Whitepaper | Network Security - How to defend your Plant against the threats of 2014?
Security Solution - IBM Business Connect Qatar Defend your company against cyber threats with...
-
date post
14-Sep-2014 -
Category
Technology
-
view
543 -
download
5
description
Transcript of Security Solution - IBM Business Connect Qatar Defend your company against cyber threats with...
![Page 1: Security Solution - IBM Business Connect Qatar Defend your company against cyber threats with security solutions](https://reader033.fdocuments.in/reader033/viewer/2022051311/5415f1028d7f72a26c8b462f/html5/thumbnails/1.jpg)
![Page 2: Security Solution - IBM Business Connect Qatar Defend your company against cyber threats with security solutions](https://reader033.fdocuments.in/reader033/viewer/2022051311/5415f1028d7f72a26c8b462f/html5/thumbnails/2.jpg)
Defend Your Company Against Cyber Threats
with Security Solutions
Ragy Magdy
Business Unit Executive
Security Systems – ME
![Page 3: Security Solution - IBM Business Connect Qatar Defend your company against cyber threats with security solutions](https://reader033.fdocuments.in/reader033/viewer/2022051311/5415f1028d7f72a26c8b462f/html5/thumbnails/3.jpg)
• Started my career in Security in 2003 by Joining ISS
• 2005 was named the ISS Regional Manager for the Middle East
• 2006 ISS was acquired by IBM
• Led the Security Team in GTS for the Middle East
• 2009 was tasked to build IBM Security Practice for the MEA region
• 2012, moved to SWG to lead the new Security Systems Division
• Full Portfolio on Linkedin
![Page 4: Security Solution - IBM Business Connect Qatar Defend your company against cyber threats with security solutions](https://reader033.fdocuments.in/reader033/viewer/2022051311/5415f1028d7f72a26c8b462f/html5/thumbnails/4.jpg)
![Page 5: Security Solution - IBM Business Connect Qatar Defend your company against cyber threats with security solutions](https://reader033.fdocuments.in/reader033/viewer/2022051311/5415f1028d7f72a26c8b462f/html5/thumbnails/5.jpg)
January 2, 2013
Nightly News | April 04, 2013
Cyber attacks … A ‘major assault’ on
financial industry
…..An ongoing series of attacks on the financial industry
has resulted in 15 of the largest U.S. banks being offline
for a total of 249 hours in the last six weeks.
![Page 6: Security Solution - IBM Business Connect Qatar Defend your company against cyber threats with security solutions](https://reader033.fdocuments.in/reader033/viewer/2022051311/5415f1028d7f72a26c8b462f/html5/thumbnails/6.jpg)
![Page 7: Security Solution - IBM Business Connect Qatar Defend your company against cyber threats with security solutions](https://reader033.fdocuments.in/reader033/viewer/2022051311/5415f1028d7f72a26c8b462f/html5/thumbnails/7.jpg)
![Page 8: Security Solution - IBM Business Connect Qatar Defend your company against cyber threats with security solutions](https://reader033.fdocuments.in/reader033/viewer/2022051311/5415f1028d7f72a26c8b462f/html5/thumbnails/8.jpg)
![Page 9: Security Solution - IBM Business Connect Qatar Defend your company against cyber threats with security solutions](https://reader033.fdocuments.in/reader033/viewer/2022051311/5415f1028d7f72a26c8b462f/html5/thumbnails/9.jpg)
![Page 10: Security Solution - IBM Business Connect Qatar Defend your company against cyber threats with security solutions](https://reader033.fdocuments.in/reader033/viewer/2022051311/5415f1028d7f72a26c8b462f/html5/thumbnails/10.jpg)
![Page 11: Security Solution - IBM Business Connect Qatar Defend your company against cyber threats with security solutions](https://reader033.fdocuments.in/reader033/viewer/2022051311/5415f1028d7f72a26c8b462f/html5/thumbnails/11.jpg)
Database
Breach….
![Page 12: Security Solution - IBM Business Connect Qatar Defend your company against cyber threats with security solutions](https://reader033.fdocuments.in/reader033/viewer/2022051311/5415f1028d7f72a26c8b462f/html5/thumbnails/12.jpg)
![Page 13: Security Solution - IBM Business Connect Qatar Defend your company against cyber threats with security solutions](https://reader033.fdocuments.in/reader033/viewer/2022051311/5415f1028d7f72a26c8b462f/html5/thumbnails/13.jpg)
![Page 14: Security Solution - IBM Business Connect Qatar Defend your company against cyber threats with security solutions](https://reader033.fdocuments.in/reader033/viewer/2022051311/5415f1028d7f72a26c8b462f/html5/thumbnails/14.jpg)
2,641,350
The Average Company Faces Per Week
Security Attacks
1. Health & Social Services
2. Transportation
3. Hospitality
4. Finance & Insurance
5. Manufacturing
6. Real Estate
7. Mining, Oil & Gas
Top 7 Most ATTACKED Industries
62 Security Incidents
The Average Company
Experiences Per Week
1. End user didn’t think before clicking
2. Weak password / default password in use
3. Insecure configuration
4. Use of legacy hardware or software
5. Lack of basic network security protection or segmentation
Top 5 reasons WHY attacks were possible
Did you know...
