Modern security solutions

for today’s business challenges

—
Truong Do
Security Sales Specialist
Evolving threat landscape
Cybercriminals remain adept at successfully Top industries targeted
infiltrating organizations across the globe Percentage of attacks

21%
Finance and 22%
Insurance 23%
Ransomware share of attacks
Professional and 13% 2021
Business Service 9% 2020

41%
Attacks exploited phishing for initial access 23%
Manufacturing
18%

$4.35M
Average cost of a data breach (up 13% in 2 years)
Linux threats on the rise

2,204% 146%
year-over-year increase in Linux ransomware
Increase in reconnaissance against Operational Technology (OT) devices innovation across cloud environments

IBM Security / © 2022 IBM Corporation Sources: 2022 IBM X-Force Threat Intelligence Report; 2022 IBM Security Cost of a Data Breach Report 2
 INCOMPLETE
Industries ranked by cost

10. Education – USD 3.86 million

1.Financial – USD 5.97 million
11. Entertainment – USD 3.83 million
2. Healthcare – USD 5.10 million
12. Communications – USD 3.62 million
3. Pharmaceuticals – USD 5.01 million
13. Transportation – USD 3.59 million
4. Technology – USD 4.97 million
14. Retail – USD 3.28 million
5. Energy – USD 4.72 million
15. Media – USD 3.15 million

6. Services – USD 4.70 million

16. Hospitality – USD 2.94 million

7. Industrial – USD 4.47 million

17. Public sector – USD 2.07 million
8. Research – USD 3.88 million

9. Consumer – USD 3.86 million

IBM Security / © 2022 IBM Corporation 3

Average cost and frequency of data
breaches by initial attack vector

USD millions
USD 4.90 Business email compromise, USD 4.89 Phishing, USD 4.91

USD 4.70

Vulnerability in third-party software, USD 4.55

USD 4.50
Stolen/compromised credentials, USD 4.50

USD 4.30

Malicious insider, USD 4.18

Cloud misconfiguration, USD 4.14
USD 4.10 Social engineering, USD 4.10

Physical security compromise, USD 3.96

USD 3.90
Accidental data loss/lost device, USD 3.94

Other technical misconfiguration or system error, USD 3.82

USD 3.70

USD 3.50
0% 5% 10% 15% 20% 25%

IBM Security / © 2022 IBM Corporation 4

Ransomware and destructive attacks
take longer to contain

Ransomware
Ransomware attack 237 89 326
attack

Destructive
Destructive attack
attack 233 91 324

Gl obal
Global avg.
average 207 70 277

Measured in days
- 50 100 150 200 250 300 350

IBM Security / © 2022 IBM Corporation Mean time to identify Mean time to contain 5
IBM Security at a glance

Global enterprise Hybrid cloud and AI Trusted security advisor

security provider security innovator to thousands of clients
– Recognized leadership in – Threat Management – Security
15 security segments consultancy
– Data Security
– 8,500+ total employees – Managed security
across 130 countries; – Identity and Access services provider
including 1,000
– Fraud Protection – Technology
world-class hackers,
responders, researchers, provider
– Security Strategy,
and analysts with Risk and Compliance
decades of experience
– Cloud Security Services
– 23 security acquisitions
in 23 years

an IBM Company

IBM Security / © 2022 IBM Corporation 6

Top four security challenges
we hear from clients

Protect data Secure remote Predict, prevent, Improve the

across the workers and and respond to effectiveness
hybrid cloud consumers modern threats of security programs
We need to secure We need frictionless We need to eliminate We need help to
critical data as a control over who ransomware and assess, build and run
shared resource has access to critical threats with greater security that supports
across the enterprise apps and data speed and visibility business goals

IBM Security / © 2022 IBM Corporation 7

Let’s create security
that protects your
data anywhere

IBM Security / © 2022 IBM Corporation 8

Protect data across the hybrid cloud
70% of organizations are unable to secure data across
multiple cloud and on-premises environments1
Data is at rest and in-use across
Organizations need help to: on-prem and hybrid clouds

– Assess and optimize current data security strategy

– Find and map structured and unstructured data,
at rest or in motion, on cloud or on-premises Data
privacy
Audit and
compliance
Industry
regulations
Data
retention

– Uncover deviations in policies that suggest risk

– Comply with current and future data regulations
such as GDPR, CCPA, SOX, HIPAA, or others Data Data
protection analytics
– Proactively mitigate issues or violations
to avoid potential breaches Vulnerability
Reporting
management
– Leverage cloud-native security tools to gain
centralized insights Threat detection
and remediation

IBM Security / © 2022 IBM Corporation 1

“Getting started with zero trust security”. IBM Institute for Business Value. August 5th 2021. 9
Protect data across the hybrid cloud
IBM Security Guardium

