COGNITIVE SECUTIRY

A NEW ERA OF SECURIITY FOR NEW ERA OF COMPUTING

INTRODUCTION For almost a century, we’ve programmed computers to help solve

complex problems. We can now simulate weather, sequence genomes and instantly share data across the world

The same is true for security. For decades, we’ve programmed computers to recognize viruses, malware and exploits. We continuously tune them to become more accurate, but it’s not enough.

Bring your own IT

Social business

Cloud and virtualization

1 billion mobile workers

1 trillion connected

objects

Innovative technology changes everything

You know? you can do this online now.

MarketingServices

Online Gaming

Online Gaming

Online Gaming

Online Gaming

Central Government

Gaming

Gaming

InternetServices

Online Gaming

Online Gaming

OnlineServices

Online Gaming

IT Security

Banking

IT Security

GovernmentConsulting

IT Security

Tele-communicat

ions

Enter-tainment

ConsumerElectronics

AgricultureApparel

Insurance

Consulting

ConsumerElectronics

InternetServices

CentralGovt

CentralGovt

CentralGovt

Attack TypeSQL Injection

URL Tampering

Spear Phishing

3rd Party Software

DDoS

SecureID

Trojan Software

Unknown

Source: IBM X-Force® Research 2011 Trend and Risk Report

Size of circle estimates relative impact of breach in terms of cost to business

Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec

Entertainment

Defense

Defense

Defense

ConsumerElectronics

CentralGovernment

CentralGovernment

CentralGovernment

CentralGovernment

CentralGovernment

CentralGovernment

CentralGovernment

ConsumerElectronics

National Police

National Police

StatePolice

StatePolice

Police

Gaming

FinancialMarket

OnlineServices

Consulting

Defense

HeavyIndustry

Entertainment

2011 Sampling of Security Incidents by Attack Type, Time and Impact

WHAT IS COGNITIVE SECURITY • Cognitive systems are self-learning systems that use data

mining, machine learning, natural language processing and human–computer interaction to mimic the way the human brain works.

FROM COMPLIANT TO COGNITIVE

• Since the age of the first networks and the hackers who soon followed, we’ve evolved security technology to stop attacks.

• To date, there have been two distinct eras of cyber security: perimeter controls and security intelligence. These serve as building blocks as we enter the third era—cognitive security.

HOW IBM CAN HELP

• The cognitive journey is just beginning, but IBM has the intellectual and financial strength to lead this revolution within security.

• IBM’s investment in cognitive technologies spans decades and has seen great progression in the last five years.

• The ability to process natural language, the ability to process voice and images, and the ability to turn unstructured data into tools like knowledge graphs that are easily queriable.

IBM WATSON

• Watson is basically a supercomputer, combining Artificial intelligence and analytical software for optimal performance

• IBM Qradar Advisor with Watson combines the cognitive capabilities of Watson

IBM QRADAR SECURITY INTELLIGENCE PLATFORM

• Turn-key log management and reporting• SME to Enterprise• Upgradeable to enterprise SIEM

• Log, flow, vulnerability & identity correlation• Sophisticated asset profiling• Offense management and workflow

• Network security configuration monitoring• Vulnerability prioritization• Predictive threat modeling & simulation

SIEM

Log Management

Configuration & Vulnerability Management

Network Activity & Anomaly Detection

Network and Application

Visibility

• Network analytics• Behavioral anomaly detection• Fully integrated in SIEM

• Layer 7 application monitoring• Content capture for deep insight & forensics• Physical and virtual environments

Fully Integrated Security Intelligence

• Turn-key log management and reporting• SME to Enterprise• Upgradeable to enterprise SIEM

• Log, flow, vulnerability & identity correlation• Sophisticated asset profiling• Offense management and workflow

• Network security configuration monitoring• Vulnerability prioritization• Predictive threat modeling & simulation

SIEM

Log Management

Configuration & Vulnerability Management

Network Activity & Anomaly Detection

Network and Application

Visibility

• Network analytics• Behavioral anomaly detection• Fully integrated in SIEM

• Layer 7 application monitoring• Content capture for deep insight & forensics• Physical and virtual environments

One Console Security

Built on a Single Data Architecture

Fully Integrated Security Intelligence

LINK

http://www-03.ibm.com/software/products/en/qradar-siem http://ibm.autoboxengage.com/security/?

cm_mc_uid=50858139055314932739656&cm_mc_sid_50200000=1493526694&cm_mc_sid_52640000=1493526694

IBM QRADAR VULNERABILITY

MANAGER

QRADAR VULNERABILITY MANAGER With IBM Security QRadar Vulnerability Manager, IBM introduces a new and distinctly different response to an important need: a truly integrated approach to security management that helps to reduce the total cost of security operations and closes a number of gaps in many existing approaches.

IBM® QRadar® Vulnerability Manager proactively senses and discovers network device and application security vulnerabilities, adds context and supports the prioritization of remediation and mitigation activities.

IBM QRadar Vulnerability Manager helps you develop an optimized plan for addressing security exposures. Unlike stand-alone tools, the solution integrates vulnerability information to help security teams gain the visibility they need to work more efficiently and reduce costs.

Displaying 1 to 40 of 517 items

Displaying 1 to 40 of 311 items

IBM QRADAR RISK MANAGER

 THE PROMISE AND CHALLENGES OF

COGNITIVE Many of those surveyed by the IBM Institute for Business Value (IBV) believe that

the benefits of cognitive security solutions will address the gaps they are facing. Even though cognitive security is still an emerging technology area, 57 percent of respondants already believe that cognitive security solutions can significantly slow the efforts of cyber criminals

 Potential challenges to the adoption of cognitive security solutions, it is not that security leaders don’t understand the technology conceptually or aren’t convinced of the value or the benefits versus other solutions; the challenges are more about skills, processes and methods.

Forty-five percent of respondents list the top adoption challenges as not being ready from a competency perspective and a lack of internal skills to implement. To address these concerns and ensure successful roll-outs of cognitive solutions, more education and preparation is needed.

BECOME EDUCATED ABOUT COGNITIVE SECURITY

CAPABILITIES  

Take a holistic and formal approach to learn about cognitive security solutions. There could be many misconceptions in your organization from a capability, cost and implementation perspective.

Understand the potential use cases for cognitive security solutions—match them to your areas of weakness.

Plan for how you can communicate the benefits of cognitive security solutions to technical and business stakeholders—build an education plan for your team and your executives

Identify and address skills gaps that may hold back adoption of the technology within your own organization

  DEMOGRAPHICS AND METHODOLOGY

To better understand what security challenges organizations are facing, how they are addressing these challenges and how they view cognitive security solutions and their potential, the IBM Institute for Business Value (IBV) and Oxford Economics surveyed a balanced distribution of 700 CISOs and other security professionals in 35 countries, representing 18 industries between May and July of 2016.

In order to determine our clusters (the Primed, Prudent and the Pressured) we applied a k-means clustering algorithm that revealed three distinct behavior patterns.

THANK YOU!