SlideShare a Scribd company logo

Presentation defend your company against cyber threats with security solutions

X
xKinAnx

Download & Share Technology Presentations http://ouo.io/XKLUj Student Guide & Best http://ouo.io/8u1RP

1 of 26
Presentation defend your company against cyber threats with security solutions
Defend Your Company Against Cyber Threats with Security Solutions Ragy Magdy Business Unit Executive Security Systems – ME ragym@ae.ibm.com
• Started my career in Security in 2003 by Joining ISS • 2005 was named the ISS Regional Manager for the Middle East • 2006 ISS was acquired by IBM • Led the Security Team in GTS for the Middle East • 2009 was tasked to build IBM Security Practice for the MEA region • 2012, moved to SWG to lead the new Security Systems Division •  Full Portfolio on Linkedin
Presentation defend your company against cyber threats with security solutions
January 2, 2013 Nightly News | April 04, 2013 Cyber attacks … A ‘major assault’ on financial industry …..An ongoing series of attacks on the financial industry has resulted in 15 of the largest U.S. banks being offline for a total of 249 hours in the last six weeks.
Presentation defend your company against cyber threats with security solutions
Presentation defend your company against cyber threats with security solutions
Presentation defend your company against cyber threats with security solutions
Presentation defend your company against cyber threats with security solutions
Presentation defend your company against cyber threats with security solutions
Database Breach….
��
Presentation defend your company against cyber threats with security solutions
2,641,350 The Average Company Faces Per Week Security Attacks 1. Health & Social Services 2. Transportation 3. Hospitality 4. Finance & Insurance 5. Manufacturing 6. Real Estate 7. Mining, Oil & Gas Top 7 Most ATTACKED Industries 62Security Incidents The Average Company Experiences Per Week 1. End user didn’t think before clicking 2. Weak password / default password in use 3. Insecure configuration 4. Use of legacy hardware or software 5. Lack of basic network security protection or segmentation Top 5 reasons WHY attacks were possible Did you know... Malicious Code Sustained Probe or Scan Unauthorized Access Low-and-Slow Attack Access/Credentials Abuse Denial of Service What IBM Sees Categories of Attack
2011 : Was called the Year of Breach… 2012 Sampling of Security Incidents by Attack Type, Time and Impact Conjecture of relative breach impact is based on publicly disclosed information regarding leaked records and financial losses
Presentation defend your company against cyber threats with security solutions
2,641,350 The Average Company Faces Per Week Security Attacks 1. Health & Social Services 2. Transportation 3. Hospitality 4. Finance & Insurance 5. Manufacturing 6. Real Estate 7. Mining, Oil & Gas Top 7 Most ATTACKED Industries 62Security Incidents The Average Company Experiences Per Week 1. End user didn’t think before clicking 2. Weak password / default password in use 3. Insecure configuration 4. Use of legacy hardware or software 5. Lack of basic network security protection or segmentation Top 5 reasons WHY attacks were possible Did you know... Malicious Code Sustained Probe or Scan Unauthorized Access Low-and-Slow Attack Access/Credentials Abuse Denial of Service What IBM Sees Categories of Attack
Attackers follow a 5-Stage attack chain 1 Break-in Spear phishing and remote exploits to gain access Command & Control (CnC) 2 Latch-on Malware and backdoors installed to establish a foothold 3 Expand Reconnaissance and lateral movement to increase access and maintain a presence 4 Gather Acquisition and aggregation of confidential data Command & Control (CnC) 5 Exfiltrate Data exfiltration to external networks
