Cyber crime is pervasive and here to stay. Whether you work in the Public Sector, Private Sector, are the CEO for a Fortune 500 Company or trying to sustain a SMB everyone is under attack. This February, President Obama, issued an executive order aimed at protecting critical business and government infrastructure due to the scale and sophistication of IT security threats that have grown at an explosive rate. Organizations and Government agencies have to contend with industrialized attacks, which, in some cases, rival the size and sophistication of the largest legitimate computing efforts. In addition, they also have to guard against a more focused adversary with the resources and capabilities to target highly sensitive information, often through long-term attack campaigns. Many security executives are struggling to answer questions about the most effective approach.

1. IBM & Deloitte Joint Webinar
Breaking Down the Cyber Security Framework:
Closing Critical IT Security Gaps
Oct 22, 2013
© 2013 IBM Corporation
1
© 2012 IBM Corporation

2. IBM Security Systems
Speakers: IBM & Deloitte Joint Webinar
Harry D. Raduege, Jr., Lt. General (USAF, Ret) Chairman,
Deloitte Center for Cyber Innovation
Topic of discussion: Breaking down the Cyber Security
Framework
Tom Turner , VP, Marketing & Business Development, IBM
Security Division
Topic of discussion: Closing Critical IT Security Gaps
2
© 2013 IBM Corporation

3. Breaking Down the Cyber Security
Framework

4. Cyber – A phenomenon that changed the world
Cyberspace
Cyber Attack
Cyber Insurance
Cyber War Cyberattack
Cyber-Alert
Cyber Bullying
Cyber crime
Cyber-ethics
Cyber FININT
Cyberpower
Cybersecurity
Cyber-Commerce
Cyber Law
4
Cyber Espionage
Cyber Communication
Copyright © 2013 Deloitte Development LLC. All rights reserved.

5. The world of cybersecurity
Threats
Targets
Counters
• Identity theft
• Information manipulation
(e.g. Malware)
• Cyber Assaults/Bullying
• Advanced Persistent
Threats (APTs)
• Information theft
• Crime
(e.g., Credit card fraud)
• Insider
• Espionage
• Cyber attack
• Transnational
• Attack of software
“boomerangs”
• Terrorism
• Government (Federal,
State, and Local); e.g.,
– E-Government
– E-Commerce
• Industry; e.g.,
– Aerospace & Defense
– Banking & finance
– Health care
– Insurance
– Manufacturing
– Oil & Gas
– Power Grid
– Retail
– Telecommunications
– Utilities
• Universities/Colleges
• Individuals
• Cyber workforce
• Advanced network and
resilience controls
• Outbound traffic monitoring
• Dynamic situational
awareness
• Open source Information
• Risk intelligence &
management
− Forensic analysis
− Data analytics
• Financial intelligence
(FININT)
• Tighter laws & enforcement
• Expanded diplomacy
• Legislation?
You should assume that your information network has been or will
be compromised.
5
Copyright © 2013 Deloitte Development LLC. All rights reserved.

6. Cybersecurity – Key points and impacts of the U.S.
President’s Executive Order (February 2013)
Information
Sharing
Privacy
• Opens up information-sharing program to other sectors
• Requires Federal government information-sharing programs with
private sector
• Mandates strong privacy and civil liberties protections
• Directs regular assessments of agency activities
• Requires development of a Cybersecurity Framework
Cybersecurity
Standards
• Develops voluntary critical infrastructure cybersecurity program
and adoption incentives
• Identifies regulatory gaps
Critical
Infrastructure
Review
6
• Identifies critical infrastructure at greatest risk
• Changes the definition of critical infrastructure
Copyright © 2013 Deloitte Development LLC. All rights reserved.

7. Currently, there are 16 U.S. industry sectors defined
as critical infrastructure
85% of critical infrastructure is in private sector hands 1
Trends exposing industry to increased risk
• Interconnectedness of sectors
• Proliferation of exposure points
• Concentration of assets
Critical infrastructure sectors
Agriculture and Food
Dams
Information Technology
Banking and Financial
Services
Defense Industrial
Base
Nuclear Reactors,
Materials and Waste
Chemical
Emergency Services
Transportation
Systems
Commercial Facilities
Energy
Water and Wastewater
Systems
Communications
Government Facilities
Critical Manufacturing
Healthcare and Public
Health
1 GAO Report, Critical Infrastructure Protection: Sector Plans and Sector Councils Continue to Evolve. July 2007, http://www.gao.gov/assets/100/95010.pdf
7
Copyright © 2013 Deloitte Development LLC. All rights reserved.