Malicious Code
Sustained Probe or Scan
Unauthorized Access
Low-and-Slow Attack
Access/Credentials Abuse
Denial of Service
What IBM Sees
Categories of Attack
![Page 15: Security Solution - IBM Business Connect Qatar Defend your company against cyber threats with security solutions](https://reader033.fdocuments.in/reader033/viewer/2022051311/5415f1028d7f72a26c8b462f/html5/thumbnails/15.jpg)
2011 : Was called the Year of Breach…
2012 Sampling of Security Incidents by Attack Type, Time and
Impact Conjecture of relative breach impact is based on publicly disclosed information regarding leaked records and financial losses
![Page 16: Security Solution - IBM Business Connect Qatar Defend your company against cyber threats with security solutions](https://reader033.fdocuments.in/reader033/viewer/2022051311/5415f1028d7f72a26c8b462f/html5/thumbnails/16.jpg)
![Page 17: Security Solution - IBM Business Connect Qatar Defend your company against cyber threats with security solutions](https://reader033.fdocuments.in/reader033/viewer/2022051311/5415f1028d7f72a26c8b462f/html5/thumbnails/17.jpg)
2,641,350
The Average Company Faces Per Week
Security Attacks
1. Health & Social Services
2. Transportation
3. Hospitality
4. Finance & Insurance
5. Manufacturing
6. Real Estate
7. Mining, Oil & Gas
Top 7 Most ATTACKED Industries
62 Security Incidents
The Average Company
Experiences Per Week
1. End user didn’t think before clicking
2. Weak password / default password in use
3. Insecure configuration
4. Use of legacy hardware or software
5. Lack of basic network security protection or segmentation
Top 5 reasons WHY attacks were possible
Did you know...
Malicious Code
Sustained Probe or Scan
Unauthorized Access
Low-and-Slow Attack
Access/Credentials Abuse
Denial of Service
What IBM Sees
Categories of Attack
![Page 18: Security Solution - IBM Business Connect Qatar Defend your company against cyber threats with security solutions](https://reader033.fdocuments.in/reader033/viewer/2022051311/5415f1028d7f72a26c8b462f/html5/thumbnails/18.jpg)
Attackers follow a 5-Stage attack chain
1
Break-in Spear phishing and remote
exploits to gain access
Command
& Control (CnC)
2 Latch-on
Malware and backdoors
installed to establish a foothold
3
Expand Reconnaissance and
lateral movement to increase
access and maintain a presence
4 Gather
Acquisition and aggregation
of confidential data
Command
& Control (CnC)
5
Exfiltrate Data exfiltration to
external networks
![Page 19: Security Solution - IBM Business Connect Qatar Defend your company against cyber threats with security solutions](https://reader033.fdocuments.in/reader033/viewer/2022051311/5415f1028d7f72a26c8b462f/html5/thumbnails/19.jpg)
IBM Security Systems: The industry’s most comprehensive Smart Security portfolio
Security Consulting
Managed Services
X-Force and IBM Research
IBM Security Portfolio
People Data Applications Infrastructure
IT Infrastructure – Operational Security Domains
IT Security and Compliance Analytics & Reporting
QRadar SIEM
QRadar Log Manager
QRadar Risk Manager
IBM Privacy, Audit and
Compliance Assessment Services
Identity & Access
Management Suite
Federated
Identity Manager
Enterprise
Single Sign-On
Identity Assessment,
Deployment and
Hosting Services
Guardium
Database Security
Optim
Data Masking
Key Lifecycle
Manager
Data Security
Assessment Service
Encryption and
DLP Deployment
AppScan
Source Edition
AppScan
Standard Edition
Security
Policy Manager
Application
Assessment Service AppScan OnDemand
Software as a
Service
Network
Intrusion Prevention
DataPower
Security Gateway
QRadar Anomaly Detection / QFlow
Managed Firewall,
Unified Threat and
Intrusion Prevention
Services
Endpoint
Manager (BigFix) zSecure, Server and
Virtualization
Security
Penetration
Testing Services
Native Server
Security (RACF, IBM
Systems)
Network Endpoint
Intgerating Security with BUSINESS Analytics
IBM OpenPages Algorithmics (recent acquisition) i2 Corporation (recent acquisition)
![Page 20: Security Solution - IBM Business Connect Qatar Defend your company against cyber threats with security solutions](https://reader033.fdocuments.in/reader033/viewer/2022051311/5415f1028d7f72a26c8b462f/html5/thumbnails/20.jpg)
Stage 1: Break-in
Your Challenge
Employees are always vulnerable to well-executed phishing attempts
Even patched machines can be compromised by “zero-day attacks”
that leverage previously unknown vulnerabilities