IBM Security Systems: The industry’s most comprehensive Smart Security portfolio Security Consulting Managed Services X-Force and IBM Research IBM Security Portfolio People Data Applications Infrastructure IT Infrastructure – Operational Security Domains IT Security and Compliance Analytics & Reporting QRadar SIEM QRadar Log Manager QRadar Risk Manager IBM Privacy, Audit and Compliance Assessment Services Identity & Access Management Suite Federated Identity Manager Enterprise Single Sign-On Identity Assessment, Deployment and Hosting Services Guardium Database Security Optim Data Masking Key Lifecycle Manager Data Security Assessment Service Encryption and DLP Deployment AppScan Source Edition AppScan Standard Edition Security Policy Manager Application Assessment Service AppScan OnDemand Software as a Service Network Intrusion Prevention DataPower Security Gateway QRadar Anomaly Detection / QFlow Managed Firewall, Unified Threat and Intrusion Prevention Services Endpoint Manager (BigFix) zSecure, Server and Virtualization Security Penetration Testing Services Native Server Security (RACF, IBM Systems) Network Endpoint Intgerating Security with BUSINESS Analytics IBM OpenPages Algorithmics (recent acquisition) i2 Corporation (recent acquisition)
Stage 1: Break-in Your Challenge  Employees are always vulnerable to well-executed phishing attempts  Even patched machines can be compromised by “zero-day attacks” that leverage previously unknown vulnerabilities  Antivirus has proven to be largely ineffective against zero-day malware How IBM Can Help  IBM Security Network IPS and IBM Security Network Protection help block zero-day exploits using advanced behavioral analysis, and block phishing and malware sites using a database of 13 billion URLs  IBM Endpoint Manager helps limit attack surface by auditing and enforcing compliance with patch and configuration policies Break-in1 Latch-on2 Expand3 Gather4 Exfiltrate5
Stage 2: Latch-on Your Challenge  Once the attacker has breached your perimeter, they need to establish a communication channel back to “home” and create redundant ways to access your network How IBM Can Help  IBM Security QRadar continuously monitors the network and helps identify anomalous activity in terms of location, applications accessed, and more; logs network activity for future forensic investigations, to help determine extent of breach  IBM Security Network IPS uses advanced behavioral analysis to detect subtle communications with malicious destinations Break-in1 Latch-on2 Expand3 Gather4 Exfiltrate5
Stage 3: Expand Your Challenge  APTs usually don’t infect the host containing target data; thus the attacker needs to find the target data and gain access to it  They will perform reconnaissance to understand the network and identify high-value assets How IBM Can Help  IBM Security Privileged Identity Manager helps lock down user accounts with access to high-value systems and data  IBM Security QRadar uses out-of-the-box analytics to look for suspicious probing across the network – by correlating activity at big data scale  IBM Security AppScan helps reduce the attack surface of enterprise applications by identifying and prioritizing application vulnerabilities Break-in1 Latch-on2 Expand3 Gather4 Exfiltrate5
Stage 4: Gather Your Challenge  Once the attacker has compromised your users & gained access to sensitive data repositories, they explore what is available and begin copying target data How IBM Can Help  IBM InfoSphere Guardium continuously monitors databases and data warehouses to identify suspicious access and protect sensitive data  IBM Security Network IPS helps block malicious behavior within (and beyond) the network  IBM Security Privileged Identity Manager helps enforce access policies Break-in1 Latch-on2 Expand3 Gather4 Exfiltrate5
Stage 5: Exfiltrate Your Challenge  There are nearly unlimited ways to get acquired data off your network How IBM Can Help  IBM X-Force Threat Intelligence identifies malicious sites, to help block communications  IBM Security QRadar uses X-Force data to detect traffic to suspect sites; performs activity baselining to help detect anomalous user behavior based on type of activity, volume of data transfers, time of day, location, etc.  IBM Security Network IPS helps stop encrypted traffic associated with suspicious entities, and sensitive data transmission (eg, credit card numbers) Break-in1 Latch-on2 Expand3 Gather4 Exfiltrate5
Security Is ……..
Presentation defend your company against cyber threats with security solutions