Discover and Encrypt and Monitor activity Help automate Detect threats
classify data protect data across clouds compliance and respond
Automate discovery Safeguard privacy and Protect cloud-native Generate reports and Identify and respond
and classification of on confidentiality of data data sources, including automate notification on to compliance and data
premises and cloud at rest, in motion, and Azure Event Hubs, AWS long-term data activity security risks, across
data and uncover in use with encryption Kinesis, Snowflake, SAP, within seconds, across environments and
critical vulnerabilities and access controls MongoDB, etc. the audit lifecycle teams, from one place

“Guardium is a huge product for us... prior to using it, there was a lot of mystery around
what was happening with our data. What we’ve gained is a view into where our data’s
going and what it’s being used for.”
IBM Security / © 2022 IBM Corporation - Largest Commercial Auto Insurer in US 10
Guardium Insights: Centralize protection of sensitive data
Save time and reduce risk with a data security hub designed for cloud
Reduce audit prep time Decrease breaches Save up to

75% 40% 1000 Hours

with automated compliance with centralized visibility hours of DBA time with
Source: “The Total Economic Impact™ Of IBM Security Guardium”,
audit and reporting and advanced analytics automated processes Forrester Consulting, October 2020

Key capabilities
• Centralizes data security visibility
across multicloud environments

• Eliminates aggregators and

retains insights for years

• Produces data security and

compliance reports in seconds

• Leverages machine learning to

automatically detect bad behavior
IBM Security / © 2022 IBM Corporation 11
Let’s create security
that trusts nothing
and verifies everything

IBM Security / © 2022 IBM Corporation 12

Secure remote workers and consumers
90% of business leaders believe remote Broad VPN
connectivity exposes
workers are not secure 1
internal networks Private
Applications

End users and their behavior

expands attack-surface Direct access to
cloud bypasses
security controls Public Cloud
(IaaS/PaaS)

Business and Corporate-owned Anywhere

Privileged Users or BYOD Network Data loss via
unapproved cloud
services / shadow IT SaaS Apps
Increased use of unmanaged Access to anywhere
and unsecured devices networks are not secure

Malicious websites
target unprotected
end-users Internet
Browsing
IBM Security / © 2022 IBM Corporation 1
OpenVPN,
Source: Remote
OpenVPN, Work
Remote Is the
Work Future
Is the — But
Future Is Your
— But Organization
Is Your Ready
Organization for for
Ready It? It?
March 28,28,
March 2021
2021 13
Secure remote workers and consumers
IBM offers end-to-end Zero Trust protection

Secure the User

Cloud-based identity management with single IBM Security Verify
sign-on, multifactor authentication (MFA), IBM Security IAM Services
governance, and risk-based adaptive access
that analyzes the user, device, activity, behavior

Secure the Device

Manage and secure mobile workforce and IoT without IBM Security MaaS360
sacrificing user experience – across Apple, Android, Simplifies secure identity
Windows, and other ruggedized operating systems and access for over

Secure the Connection 27 million

Tailored secure access service edge (SASE) solution IBM SASE Services of its own internal and external
to accelerate network security transformation and Powered by IBM Technology Alliances identities using advanced
deliver fast, secure access to business applications authentication like passwordless QR
and FIDO2, with IBM Security Verify

IBM Security / © 2022 IBM Corporation 14

ibm.com/case-studies/ibm-on-ibm-security-verify
IBM Security Verify: Frictionless Identity Protection
Safely connect any identity to any resource with deep context and intelligence

IBM Security
Verify SaaS
Continuous Access Control

Single Sign-On and MFA Lifecycle management

Adaptive access Privileged access

Workforce Identity Consumer Identity
Drive cloud modernization, Passwordless Privacy and consent Deliver on-demand,
technical agility and authentication management personalized, and
user productivity trusted experiences

Hybrid Cloud Resources

Cloud Apps | On-Prem Apps | Mobile Apps | Data
VPNs | Servers | Databases | Mainframes

IBM Security / © 2022 IBM Corporation 15

Let’s create security
that adapts faster than
the threat landscape

IBM Security / © 2022 IBM Corporation 16

Predict, prevent, and respond to modern threats
63% of organizations seek to improve their SOC’s ability to detect and respond1

Outdated detection
Poor visibility
Attackers bypass defenses
Attackers take advantage of
due to noisy, outdated,
blind spots to remain hidden
and ineffective detection
while advancing their attack
mechanisms

Disconnected tools Struggle to keep up

Attackers increasingly “live off Attackers use automation
the land” and use techniques to overwhelm defenders, who
that won’t trigger individual have difficulty evaluating many
security defenses EDR NDR SIEM/UBA SOAR fast-moving parts at once

