Cloud & Service Management blog
Rebecca Swindell 270003U1MK REBECCA.SWINDELL@UK.IBM.COM Tags:  infosec ibm pulse xforce robert_freeman 2,116 Visits
Rebecca Swindell 270003U1MK REBECCA.SWINDELL@UK.IBM.COM Tags:  xforce infosecurity q1_labs mobile_device_management robert_freeman siem 1,757 Visits
It was great to be back at Infosec, with a very colourful IBM booth, that clearly stands out from the crowd! We had four sessions during the day, and below are the key points that I thought were raised.
Our first session was given by Robert Freeman, Manager of X-Force Advance Research Strategy, on The Advanced Persistent Threat in 2012, who opened by talking to the audience about the role of the X-Force team at IBM. He spoke about how 2011 was the year of the security breach, and went into some specific, well known examples that made it into the news during the year. Robert then talked to the audience about who is actually attacking our networks - attacker types and techniques based on the X-Force research, be it off the shelf versus sophisticated attacks, broad versus targeted, financially motivated, state sponsored, or all out cyber war!
The next IBM session was given by Steve Durkin, who joins IBM from our recent acquisition of Q1 labs, whose session was titled “providing your business, total security intelligence”. Steve Durkin opened the session by talking about Security and Information Event Management or SIEM for short! He wanted the audience to understand that SIEM leads to actionable and comprehensive insight into their security infrastructure. He also took the audience through the industry examples of attacks on businesses we have all seen in the press during the last few years. Steve spoke about the four domains or pillars that IBM see as forming a comprehensive IT Security – People, Data, Applications and Infrastructure - if you have got all four areas covered you've cracked it. He then explained that Q1 labs products should been seen as the glue that hold all of these together. Steven urged that internal threats are just as dangerous as external ones. He wanted the audience to ask themselves if they have taken the best steps to protect against these.
Vijay Dheap was next up for IBM, who talked to the audience about Securing Mobile Devices in the Enterprise. He gave some very interesting stats, such as in 2011 sales of smart phones surpassed that of PCs, soon they will dwarf the sales of PC, by 2015 40% of Enterprise devices will be mobile devices – (an IBM projection) and 50% of all apps send device information or personal details. Social norms are now different - mobile devices used in way more locations, mobile devices shared more often, and user experience is prioritised. He continued by talking about how apps now push the boundaries of collaborations, but unfortunately leave you open to attacks. He urged the audience to have visibility to what mobile devices are connected to their corporate network and be reactive, be responsive, and be transparent.
Our final session of the day was given by Simon Smith who presented on Infrastructure Protection - Towards an Optimised Security Position. He talked about how IBM is keen to usher in new era of security intelligence. He then took the audience through what he saw where the different stages companies are at when it comes to IT Security, asking the audience to share where they thought they were in the journey. He first discussed what “basic” security looks like: point solutions, stand alone products & deployments, different solutions for every problem block and prevent attacks, and analysis is mostly manual & reactive.
This is combined with correlation and analytics, alerts based on predefined rules and information, auto analysis and assessment reports and alerts. Simon closed by saying there are no absolutes, no scoring systems, you should look at where we are and your aspirations.
Simon mentioned that there will be new product announcements tomorrow morning, so be sure to follow me @RSwindell and @IBMSecurity to find out what they are! #
If you would like copies of any of the presentations, please email be at email@example.com.
Come back tomorrow evening for my thoughts from day 2 of Infosecurity 2012!
Rebecca Swindell 270003U1MK REBECCA.SWINDELL@UK.IBM.COM Tags:  pulse john_paul_ballerini gpj tweetwally xforce vijay_dheap touchscope marc_van_zadlehoff infosecurity pcty 4,358 Visits
It’s now just one week until the biggest security event of the year – Infosec!! Once again IBM will be attending, this year we will be giving NINE speaking sessions.
Our Key Note Session -
Presentation Title: 2011 was the year of the
Security Breach...what are the security & risk trends for 2012?
Workshops over the three days:
Workshop Title: The Advanced Persistent Threat in 2012
Speaker - Robert Freeman, Manager, X-Force Advanced Research Strategy, IBM
Synopsis - In years past, there was a common misperception that Advanced Persistent Threat (APT) was just a problem for governments and government contractors. In 2011, there were many high-profile security breaches that were influential in affecting this misperception. Organizations of different sizes and focus areas face the threat of operationally sophisticated, targeted attacks to their computer networks. These attacks are amongst the greatest challenges facing network security professionals and researchers alike. To meet this challenge, IBM X-Force thinks it is important to consider new perspective and approaches to network hardening, breach detection and incident response. One needs to think beyond thinking like an attacker and see it as the game that it is. We have been on the forefront of understanding these threats and this talk will provide updated information from IBM X-Force on this threat and the mindset required to meet the APT challenge.