More Related Content

Presentation defend your company against cyber threats with security solutions

  • 2. Defend Your Company Against Cyber Threats with Security Solutions Ragy Magdy Business Unit Executive Security Systems – ME ragym@ae.ibm.com
  • 3. • Started my career in Security in 2003 by Joining ISS • 2005 was named the ISS Regional Manager for the Middle East • 2006 ISS was acquired by IBM • Led the Security Team in GTS for the Middle East • 2009 was tasked to build IBM Security Practice for the MEA region • 2012, moved to SWG to lead the new Security Systems Division •  Full Portfolio on Linkedin
  • 5. January 2, 2013 Nightly News | April 04, 2013 Cyber attacks … A ‘major assault’ on financial industry …..An ongoing series of attacks on the financial industry has resulted in 15 of the largest U.S. banks being offline for a total of 249 hours in the last six weeks.
  • 12.
  • 14. 2,641,350 The Average Company Faces Per Week Security Attacks 1. Health & Social Services 2. Transportation 3. Hospitality 4. Finance & Insurance 5. Manufacturing 6. Real Estate 7. Mining, Oil & Gas Top 7 Most ATTACKED Industries 62Security Incidents The Average Company Experiences Per Week 1. End user didn’t think before clicking 2. Weak password / default password in use 3. Insecure configuration 4. Use of legacy hardware or software 5. Lack of basic network security protection or segmentation Top 5 reasons WHY attacks were possible Did you know... Malicious Code Sustained Probe or Scan Unauthorized Access Low-and-Slow Attack Access/Credentials Abuse Denial of Service What IBM Sees Categories of Attack
  • 15. 2011 : Was called the Year of Breach… 2012 Sampling of Security Incidents by Attack Type, Time and Impact Conjecture of relative breach impact is based on publicly disclosed information regarding leaked records and financial losses
  • 17. 2,641,350 The Average Company Faces Per Week Security Attacks 1. Health & Social Services 2. Transportation 3. Hospitality 4. Finance & Insurance 5. Manufacturing 6. Real Estate 7. Mining, Oil & Gas Top 7 Most ATTACKED Industries 62Security Incidents The Average Company Experiences Per Week 1. End user didn’t think before clicking 2. Weak password / default password in use 3. Insecure configuration 4. Use of legacy hardware or software 5. Lack of basic network security protection or segmentation Top 5 reasons WHY attacks were possible Did you know... Malicious Code Sustained Probe or Scan Unauthorized Access Low-and-Slow Attack Access/Credentials Abuse Denial of Service What IBM Sees Categories of Attack
  • 18. Attackers follow a 5-Stage attack chain 1 Break-in Spear phishing and remote exploits to gain access Command & Control (CnC) 2 Latch-on Malware and backdoors installed to establish a foothold 3 Expand Reconnaissance and lateral movement to increase access and maintain a presence 4 Gather Acquisition and aggregation of confidential data Command & Control (CnC) 5 Exfiltrate Data exfiltration to external networks
  • 19. IBM Security Systems: The industry’s most comprehensive Smart Security portfolio Security Consulting Managed Services X-Force and IBM Research IBM Security Portfolio People Data Applications Infrastructure IT Infrastructure – Operational Security Domains IT Security and Compliance Analytics & Reporting QRadar SIEM QRadar Log Manager QRadar Risk Manager IBM Privacy, Audit and Compliance Assessment Services Identity & Access Management Suite Federated Identity Manager Enterprise Single Sign-On Identity Assessment, Deployment and Hosting Services Guardium Database Security Optim Data Masking Key Lifecycle Manager Data Security Assessment Service Encryption and DLP Deployment AppScan Source Edition AppScan Standard Edition Security Policy Manager Application Assessment Service AppScan OnDemand Software as a Service Network Intrusion Prevention DataPower Security Gateway QRadar Anomaly Detection / QFlow Managed Firewall, Unified Threat and Intrusion Prevention Services Endpoint Manager (BigFix) zSecure, Server and Virtualization Security Penetration Testing Services Native Server Security (RACF, IBM Systems) Network Endpoint Intgerating Security with BUSINESS Analytics IBM OpenPages Algorithmics (recent acquisition) i2 Corporation (recent acquisition)
  • 20. Stage 1: Break-in Your Challenge  Employees are always vulnerable to well-executed phishing attempts  Even patched machines can be compromised by “zero-day attacks” that leverage previously unknown vulnerabilities  Antivirus has proven to be largely ineffective against zero-day malware How IBM Can Help  IBM Security Network IPS and IBM Security Network Protection help block zero-day exploits using advanced behavioral analysis, and block phishing and malware sites using a database of 13 billion URLs  IBM Endpoint Manager helps limit attack surface by auditing and enforcing compliance with patch and configuration policies Break-in1 Latch-on2 Expand3 Gather4 Exfiltrate5
  • 21. Stage 2: Latch-on Your Challenge  Once the attacker has breached your perimeter, they need to establish a communication channel back to “home” and create redundant ways to access your network How IBM Can Help  IBM Security QRadar continuously monitors the network and helps identify anomalous activity in terms of location, applications accessed, and more; logs network activity for future forensic investigations, to help determine extent of breach  IBM Security Network IPS uses advanced behavioral analysis to detect subtle communications with malicious destinations Break-in1 Latch-on2 Expand3 Gather4 Exfiltrate5
  • 22. Stage 3: Expand Your Challenge  APTs usually don’t infect the host containing target data; thus the attacker needs to find the target data and gain access to it  They will perform reconnaissance to understand the network and identify high-value assets How IBM Can Help  IBM Security Privileged Identity Manager helps lock down user accounts with access to high-value systems and data  IBM Security QRadar uses out-of-the-box analytics to look for suspicious probing across the network – by correlating activity at big data scale  IBM Security AppScan helps reduce the attack surface of enterprise applications by identifying and prioritizing application vulnerabilities Break-in1 Latch-on2 Expand3 Gather4 Exfiltrate5
  • 23. Stage 4: Gather Your Challenge  Once the attacker has compromised your users & gained access to sensitive data repositories, they explore what is available and begin copying target data How IBM Can Help  IBM InfoSphere Guardium continuously monitors databases and data warehouses to identify suspicious access and protect sensitive data  IBM Security Network IPS helps block malicious behavior within (and beyond) the network  IBM Security Privileged Identity Manager helps enforce access policies Break-in1 Latch-on2 Expand3 Gather4 Exfiltrate5
  • 24. Stage 5: Exfiltrate Your Challenge  There are nearly unlimited ways to get acquired data off your network How IBM Can Help  IBM X-Force Threat Intelligence identifies malicious sites, to help block communications  IBM Security QRadar uses X-Force data to detect traffic to suspect sites; performs activity baselining to help detect anomalous user behavior based on type of activity, volume of data transfers, time of day, location, etc.  IBM Security Network IPS helps stop encrypted traffic associated with suspicious entities, and sensitive data transmission (eg, credit card numbers) Break-in1 Latch-on2 Expand3 Gather4 Exfiltrate5