Cognitive security

COGNITIVE
SECUTIRY
A NEW ERA OF SECURIITY FOR NEW ERA
OF COMPUTING

INTRODUCTION
 For almost a century, we’ve programmed computers to help solve
complex problems. We can now simulate weather, sequence
genomes and instantly share data across the world
 The same is true for security. For decades, we’ve programmed
computers to recognize viruses, malware and exploits. We
continuously tune them to become more accurate, but it’s not
enough.

Bring your
own IT
Social
business
Cloud and
virtualization
1 billion mobile
workers
1 trillion
connected
objects
Innovative technology changes everything

You know? you can
do this online now.

Marketing
Services
Online
Gaming
Online
Gaming
Online
Gaming
Online
Gaming
Central
Government
Gaming
Gaming
Internet
Services
Online
Gaming
Online
Gaming
Online
Services
Online
Gaming
IT
Security
Banking
IT
Security
Government
Consulting
IT
Security
Tele-
communicat
ions
Enter-
tainment
Consumer
Electronics
Agriculture
Apparel
Insurance
Consulting
Consumer
Electronics
Internet
Services
Central
Govt
Central
Govt
Central
Govt
Attack Type
SQL Injection
URL Tampering
Spear Phishing
3rd
Party Software
DDoS
SecureID
Trojan Software
Unknown
Source: IBM X-Force®
Research 2011 Trend and Risk Report
Size of circle estimates relative impact of breach in terms of cost
to business
Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec
Entertainment
Defense
Defense
Defense
Consumer
Electronics
Central
Government
Central
Government
Central
Government
Central
Government
Central
Government
Central
Government
Central
Government
Consumer
Electronics
National
Police
National
Police
State
Police
State
Police
Police
Gaming
Financial
Market
Online
Services
Consulting
Defense
Heavy
Industry
Entertainment
2011 Sampling of Security Incidents by Attack Type, Time and Impact

WHAT IS COGNITIVE SECURITY
• Cognitive systems are self-learning systems that use data
mining, machine learning, natural language processing and
human–computer interaction to mimic the way the human
brain works.

FROM COMPLIANT TO COGNITIVE
• Since the age of the first networks and the
hackers who soon followed, we’ve evolved
security technology to stop attacks.
• To date, there have been two distinct eras of
cyber security: perimeter controls and security
intelligence. These serve as building blocks as
we enter the third era—cognitive security.

HOW IBM CAN HELP
• The cognitive journey is just beginning,
but IBM has the intellectual and financial
strength to lead this revolution within
security.
• IBM’s investment in cognitive
technologies spans decades and has
seen great progression in the last five
years.
• The ability to process natural language,
the ability to process voice and images,
and the ability to turn unstructured data
into tools like knowledge graphs that are
easily queriable.

IBM WATSON
• Watson is basically a supercomputer, combining
Artificial intelligence and analytical software for
optimal performance
• IBM Qradar Advisor with Watson combines the
cognitive capabilities of Watson

IBM QRADAR SECURITY
INTELLIGENCE PLATFORM

• Turn-key log management and reporting
• SME to Enterprise
• Upgradeable to enterprise SIEM
• Log, flow, vulnerability & identity correlation
• Sophisticated asset profiling
• Offense management and workflow
• Network security configuration monitoring
• Vulnerability prioritization
• Predictive threat modeling & simulation
SIEM
Log
Management
Configuration
& Vulnerability
Management
Network
Activity &
Anomaly
Detection
Network and
Application
Visibility
• Network analytics
• Behavioral anomaly detection
• Fully integrated in SIEM
• Layer 7 application monitoring
• Content capture for deep insight & forensics
• Physical and virtual environments
Fully Integrated Security Intelligence

• Turn-key log management and reporting
• SME to Enterprise
• Upgradeable to enterprise SIEM
• Log, flow, vulnerability & identity correlation
• Sophisticated asset profiling
• Offense management and workflow
• Network security configuration monitoring
• Vulnerability prioritization
• Predictive threat modeling & simulation
SIEM
Log
Management
Configuration
& Vulnerability
Management
Network
Activity &
Anomaly
Detection
Network and
Application
Visibility
• Network analytics
• Behavioral anomaly detection
• Fully integrated in SIEM
• Layer 7 application monitoring
• Content capture for deep insight & forensics
• Physical and virtual environments
One Console Security
Built on a Single Data Architecture
Fully Integrated Security Intelligence

LINK
 http://www-03.ibm.com/software/products/en/qradar-siem
 http://ibm.autoboxengage.com/security/?
cm_mc_uid=50858139055314932739656&cm_mc_sid_502
00000=1493526694&cm_mc_sid_52640000=1493526694

IBM QRADAR
VULNERABILITY
MANAGER

QRADAR VULNERABILITY MANAGER
 With IBM Security QRadar Vulnerability Manager, IBM introduces a new and
distinctly different response to an important need: a truly integrated approach to
security management that helps to reduce the total cost of security operations and
closes a number of gaps in many existing approaches.
 IBM® QRadar® Vulnerability Manager proactively senses and discovers network
device and application security vulnerabilities, adds context and supports the
prioritization of remediation and mitigation activities.
 IBM QRadar Vulnerability Manager helps you develop an optimized plan for
addressing security exposures. Unlike stand-alone tools, the solution integrates
vulnerability information to help security teams gain the visibility they need to work
more efficiently and reduce costs.

Displaying 1 to 40 of 517 items

Displaying 1 to 40 of 311 items

THE PROMISE AND CHALLENGES OF
COGNITIVE
 Many of those surveyed by the IBM Institute for Business Value (IBV) believe that
the benefits of cognitive security solutions will address the gaps they are facing.
Even though cognitive security is still an emerging technology area, 57 percent of
respondants already believe that cognitive security solutions can significantly slow
the efforts of cyber criminals
 Potential challenges to the adoption of cognitive security solutions, it is not that
security leaders don’t understand the technology conceptually or aren’t convinced
of the value or the benefits versus other solutions; the challenges are more about
skills, processes and methods.
 Forty-five percent of respondents list the top adoption challenges as not being
ready from a competency perspective and a lack of internal skills to implement. To
address these concerns and ensure successful roll-outs of cognitive solutions, more
education and preparation is needed.

BECOME EDUCATED ABOUT
COGNITIVE SECURITY
CAPABILITIES

 Take a holistic and formal approach to learn about cognitive security solutions.
There could be many misconceptions in your organization from a capability, cost and
implementation perspective.
 Understand the potential use cases for cognitive security solutions—match them to your areas
of weakness.
 Plan for how you can communicate the benefits of cognitive security solutions to technical and
business stakeholders—build an education plan for your team and your executives
 Identify and address skills gaps that may hold back adoption of the technology within your
own organization

DEMOGRAPHICS AND METHODOLOGY
 To better understand what security challenges organizations are facing, how
they are addressing these challenges and how they view cognitive security
solutions and their potential, the IBM Institute for Business Value (IBV) and
Oxford Economics surveyed a balanced distribution of 700 CISOs and other
security professionals in 35 countries, representing 18 industries between
May and July of 2016.
 In order to determine our clusters (the Primed, Prudent and the Pressured)
we applied a k-means clustering algorithm that revealed three distinct
behavior patterns.

Cognitive security

Recomendados

Recomendados

Mais conteúdo relacionado

Mais procurados

Mais procurados (20)

Semelhante a Cognitive security

Semelhante a Cognitive security (20)

Último

Último (20)

Cognitive security

Notas do Editor