8. Helping the CISO respond to Cyber
Security: Closing Critical IT Security
Gaps

9. IBM Security Systems
Evolving CISO Landscape
9
© 2013 IBM Corporation

10. IBM Security Systems
CISO Challenge: Competing priorities
14%increase
83% of
in Web application
vulnerabilities
enterprises have
difficulty filling
security roles
from 2011 to 2012
Common
Vulnerabilities
and Exposures
10
Increase in
compliance
mandates
© 2013 IBM Corporation

11. IBM Security Systems
CISO Challenge: Inadequate tools
85 tools
from
45 vendors
1
45
Only
out of
malware samples
detected
11
© 2013 IBM Corporation

12. IBM Security Systems
CISO Challenge: Business pressures
75%+of organizations
are using at least one
cloud platform
70% of CISOs are
concerned about Cloud
and mobile security
12
© 2013 IBM Corporation

13. IBM Security Systems
CISO Challenge: Evolving Threats
INTERNAL
43%
of C-level execs
say that negligent
insiders are their
biggest concern
13
EXTERNAL
PAYOFFS
59
%
increase
in critical
web browser
vulnerabilities
$78
M
stolen from
bank accounts
in Operation
High Roller
© 2013 IBM Corporation

14. IBM Security Systems
Q:
A:
Have you had an
attack that was
difficult to detect?
45% Yes
+ 21% Don’t
know
66% Don’t have
Why is this happening?
• Not collecting right security data
• Don’t have context
• Don’t have baseline for normal
• Lack vulnerability awareness
visibility needed
to stop advanced
attacks
14
© 2013 IBM Corporation

15. IBM Security Systems
Advantage:
15
Attacker
© 2013 IBM Corporation

16. IBM Security Systems
CISO:Your move
16
© 2013 IBM Corporation

17. IBM Security Systems
Focus
17
Intelligence
Innovation
© 2013 IBM Corporation

18. IBM Security Systems
USERS
Focus
TRANSACTIONS
18
ASSETS
© 2013 IBM Corporation

19. IBM Security Systems
Focus on users,
not devices
Implement identity
intelligence
Pay special attention
to trusted insiders
60,000 employees
Provisioning took up to 2 weeks
No monitoring of privileged users
USERS
Privileged Identity Management
Monitoring and same-day
de-provisioning
for
privileged users
100+
19
© 2013 IBM Corporation

20. IBM Security Systems
Discover critical
business data
Harden and
secure repositories
Monitor and prevent
unauthorized access
Thousands of databases containing
HR, ERP, credit card, and other PII
in a world where 98%
of breaches hit databases
ASSETS
Database Access and Monitoring
Secured
2,000
$21M
critical databases
20
Saved
in compliance costs
© 2013 IBM Corporation

21. IBM Security Systems
Identify most
critical transactions
Monitor sessions,
users, and devices
Look for anomalies
and attacks
30 Million customers in an industry where
$3.4B industry losses from online fraud
85% of breaches go undetected
TRANSACTIONS
Advanced Fraud Protection
on over 1 million customer endpoints
Zero instances of fraud
occurred
21
© 2013 IBM Corporation

22. IBM Security Systems
ANALYTICS
Intelligence
INTEGRATION
22
VISIBILITY
© 2013 IBM Corporation

23. IBM Security Systems
Don’t rely on
signature detection
Use baselines
and reputation
Fully inspect content
and communications
Identify entire classes of
ANALYTICS by analyzing
Pattern
matching
23
Mutated threats
250+ protocols and file types
Context, clustering, baselining,
machine learning, and heuristics
© 2013 IBM Corporation

24. IBM Security Systems
Get full coverage,
No more blind spots
Reduce
VISIBILITY
24
Reduce and
prioritize alerts
Produce detailed
activity reports
2 Million logs and events per day
to 25 high priority offenses
© 2013 IBM Corporation

25. IBM Security Systems
Eliminate silos and
point solutions
Build upon a
common platform
Share information
between controls
8 Million subscribers
with an integrated Platform
Monitor threats across
INTEGRATION
Siloed
Point Products
25
Integrated
Platforms
© 2013 IBM Corporation

26. IBM Security Systems
IBM Security Framework
Intelligence
Integration
Expertise
Professional, Managed,
and Cloud Services
26
© 2013 IBM Corporation

27. IBM Security Systems
CISO:
Checkmate!
27
© 2013 IBM Corporation

28. +
Smart apart. Smarter together.
Copyright© 2013

29. Thank you.
For more information, you can contact:
Paul Avallone – pavallone@deloitte.com
Charlie Kenney – Charles.kenney@us.ibm.com

30. This presentation contains general information only and is based on the experiences and
research of Deloitte practitioners. Deloitte is not, by means of this presentation, rendering
business, financial, investment, or other professional advice or services. This presentation is not
a substitute for such professional advice or services, nor should it be used as a basis for any
decision or action that may affect your business. Before making any decision or taking any action
that may affect your business, you should consult a qualified professional advisor. Deloitte, its
affiliates, and related entities shall not be responsible for any loss sustained by any person who
relies on this presentation.
Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee, and its network of
member firms, each of which is a legally separate and independent entity. Please see www.deloitte.com/about for a detailed description
of the legal structure of Deloitte Touche Tohmatsu Limited and its member firms. Please see www.deloitte.com/us/about for a detailed
description of the legal structure of Deloitte LLP and its subsidiaries.
Copyright © 2011 Deloitte Development LLC. All rights reserved.
Member of Deloitte Touche Tohmatsu Limited