Upload
iqra-khalil
View
166
Download
0
Embed Size (px)
Citation preview
COGNITIVE SECUTIRY
A NEW ERA OF SECURIITY FOR NEW ERA OF COMPUTING
INTRODUCTION For almost a century, we’ve programmed computers to help solve
complex problems. We can now simulate weather, sequence genomes and instantly share data across the world
The same is true for security. For decades, we’ve programmed computers to recognize viruses, malware and exploits. We continuously tune them to become more accurate, but it’s not enough.
Bring your own IT
Social business
Cloud and virtualization
1 billion mobile workers
1 trillion connected
objects
Innovative technology changes everything
You know? you can do this online now.
MarketingServices
Online Gaming
Online Gaming
Online Gaming
Online Gaming
Central Government
Gaming
Gaming
InternetServices
Online Gaming
Online Gaming
OnlineServices
Online Gaming
IT Security
Banking
IT Security
GovernmentConsulting
IT Security
Tele-communicat
ions
Enter-tainment
ConsumerElectronics
AgricultureApparel
Insurance
Consulting
ConsumerElectronics
InternetServices
CentralGovt
CentralGovt
CentralGovt
Attack TypeSQL Injection
URL Tampering
Spear Phishing
3rd Party Software
DDoS
SecureID
Trojan Software
Unknown
Source: IBM X-Force® Research 2011 Trend and Risk Report
Size of circle estimates relative impact of breach in terms of cost to business
Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec
Entertainment
Defense
Defense
Defense
ConsumerElectronics
CentralGovernment
CentralGovernment
CentralGovernment
CentralGovernment
CentralGovernment
CentralGovernment
CentralGovernment
ConsumerElectronics
National Police
National Police
StatePolice
StatePolice
Police
Gaming
FinancialMarket
OnlineServices
Consulting
Defense
HeavyIndustry
Entertainment
2011 Sampling of Security Incidents by Attack Type, Time and Impact
WHAT IS COGNITIVE SECURITY • Cognitive systems are self-learning systems that use data
mining, machine learning, natural language processing and human–computer interaction to mimic the way the human brain works.
FROM COMPLIANT TO COGNITIVE
• Since the age of the first networks and the hackers who soon followed, we’ve evolved security technology to stop attacks.
• To date, there have been two distinct eras of cyber security: perimeter controls and security intelligence. These serve as building blocks as we enter the third era—cognitive security.
HOW IBM CAN HELP
• The cognitive journey is just beginning, but IBM has the intellectual and financial strength to lead this revolution within security.
• IBM’s investment in cognitive technologies spans decades and has seen great progression in the last five years.
• The ability to process natural language, the ability to process voice and images, and the ability to turn unstructured data into tools like knowledge graphs that are easily queriable.
IBM WATSON
• Watson is basically a supercomputer, combining Artificial intelligence and analytical software for optimal performance
• IBM Qradar Advisor with Watson combines the cognitive capabilities of Watson
IBM QRADAR SECURITY INTELLIGENCE PLATFORM
• Turn-key log management and reporting• SME to Enterprise• Upgradeable to enterprise SIEM
• Log, flow, vulnerability & identity correlation• Sophisticated asset profiling• Offense management and workflow
• Network security configuration monitoring• Vulnerability prioritization• Predictive threat modeling & simulation
SIEM
Log Management
Configuration & Vulnerability Management
Network Activity & Anomaly Detection
Network and Application
Visibility
• Network analytics• Behavioral anomaly detection• Fully integrated in SIEM
• Layer 7 application monitoring• Content capture for deep insight & forensics• Physical and virtual environments
Fully Integrated Security Intelligence
• Turn-key log management and reporting• SME to Enterprise• Upgradeable to enterprise SIEM
• Log, flow, vulnerability & identity correlation• Sophisticated asset profiling• Offense management and workflow
• Network security configuration monitoring• Vulnerability prioritization• Predictive threat modeling & simulation
SIEM
Log Management
Configuration & Vulnerability Management
Network Activity & Anomaly Detection
Network and Application
Visibility
• Network analytics• Behavioral anomaly detection• Fully integrated in SIEM
• Layer 7 application monitoring• Content capture for deep insight & forensics• Physical and virtual environments
One Console Security
Built on a Single Data Architecture
Fully Integrated Security Intelligence
LINK
http://www-03.ibm.com/software/products/en/qradar-siem http://ibm.autoboxengage.com/security/?
cm_mc_uid=50858139055314932739656&cm_mc_sid_50200000=1493526694&cm_mc_sid_52640000=1493526694
QRADAR VULNERABILITY MANAGER With IBM Security QRadar Vulnerability Manager, IBM introduces a new and distinctly different response to an important need: a truly integrated approach to security management that helps to reduce the total cost of security operations and closes a number of gaps in many existing approaches.
IBM® QRadar® Vulnerability Manager proactively senses and discovers network device and application security vulnerabilities, adds context and supports the prioritization of remediation and mitigation activities.
IBM QRadar Vulnerability Manager helps you develop an optimized plan for addressing security exposures. Unlike stand-alone tools, the solution integrates vulnerability information to help security teams gain the visibility they need to work more efficiently and reduce costs.
Displaying 1 to 40 of 517 items
Displaying 1 to 40 of 311 items
IBM QRADAR RISK MANAGER
THE PROMISE AND CHALLENGES OF
COGNITIVE Many of those surveyed by the IBM Institute for Business Value (IBV) believe that
the benefits of cognitive security solutions will address the gaps they are facing. Even though cognitive security is still an emerging technology area, 57 percent of respondants already believe that cognitive security solutions can significantly slow the efforts of cyber criminals
Potential challenges to the adoption of cognitive security solutions, it is not that security leaders don’t understand the technology conceptually or aren’t convinced of the value or the benefits versus other solutions; the challenges are more about skills, processes and methods.
Forty-five percent of respondents list the top adoption challenges as not being ready from a competency perspective and a lack of internal skills to implement. To address these concerns and ensure successful roll-outs of cognitive solutions, more education and preparation is needed.
BECOME EDUCATED ABOUT COGNITIVE SECURITY
CAPABILITIES
Take a holistic and formal approach to learn about cognitive security solutions. There could be many misconceptions in your organization from a capability, cost and implementation perspective.
Understand the potential use cases for cognitive security solutions—match them to your areas of weakness.
Plan for how you can communicate the benefits of cognitive security solutions to technical and business stakeholders—build an education plan for your team and your executives
Identify and address skills gaps that may hold back adoption of the technology within your own organization
DEMOGRAPHICS AND METHODOLOGY
To better understand what security challenges organizations are facing, how they are addressing these challenges and how they view cognitive security solutions and their potential, the IBM Institute for Business Value (IBV) and Oxford Economics surveyed a balanced distribution of 700 CISOs and other security professionals in 35 countries, representing 18 industries between May and July of 2016.
In order to determine our clusters (the Primed, Prudent and the Pressured) we applied a k-means clustering algorithm that revealed three distinct behavior patterns.
THANK YOU!