IBM Security / © 2022 IBM Corporation 1

ESG: The XDR Payoff: Better Security Posture, 2020 17
Proactive threat-driven defense
Vulnerability Exploit Remediation

Pre-Exploit Post-Exploit

Posture and Attack Extended Detection

Surface Management and Response

SIEM/UBA

SOC
TRIAD

NDR EDR

IBM Security / © 2022 IBM Corporation 18

Predict, prevent, and respond to modern threats
IBM Security QRadar XDR: Act at greater scale, faster speed, and higher accuracy

IBM Security Unite for better visibility

QRadar XDR
Streamlined workflows, co-designed with experts for faster
alert triage, threat hunting, investigation and response
Connected XDR Workflows
Automate with intelligence
Automate enrichment, correlation, and threat investigation
Correlate Investigate Respond Automate
using AI and pre-built playbooks, including automated root
Open-source security standards
cause analysis and MITRE ATT&CK mapping

Integrate with existing tools

SIEM / The industry’s largest open XDR ecosystem that integrates
ASM EDR NDR SOAR
UBA EDR, NDR, SIEM/UBA, SOAR and Threat Intelligence,
while leaving data where it is, for a holistic approach

Open for the future

Built on IBM Cloud Pak for Security for deployment on
premises or on cloud, and ready for use by service providers

IBM Security / © 2022 IBM Corporation 19

Connect your tools, automate your SOC,
and free up time for what matters most
IBM Security QRadar XDR

Gain enhanced Respond faster with Act quickly with automated

insights with recommended actions, threat investigations
improved visibility orchestration and automation and accelerated hunting

Powered by
Open Security
IBM Security / © 2022 IBM Corporation Standards: 20
Learn from the experts
Hacker-driven offense. Research-driven defense. Threat-driven protection.
X-Force Red
– Penetration testing
– Vulnerability management
– Adversary simulation
– Application security
IBM Security / © 2022 IBM Corporation
X-Force Incident Response
– Incident response
preparedness services
– 24x7x365 emergency
incident response support
– Threat hunting
X-Force Threat Intelligence
– Threat intelligence insights,
sharing platform
– Threat program assessments
– Dark web analysis
– Malware reverse engineering
IBM Security Cyber Range
– Simulated breach
experiences
– Crisis and design thinking
workshops
– Executive briefings
21
Let’s create security
that achieves your
business goals

IBM Security / © 2022 IBM Corporation 22

Improve the effectiveness of security programs
57% say they are impacted by the global cybersecurity skills shortage 1

1 2 3 4 5
Security program
Ad-hoc Repeatable Defined Managed Optimized Levers to improve effectiveness
priorities
Implement a Zero – Align security priorities
Trust strategy
with key business initiatives
Protect hybrid cloud
environments
– Assess current state and
Manage 3rd Party
Compliance accelerate to desired state
Assure data security
and privacy – Adopt evolving regulatory
Automate detection and security frameworks
and response

Improve overall – Get more out of current spend

security hygiene

Deploy risk-based – Engage experts who will deliver

vulnerability mgmt.

Current Target Industry

Maturity Maturity Benchmark

IBM Security / © 2022 IBM Corporation 1 ESG: The Life and Times of Cybersecurity Professionals 2021, Volume V 23
Gain full advantage of your
new and existing investments
with customized engagements

We can provide a solid foundation of technology
and expertise needed to get you up and running
IBM Security Consulting Services
– A collaborative and holistic approach to advance your security
maturity, and address risk and compliance
– Help define your roadmap strategy and communicate it effectively
IBM Security Expert Labs
– Integrate IBM and ecosystem technology into your existing
infrastructure using Security advisory and managed services
to deliver the outcomes that matter most to your business
Or let us do it for you with technology expertise
designed to deliver real business outcomes
IBM Managed Security Services
– Streamline security and risk with continuous 24x7 monitoring,
management, and threat intelligence, backed by global
expertise and integrated technologies powered by AI and
machine learning
– Elevate skills within your organization and augment
your team’s security proficiency

IBM Security / © 2022 IBM Corporation 24

Moving to cloud is a journey
for the business and security
4
3 Specialty
2 Cloud Power Use Cases
Re-architect with advanced features Use specialty cloud services
1 App Modernization such as AI and machine learning,
data lakes, analytics, and specialty
such as IoT and Blockchain
Leverage cloud provider PaaS
Lift and Shift workloads
Business
Journey Migrate datacenter
capabilities for containers, databases,
data pipelines, DevOps, and others Optimized
apps and workloads
to the cloud
Refined – Automation
Defined – Sophisticated security controls – AI and machine learning
Ad-hoc – Consistent security controls
that are more granular
and adaptive – Zero Trust
adapted to suit both cloud
– This lift and shift security and non-cloud – DevSecOps transformation – Decision-making built
approach is not recommended
around fully integrated
Security – Centralized visibility – Culture change, security that
Journey context of assets and users
– Post-deployment control for threat detection enables business transformation
implementation and compliance

