security

IBM AppScan provides a full spectrum of application assessment techniques for deep security analysis








Application Security Testing

Analysis of iOS and Android app source code with full trace analysis, covering 20K+ APIs

Reveals HTTP parameters not discovered by black box scanning, finds vulnerabilities and reduces false positives

Examines source code and traces data to check for sanitized user input

Examines how a running app responds to mutated HTTP requests

InteractiveAnalysis

(Glass Box)

Mobile AppAnalysis

Dynamic Analysis

(Black Box)

StaticAnalysis

(White Box)

Utilize resources effectively to identify and mitigate risk

On-premise and cloud-based

solutions

16 IBM Security

The key to stopping cyber crime is visibility

FraudulentPayments

FraudulentLogins

CredentialsCompromised

Phishing

Redirect to fake website (MitM)

Tamper with legitimate website (MitB)

Device spoofing

Remote Access Tools (RAT)

Proxy

Mimic legitimatepayment activity

Bypasses two-factor mobile authentication

Detect fraud root cause

Detect evasion methods

Detect fraud indicators








17 IBM Security

Combat online and mobile fraud with intelligent, adaptive solutions from IBM Trusteer

Fraud Lifecycle Management• Comprehensive,

integrated, adaptive fraud management

Clientless Fraud Protection• Unified malware and

criminal detection• Real-time malware

detection

Endpoint Fraud Protection• Prevent and remove

financial malware and detect phishing attacks

• Mobile application and device protection








18 IBM Security

Balance productivity and security in the mobile enterprise

• Support multiple device types and usage models

• Deliver best-of-breedapps and experience

• Connect with core enterprise systems

• Secure data in apps, cloud and in motion

• Enforce policies and configuration

• Integrate identity and access controls

• Gain a completeview of activity

• Understand user behaviors

• Enable automation and threat detection

Actionableinsights

Data protection

Userenablement








19 IBM Security

Support mobile innovation, unleash end-user productivity with IBM MaaS360

SecurePIM

App Security and Management

File Sync,Edit and Share

SecureBrowser

Trusted Workplace

• Separates work and personal data with anytime access to corporate resources

• Works across iOS, Android and Windows mobile platforms with a native user experience

• Supports Microsoft, Google, IBM, Box and other collaboration tools, apps and containers








20 IBM Security

At-a-glance management dashboard and an intuitive mobile interface








21 IBM Security

Safeguard workloads as you move to the Cloud

Protect DataIdentify vulnerabilitiesand help prevent attacks targeting sensitive data

Gain VisibilityMonitor the cloud for security breaches and compliance violations

Manage AccessSafeguard people, applications, and devices connecting to the cloud








22 IBM Security

IBM Cloud Security Enforcer helps you safeguard connections to cloud apps and enforce policies








23 IBM Security

Identify and manage risky cloud usage

• Discover thousands of cloud apps• View analytics and risk reports• Chart progress over time

DETECT APPROVED / SHADOW APPS








24 IBM Security

Protect critical assets with context-aware controls to prevent unauthorized access and data lossIBM Critical Data Protection








Govern and administer users and their access

Identify and protect

sensitive data

Manage application

security risk

Manage and secure network and endpoints

25 IBM Security

Modernize your identity governance and access program for the era of cloud and mobileIBM Identity Governance and Access Management Strategy, Design, and Management Services








Are you enabling your lines of business?

Inability to fully embrace SaaS apps, BYOD, BYOI, or IoT

Shadow IT and rogue access

• By 2020, 1/3 of successful attacks will be on shadow IT resources2

Are you at risk?

60% of data breaches involved insiders in 20151

45% of incidents involved unauthorized access1

Are you meeting your compliance requirements?

Ever increasing regulations

• EU GDPR fines could add up to 5% of global revenues3

Complex organizations

Challenging audit frequency

Help prevent insider threat and reduce identity fraud

Systematically achieve and maintain better regulatory compliance management

Support productivity and innovation for your business

Insider threatsand identity fraud Line of business access Compliance

01 02Detect insider threats Safeguard digital identities

Integration examples

27 IBM Security

SharedID

Example: Detect insider threats and manage risk

IDENTITY GOVERNANCE

ACTIVITY MONITORING

PRIVILEGED IDENTITY MANAGEMENT

SECURITY INTELLIGENCE

IBM Identity Governance checks for Segregation of Duties violations and runs access certification campaigns to ensure validity of privileged access rights

Guardium monitors and audits privileged user access to sensitive database objects, and can alert or block on unauthorized access

PIM shares check in / check out audit records, and Guardium cross references information with its auditing of data access activity

QRadar correlates PIM credentials and Guardium activities to detect anomalies and trigger alerts to take corrective action

1 2 3 4

28 IBM Security

Example: Safeguard digital identities in the era of cloud and mobile

4.Advanced user risk and fraud detection engine

2. Risk-aware enforcement point with strong authentication on-premise or from the cloud

1. Discover, control, and protect against risky cloud adoption

3.Mobile device compliance and policy management

5.Safeguard access to cloud and enterprise apps

5

1

2

3

4

29 IBM Security

Why IBM Information Risk and Protection?