Workshop Title: Providing Your Business, Total Security Intelligence
Speaker: Steve Durkin, EMEA Channels Director at Q1 Labs, an IBM Company
Synopsis: As the world becoming more digitised and interconnected, more doors are being opened to emerging threats and leaks. Security is needed to be made a top concern, from the boardroom down. A report published by Verizon on Business Data Breaches in 2011, found that 48% of total data breaches were caused by insiders and 48% of breaches involved a misuse of an insider’s privileges. All organisations, no matter the size or industry, need to put security first, allowing for the analysis of people, data, applications and infrastructure to be carried out easily and intelligently and providing instant information and visibility into business risks.
Workshop Title: Securing Mobile Devices in the Enterprise
Speaker: Vijay Dheap, Security Systems Product Manager - IBM Mobile Security Solutions
Synopsis: Enterprises want to fully capitalise on the business value of mobility but still have significant concerns about the security implications. To address these challenges, mobile security needs to be viewed and understood holistically from securing the device and the data on the device to secure access to enterprise systems and application security. In this session we will highlight the spectrum of requirements that Mobile Security covers, describe how some organisations have gotten started and introduce the concept of mobile security intelligence. Given the innate dynamic nature of mobility, an intelligent, adaptable mobile security solution is required to provide an enterprise with the necessary visibility, and control in managing threats and risks without degrading user experience.
Workshop Title - Infrastructure Protection - Towards an Optimised Security Position
Speaker - Simon Smith, CISSP - Client Technical Professional, IBM Security Systems
Synopsis - As the nature of the threat to business
changes it is important that companies review their position with regard to
security and particularly how mature their detection and prevention
capabilities are. This session looks at
some of the technology that can be used for Infrastructure protection and how
this might be integrated with other systems and data sources to provide a more
optimised solution. We will discuss the
way that a company can move from a basic security position, through proficient
and finally to optimised, giving the capability to be pre-emptive with
protection and use Security Intelligence and Analytics to provide better
protection and thus stay ahead of the threat.
Workshop Title: Application Security Hacking 101
Speaker: John Smith - IBM Application Security Specialist
Synopsis: Despite a decreased share of the vulnerability disclosures in 2011 (X-Force
Trends and Risks report, 2011) Web Application vulnerabilities still represent the single largest category of issues. This session will examine some of the common types of attacks and show how they work and how to defend against them.
Workshop Title: Integrated, Intelligent Security Analytics for the Enterprise
Speaker(s): Rob Ford - Architect - IBM Security Services, Global OM&D
Jef Gielkens - Managed Security Services Executive, Europe IBM Security Services
Synopsis: In a hyper-connected era can we ever achieve strong security? The answer is yes, but it requires some fundamental changes on how information and events are aggregated from the enterprise. The very strengths of these interconnected networks — their speed and openness, the easy access anywhere on the globe — also create a myriad of vulnerabilities. This session focuses on how you can enhance the levels of security intelligence and visibility provided by your existing security infrastructure, by leveraging the benefits of Security focused Cloud Based Data Analytics and protection technologies, in an efficient manner.
We will also have a smoothie bar on the stand (F40), so if you are attending, why not come along to the stand at grab a FREE refreshing fruit drink! You will also get the chance to talk one on one with our many experts – perhaps getting a demo of our latest products/solutions, use our Touchscope technology to browse key IBM Security pieces of collateral, or check out our Tweetwally, which will show all the twitter conversations during the day.
To join in our Twitter activity on the day – please use #infosec12 with #IBM. You can follow me @RSwindell, or our main security account @IBMSecurity.
Several of our security experts are on Twitter – John Paul Ballerini - @jpballerini, Bharat Bhusan - @_bharat_, Tom Mellow - @vintage1951, Glenn Ambler - @gambler2073, Marc Van Zadelhoff - @mvzadel and Nick Coleman - @teamsecurity. Darren Argyle - @D_Argyle
One of the experts – Vijay Dheap (@dheap) - recently shared his views with me, on what he saw the main topics of conversation at the event being. With many organisations needing to for address the speed of mobile adoption in the workplace, what their options are and how to get started. He added that the most mature organizations have one or more solutions deployed and trying to be more proactive in designing their security posture – of course all of which our IBM experts at the event would be able to help with.
Vijay also has a blog that I am sure you would find interesting - http://ow.ly/aj7Z9
If you are not attending the event, but keen to speak to IBM about their sessions, then please visit –email me at firstname.lastname@example.org and I will be happy to send the decks to you, and put you in touch with one of our experts!
We also have Pulse Comes To You on 30th May at The Grange, Tower Hill – where our customers & prospects can learn more about the entire Security Systems and Tivoli division. Registration is now open at - http://ow.ly/aiP1C