Professional Documents
Culture Documents
21%
Finance and 22%
Insurance 23%
Ransomware share of attacks
Professional and 13% 2021
Business Service 9% 2020
41%
Attacks exploited phishing for initial access 23%
Manufacturing
18%
$4.35M
Average cost of a data breach (up 13% in 2 years)
Linux threats on the rise
2,204% 146%
year-over-year increase in Linux ransomware
Increase in reconnaissance against Operational Technology (OT) devices innovation across cloud environments
IBM Security / © 2022 IBM Corporation Sources: 2022 IBM X-Force Threat Intelligence Report; 2022 IBM Security Cost of a Data Breach Report 2
INCOMPLETE
Industries ranked by cost
USD millions
USD 4.90 Business email compromise, USD 4.89 Phishing, USD 4.91
USD 4.70
USD 4.30
USD 3.50
0% 5% 10% 15% 20% 25%
Ransomware
Ransomware attack 237 89 326
attack
Destructive
Destructive attack
attack 233 91 324
Gl obal
Global avg.
average 207 70 277
Measured in days
- 50 100 150 200 250 300 350
IBM Security / © 2022 IBM Corporation Mean time to identify Mean time to contain 5
IBM Security at a glance
an IBM Company
Discover and Encrypt and Monitor activity Help automate Detect threats
classify data protect data across clouds compliance and respond
Automate discovery Safeguard privacy and Protect cloud-native Generate reports and Identify and respond
and classification of on confidentiality of data data sources, including automate notification on to compliance and data
premises and cloud at rest, in motion, and Azure Event Hubs, AWS long-term data activity security risks, across
data and uncover in use with encryption Kinesis, Snowflake, SAP, within seconds, across environments and
critical vulnerabilities and access controls MongoDB, etc. the audit lifecycle teams, from one place
“Guardium is a huge product for us... prior to using it, there was a lot of mystery around
what was happening with our data. What we’ve gained is a view into where our data’s
going and what it’s being used for.”
IBM Security / © 2022 IBM Corporation - Largest Commercial Auto Insurer in US 10
Guardium Insights: Centralize protection of sensitive data
Save time and reduce risk with a data security hub designed for cloud
Reduce audit prep time Decrease breaches Save up to
Key capabilities
• Centralizes data security visibility
across multicloud environments
Malicious websites
target unprotected
end-users Internet
Browsing
IBM Security / © 2022 IBM Corporation 1
OpenVPN,
Source: Remote
OpenVPN, Work
Remote Is the
Work Future
Is the — But
Future Is Your
— But Organization
Is Your Ready
Organization for for
Ready It? It?
March 28,28,
March 2021
2021 13
Secure remote workers and consumers
IBM offers end-to-end Zero Trust protection
IBM Security
Verify SaaS
Continuous Access Control
Outdated detection
Poor visibility
Attackers bypass defenses
Attackers take advantage of
due to noisy, outdated,
blind spots to remain hidden
and ineffective detection
while advancing their attack
mechanisms
Pre-Exploit Post-Exploit
SIEM/UBA
SOC
TRIAD
NDR EDR
Powered by
Open Security
IBM Security / © 2022 IBM Corporation Standards: 20
Learn from the experts
Hacker-driven offense. Research-driven defense. Threat-driven protection.
X-Force Red X-Force Incident Response X-Force Threat Intelligence IBM Security Cyber Range
– Penetration testing – Incident response – Threat intelligence insights, – Simulated breach
preparedness services sharing platform experiences
– Vulnerability management
– 24x7x365 emergency – Threat program assessments – Crisis and design thinking
– Adversary simulation workshops
incident response support
– Dark web analysis
– Application security
– Threat hunting – Executive briefings
– Malware reverse engineering
1 2 3 4 5
Security program
Ad-hoc Repeatable Defined Managed Optimized Levers to improve effectiveness
priorities
Implement a Zero – Align security priorities
Trust strategy
with key business initiatives
Protect hybrid cloud
environments
– Assess current state and
Manage 3rd Party
Compliance accelerate to desired state
Assure data security
and privacy – Adopt evolving regulatory
Automate detection and security frameworks
and response
IBM Security / © 2022 IBM Corporation 1 ESG: The Life and Times of Cybersecurity Professionals 2021, Volume V 23
Gain full advantage of your
new and existing investments
with customized engagements
We can provide a solid foundation of technology Or let us do it for you with technology expertise
and expertise needed to get you up and running designed to deliver real business outcomes
IBM Security Consulting Services IBM Managed Security Services
– A collaborative and holistic approach to advance your security – Streamline security and risk with continuous 24x7 monitoring,
maturity, and address risk and compliance management, and threat intelligence, backed by global
expertise and integrated technologies powered by AI and
– Help define your roadmap strategy and communicate it effectively
machine learning
– Elevate skills within your organization and augment
IBM Security Expert Labs your team’s security proficiency
– Integrate IBM and ecosystem technology into your existing
infrastructure using Security advisory and managed services
to deliver the outcomes that matter most to your business
Connected Common
Security Data Security Workflows
Common UX
break product silos with act faster with a common UX,
Shared Analytics
open connections to your centralized automation, case
Unified Playbooks
tools and a common data lake management, and playbooks
Global Threat
Intelligence
Shared Security Cloud-native
Context Architecture Red Hat OpenShift
make better decisions using modernize your security
shared business context, asset architecture and run anywhere
data, and threat intelligence – on any public cloud or as SaaS
Strategy, Risk & Compliance Threat Management Zero Trust Cloud Security
Open Platform Unified Data Service | Global Threat Intelligence | Shared Analytics | Risk Service | Centralized Case Management | Common UX | SaaS / On Prem
Ecosystem
Follow us on: © Copyright IBM Corporation 2022. All rights reserved. The information contained in these materials is provided for
informational purposes only, and is provided AS IS without warranty of any kind, express or implied. Any statement of
direction represents IBM’s current intent, is subject to change or withdrawal, and represent only goals and objectives.
IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines
ibm.com/security Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks
or service marks of others.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention,
securityintelligence.com detection and response to improper access from within and outside your enterprise. Improper access can result in
information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems,
including for use in attacks on others. No IT system or product should be considered completely secure and no single
product, service or security measure can be completely effective in preventing improper use or access. IBM systems,
ibm.com/security/community products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve
additional operational procedures, and may require other systems, products or services to be most effective. IBM does
not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the
xforce.ibmcloud.com malicious or illegal conduct of any party.
@ibmsecurity
youtube.com/ibmsecurity