— Reactionary — — Adaptive — — Zero Trust —

IBM Security / © 2022 IBM Corporation 25

Together, building a united
front across all domains
Advisory and Integration Services
Leverage our 5,500+ global security experts across 130 countries
with deep industry and security domain expertise to help define
and execute your security program
– Establish a security maturity baseline
– Perform a critical data assessment
– Secure-by-design app development practices
– Build a roadmap aligned with your cloud strategy

Management and Monitoring Services

ibm.com/case-studies/andritz
Trusted advisors available 24x7x365 to augment your security program
with tailored services, including threat, cloud, data, identity, and response
management
“IBM Security offers a solid base where we have
100% visibility and transparency, which helps
– 8 global security operations centers, 5 regional SOC locations,
and localized delivery capability us solve threats in a very short timeframe.”
– Threat monitoring of more than 3 trillion MBs of data for 15K+ clients Klaus Glatz, Chief Digital Officer
ANDRITZ

Vendor agnostic full lifecycle support

IBM Security is an AWS Level 1 Partner with IBM Security Services
MSSP Competency Partner to secure your hybrid clouds
IBM Security / © 2022 IBM Corporation 26
Gain insights and save time
with an open security platform
66% of security teams do not share data across tools, IBM Cloud Pak for Security
45% require security engineers to hand wire integrations Cross-domain security context,
insights, and orchestration
Integrate across people, processes and tools • Threat Management
using open standards and best practices • Data Protection
• Identity and Access

Connected Common
Security Data Security Workflows
Common UX
break product silos with act faster with a common UX,
Shared Analytics
open connections to your centralized automation, case
Unified Playbooks
tools and a common data lake management, and playbooks
Global Threat
Intelligence
Shared Security Cloud-native
Context Architecture Red Hat OpenShift
make better decisions using modernize your security
shared business context, asset architecture and run anywhere
data, and threat intelligence – on any public cloud or as SaaS

IBM Security / © 2022 IBM Corporation 27

Bringing it all together
IBM provides an open, unified approach to cybersecurity

IBM Security Consulting and Managed Security Services

Strategy, Risk & Compliance Threat Management Zero Trust Cloud Security

Services Governance, Risk, and Compliance,

and Active Governance Services
Managed Detection and Response,
X-Force, and OT/IoT/IoMT Services
SASE, Data Security, Network Security,
and IAM Services
Cloud Strategy, Cloud Native, and
Cloud Workload Protection Services

Technology QRadar XDR

Threat
Guardium
Data
Verify
Identity
Trusteer
Fraud
MaaS360
Unified Endpoint
Open Ecosystem
3rd party
Management Security Management Protection Management solutions

IBM Cloud Pak for Security

Open Platform Unified Data Service | Global Threat Intelligence | Shared Analytics | Risk Service | Centralized Case Management | Common UX | SaaS / On Prem

Red Hat Hybrid Cloud Platform

SIEM EDR Cloud Data Database Network Additional
tools tools repositories lakes protection protection point solutions

Ecosystem

IBM Security / © 2022 IBM Corporation 28

IBM differentiation versus competitors
Proven leadership across 15 security segments

Expert AI-Infused Open Largest

Services Technology Platform Ecosystem
• Trusted Advisors • Threat Management Cloud Pak • Thousands of partner
• Command Centers • Data Security for Security integrations

• Integrated Solutions • Identity and Access • 750K active users

on X-Force Exchange
• Managed Services

IBM Security / © 2022 IBM Corporation 29

Thank you

Follow us on: © Copyright IBM Corporation 2022. All rights reserved. The information contained in these materials is provided for
informational purposes only, and is provided AS IS without warranty of any kind, express or implied. Any statement of
direction represents IBM’s current intent, is subject to change or withdrawal, and represent only goals and objectives.
IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines
ibm.com/security Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks
or service marks of others.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention,
securityintelligence.com detection and response to improper access from within and outside your enterprise. Improper access can result in
information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems,
including for use in attacks on others. No IT system or product should be considered completely secure and no single
product, service or security measure can be completely effective in preventing improper use or access. IBM systems,
ibm.com/security/community products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve
additional operational procedures, and may require other systems, products or services to be most effective. IBM does
not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the
xforce.ibmcloud.com malicious or illegal conduct of any party.

@ibmsecurity

youtube.com/ibmsecurity