Risk-based Intelligence Multi-layer Integrations Designed for Cloud and Mobile

• United controls to span employees, business partners and customers

• Built with open standards to speed integration and interoperability

• Cross segment integrations to protect against threats

• Business focused analytics to make decisions and meet regulations

• X-Force and Trusteer intelligence to stay ahead of the latest threats

• Machine learning algorithms to spot unusual behaviors and vulnerabilities

• Largest SaaS portfolio across fraud protection, application, cloud, and mobile security

• Flexible deployment and out-of-the-box for the most popular cloud environments

• Safeguarding mobile andconsumer interactions

30 IBM Security

SECURITY TRANSFORMATION SERVICESManagement consulting | Systems integration | Managed security

IBM has the world’s broadest and deepest security portfolio

SECURITYECOSYSTEM

App Exchange

MaaS360

INFORMATION RISKAND PROTECTION

Trusteer Pinpoint

Trusteer Mobile

Trusteer Rapport

Privileged Identity ManagerIdentity Governance and Access

AppScan

Guardium

Cloud SecurityEnforcer

Cloud Identity ServicezSecure

Key Manager

QRadar Vulnerability Manager Resilient Incident Response

X-Force Exchange

QRadar Incident ForensicsNetwork Protection XGSBigFix

SECURITY OPERATIONSAND RESPONSE

QRadar SIEM QRadar Risk Manager

31 IBM Security

COGNITIVE, CLOUD,and COLLABORATION

The next era of security

INTELLIGENCEand INTEGRATION

PERIMETER CONTROLS

32 IBM Security

IBM Security invests in best-of-breed solutions

Incidentresponse

Cloud-enabledidentity managementIdentity governance

Application securityRisk management Data management

Security services and network security

Database monitoringand protection Application security

SOA management and security

“…IBM Security is making all the right moves...”Forbes

2011 2012 2013 2014 2015 20162005 2006 2007 2008 2009 20102002

IBM SecuritySystems

IBM SecurityServices

Identity managementDirectory integration

Enterprisesingle-sign-on

Endpoint managementand security

Security Intelligence

Advanced fraud protectionSecure mobile mgmt.

CyberTap

33 IBM Security

Industry analysts rank IBM SecurityDOMAIN SEGMENT MARKET SEGMENT / REPORT ANALYST

RANKINGS

Security Operations and Response

Security Intelligence Security Information and Event Management (SIEM) LEADER

Network and Endpoint Protection

Intrusion Prevention Systems (IPS) LEADER

Endpoint: Client Management Tools LEADER

Endpoint Protection Platforms (EPP) Strong Performer

Information Riskand Protection

Identity Governance and Access Management

Federated Identity Management and Single Sign-On LEADER

Identity and Access Governance LEADER

Identity and Access Management as a Service (IDaaS) LEADER

Web Access Management (WAM) LEADER

Mobile Access Management LEADER

Identity Provisioning Management LEADER

Data Security Data Masking LEADER

Application Security Application Security Testing (dynamic and static) LEADER

Mobile Protection Enterprise Mobility Management (MaaS360) LEADER

Fraud Protection Web Fraud Detection (Trusteer) LEADER

Security Transformation Services

Consulting and Managed Services

Managed Security Services (MSS) LEADER

Information Security Consulting Services LEADER

V2016-06-16Note: This is a collective view of top analyst rankings, compiled as of July, 2016

34 IBM Security

Adaptive integration with ecosystem partners

100+ ecosystem partners, 500+ QRadar integrations

35 IBM Security

A Global Leader in Enterprise Security

• #1 in enterprise security software and services*

• 7,500 people• 12,000+ customers• 133 countries• 3,500+ security patents • 15 acquisitions since 2005

*According to Technology Business Research, Inc. (TBR) 2016

© Copyright IBM Corporation 2016. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. Any statement of direction represents IBM's current intent, is subject to change or withdrawal, and represent only goals and objectives. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM does not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party.

ibm.com/security

securityintelligence.com

xforce.ibmcloud.com

@ibmsecurity

youtube/user/ibmsecuritysolutions

FOLLOW US ON:

THANK YOU