Don’t Risk IT: Managing & Mitigating Risk in Your BusinessMelinda Fieldus

Agenda

• Risk Landscape today• Risk Landscape today

• Risks Scenarios (Whispir)

• Key Success Factors for Managing Risk

• How IBM can help (and why IBM)

Evolving towards a Smarter Planet

162 millionAlmost 162 million smart phones were sold in 2008, surpassing laptop sales for the first time.

90%Nearly 90% of innovation in automobiles is related to software and electronics systems.

1 trillionSoon, there will be 1 trillion connected devices in the world, constituting an “internet of things.”

Evolving towards a Smarter Planet

“We have seen more change in the last 10

years than in the previous 90.”

Ad J. Scheepbouwer,

CEO, KPN Telecom

New possibilities.New complexities.

New risks.......

Information Explosion Emerging Technologies Privacy Risks Complex Regulatory Landscape

Not all Risks are Created Equal

Frequency ofoccurrences

per yearViruses

Data corruption

Data driven

Fre

qu

en

t

Worms

Disk failures

System availability failuresApplication outages

Data corruption

Network problems

Event driven

Business driven

Regulatory compliance

Failure to meet industry

standards

Governance

Data growth

Long term preservation

New products

Audits

Infr

equ

ent

Pandemics

Natural disasters

Building fires

Terrorism/civil unrest

Regulatory compliance

Workplace inaccessibility

Regional power failuresMergers and

acquisitions

Marketing campaigns

Consequences (single occurrence loss) in dollars per occurrenceLow High

Source: IBM

Threats and disruptions can vary greatly in business impact…

• In some industries, downtime costs can equal up to 16 percent of revenue1

• For 32 percent of organizations, just four hours of downtime could be severely damaging2

• Online security attacks are accelerating, causing downtime and loss of revenue

• Data is growing at explosive rates

• Security and resiliency are a top area of concern and spend for all size companies

• Some industries are enforcing fines for downtime and inability to meet regulatory compliance

• $6.6M3 = Estimated cost of a data security breach• $6.6M3 = Estimated cost of a data security breach

1. Infonetics Research, The Costs of Enterprise Downtime: North American Vertical Markets 2005, Rob Dearborn and others, January 2005.

2. Continuity Central, “Business Continuity Unwrapped,” 2006, http://www.continuitycentral.com/feature0358.htm

3. 2008 Annual Ponemon Institute Annual Survey

Ignoring risk management is not an option

“I need to manage complexity of compliance across my organization and silos -- and be

audit-ready all the time.”audit-ready all the time.”

“Lack of resources, expertise and tools to cost

effectively manage multi-vendor

environments”

“I need to protect against threats – even the ones I’m not

prepared for.”

“I need to provide access to and

recoverability of data at any time.”

How do you…?

• Increase compliance regulations without increasing expenses• Block potential incoming threats without inhibiting traffic flow and uptime

environments”

• Block potential incoming threats without inhibiting traffic flow and uptime• Prepare for the unexpected data breach or disaster

The key success factors for managing risk

• Manage risk• Manage risk• Lower total cost of ownership• Demonstrate compliance

• Effectively manage compliance• Ensure privacy and recoverability of data • Protect sensitive and mission critical applications

Reduce cost of security

& resiliency

Protect data & manage

compliance

• Secure data center access and administration• Provide threat and application security• Maintain ‘audit-ready’ status

Secure your data

center

Reducing Costs while Ensuring Strong Security and Resilience Increases Profitability

• Ensure the uninterrupted flow of information

throughout an enterprise

• Preempt risks– while still supporting business goals – and addressing various regulatory, organizational and industry-based compliance organizational and industry-based compliance drivers

• Optimize employee productivity, workplace continuity, and business agility

• Provide efficiencies in on-going compliance maintenancemaintenance

Fuel Innovation by Protecting Critical Data whileMeeting Regulatory Compliance Mandates

�Prevent unauthorized deletion or modification of company data

�Reduce risks related to non compliance to regulatory requirements

�Protect sensitive business processes and mission critical applications and information

�Leverage new technologies and innovations to achieve business goals

Secure the Datacentre from Threats to Ensure Productivity, Profitability and Reputation Management

�Control and monitor internal and external user access and modification to sensitive information, applications and infrastructure

�Gain visibility of organization security posture across heterogeneous datacenter assets

�Achieve comprehensive and proactive security control for protection across the threat landscape

�Avoid costs of downtime associated with protecting your data center from outages; simplify the recovery of data across the enterprisethe recovery of data across the enterprise

Why IBM?IBM has a unique perspective on Managing Risk

400,000 employees across 130 countries with private data to

protect

Helping customers build smarter cities, smarter grids,

rail systems, new data centers, trusted passport systems and more

A leading provider of security and business resiliency

solutions across a vast array of industries and services

segments

A leading provider of software, hardware, and service solutions

around the world

Trusted Advisor Security Company Solution Provider The Company

segments

A smarter business needs smarter systems.

Reduce the cost of security and resiliency.

Protect data and manage compliance.

Secure your data center.

IBM can help you manage risk.

Textit Live Polling

Q: Is addressing RISK a key focus in your current IT Strategy?

Y / N