Antivirus has proven to be largely ineffective against zero-day malware
How IBM Can Help
IBM Security Network IPS and IBM Security Network Protection
help block zero-day exploits using advanced behavioral analysis, and
block phishing and malware sites using a database of 13 billion URLs
IBM Endpoint Manager helps limit attack surface by auditing and
enforcing compliance with patch and configuration policies
Break-in 1
Latch-on 2
Expand 3
Gather 4
Exfiltrate 5
![Page 21: Security Solution - IBM Business Connect Qatar Defend your company against cyber threats with security solutions](https://reader033.fdocuments.in/reader033/viewer/2022051311/5415f1028d7f72a26c8b462f/html5/thumbnails/21.jpg)
Stage 2: Latch-on
Your Challenge
Once the attacker has breached your perimeter, they need to establish
a communication channel back to “home” and create redundant ways
to access your network
How IBM Can Help
IBM Security QRadar continuously monitors the network and helps
identify anomalous activity in terms of location, applications accessed,
and more; logs network activity for future forensic investigations, to
help determine extent of breach
IBM Security Network IPS uses advanced behavioral analysis to
detect subtle communications with malicious destinations
Break-in 1
Latch-on 2
Expand 3
Gather 4
Exfiltrate 5
![Page 22: Security Solution - IBM Business Connect Qatar Defend your company against cyber threats with security solutions](https://reader033.fdocuments.in/reader033/viewer/2022051311/5415f1028d7f72a26c8b462f/html5/thumbnails/22.jpg)
Stage 3: Expand
Your Challenge
APTs usually don’t infect the host containing target data; thus the
attacker needs to find the target data and gain access to it
They will perform reconnaissance to understand the network and
identify high-value assets
How IBM Can Help
IBM Security Privileged Identity Manager helps lock down user
accounts with access to high-value systems and data
IBM Security QRadar uses out-of-the-box analytics to look for
suspicious probing across the network – by correlating activity at big
data scale
IBM Security AppScan helps reduce the attack surface of enterprise
applications by identifying and prioritizing application vulnerabilities
Break-in 1
Latch-on 2
Expand 3
Gather 4
Exfiltrate 5
![Page 23: Security Solution - IBM Business Connect Qatar Defend your company against cyber threats with security solutions](https://reader033.fdocuments.in/reader033/viewer/2022051311/5415f1028d7f72a26c8b462f/html5/thumbnails/23.jpg)
Stage 4: Gather
Your Challenge
Once the attacker has compromised your users & gained access to
sensitive data repositories, they explore what is available and begin
copying target data
How IBM Can Help
IBM InfoSphere Guardium continuously monitors databases and data
warehouses to identify suspicious access and protect sensitive data
IBM Security Network IPS helps block malicious behavior within (and
beyond) the network
IBM Security Privileged Identity Manager helps enforce access
policies
Break-in 1
Latch-on 2
Expand 3
Gather 4
Exfiltrate 5
![Page 24: Security Solution - IBM Business Connect Qatar Defend your company against cyber threats with security solutions](https://reader033.fdocuments.in/reader033/viewer/2022051311/5415f1028d7f72a26c8b462f/html5/thumbnails/24.jpg)
Stage 5: Exfiltrate
Your Challenge
There are nearly unlimited ways to get acquired data off your network
How IBM Can Help
IBM X-Force Threat Intelligence identifies malicious sites, to help
block communications
IBM Security QRadar uses X-Force data to detect traffic to suspect
sites; performs activity baselining to help detect anomalous user
behavior based on type of activity, volume of data transfers, time of
day, location, etc.
IBM Security Network IPS helps stop encrypted traffic associated
with suspicious entities, and sensitive data transmission (eg, credit
card numbers)
Break-in 1
Latch-on 2
Expand 3
Gather 4
Exfiltrate 5
![Page 25: Security Solution - IBM Business Connect Qatar Defend your company against cyber threats with security solutions](https://reader033.fdocuments.in/reader033/viewer/2022051311/5415f1028d7f72a26c8b462f/html5/thumbnails/25.jpg)
Security Is ……..
![Page 26: Security Solution - IBM Business Connect Qatar Defend your company against cyber threats with security solutions](https://reader033.fdocuments.in/reader033/viewer/2022051311/5415f1028d7f72a26c8b462f/html5/thumbnails/26.jpg)