Threats in the digital age –Cyber Security

Martin Borrett, Director of the IBM Institute for Advanced Security, Europe

© 2012 IBM Corporation

IBM’s Definition of Cyber Security

Cyber Security /–n 1. the protection of an organisation and its assets from electronic attack

© 2012 IBM Corporation2

organisation and its assets from electronic attack

to minimise the risk of business disruption.

The planet is getting more instrumented, interconnected, and

intelligent creating new Cyber Security challenges

SmartSupply Chains

SmartCountries

SmartRetail

Smart WaterManagement

SmartWeather

SmartEnergy Grids

© 2012 IBM Corporation3

Smart Oil FieldTechnologies

SmartRegions

SmartHealthcare

Smart TrafficSystems

SmartCities

SmartFood Systems

INSTRUMENTED INTERCONNECTED INTELLIGENT

Threats becoming increasingly sophisticated

Recent Cyber Security Attacks Implications

� Given the sophistication of the

attacks, all 5 phases of APT are

relevant from a defence

perspective and offer opportunities

to detect an attack; the earlier an

APT is detected, the better

� Persistence of APT requires

AuroraStuxnet

© 2012 IBM Corporation4

1. Reconnaissance

2. Initial Infection

3. Lateral Expansion

4. Subversion of Mission Critical Assets, Exfiltration of Very Sensitive Data

5. Clean up

Advanced Persistent Threat (APT)Lifecycle

� Persistence of APT requires

continuous monitoring of critical

assets in order to detect deviations

from normal behaviour

� Fine-grained, multi-tier containment

(“defence in depth”) is key; network

boundaries as well as critical

assets within the network have to

be protected

By managing security for customers across the world, IBM has a clear and current picture of threats and attacks

9 Security Research Centres

9 Security Operations

Centres

11 Security Solution Development

Centres++ ++133

Monitored Countries

3 Branches of the Institute for

Advanced Security (“IAS”)

IAS Americas

IAS Europe

© 2012 IBM Corporation5

IBM has the unmatched global and local expertise to deliver complete solutions – and manage the cost and complexity of security

�20,000 devices under contract

�4,000 MSS clients worldwide

�13 billion events managed per day IASAsia Pacific

IBM X-Force

Gathers evidence of threats that affect Internet security to help customers and the public understand the changing nature of the threat landscape and what might be done to mitigate it

� New Attack Activity

– Rise in Shell Command Injection attacks

– Rise in phishing based malware distribution and click fraud

© 2012 IBM Corporation6

– Rise in phishing based malware distribution and click fraud

� Progress in Internet Security

– Fewer exploit releases and web application vulnerabilities

– Better patching

� The Challenge of Mobile and the Cloud

– Mobile exploit disclosures up

– Cloud requires new thinking

– Social Networking no longer fringe pastime

Source: IBM Full Year X-Force 2011 Trend and Risk Report

Use the IBM Cyber Security Lifecycle to detect and respond at a

faster pace than attackers LayersRisk

• Balance threat and response

Service management

• ProcessTechnology

• Security, network, systems

�Understand and baseline the IT and security landscape

© 2012 IBM Corporation7

Maturity

Threat Tempo

Response Tempo

IBM Success Stories

© 2012 IBM Corporation88

IBM Security: Delivering intelligence, integration and expertise across a comprehensive framework

� Only vendor in the market with end-to-end coverage of the security foundation

� 6K+ security engineers and consultants

© 2012 IBM Corporation9

Intelligence ● Integration ● Expertise

� Award-winning X-Force® research

� Largest vulnerability database in the industry

IBM Institute for Advanced Securityhttp://www.instituteforadvancedsecurity.com/

© 2012 IBM Corporation