SECURITY Workshop
SECURITY Workshop
Sessione di lavoro
ore 16:50 Benvenuto Mauro Talà, MAX ITALIA
ore 16:55 Video
ore 17:00 IBM Security: approccio consulenziale per le nuove sfide di sicurezza Alberto Meneghini, IBM ITS
ore 17:20 IBM Security: garanzia per la continuità operativa Norberto Gazzoni, IBM SWG
ore 17:40 MAX ITALIA Security: servizi professionali nel mondo della sicurezza Caterina Bretti, MAX ITALIA
ore 18:00 Chiusura Francesco Supino, MAX ITALIA
Visita guidata alla mostra «Matisse arabesque»
ore 18:20 Scuderie del Quirinale
Degustazione vini «La Carraia» guidata dal produttore Cena
ore 20:00 Centro Congressi Palazzo Rospigliosi
SECURITY Workshop
SECURITY Workshop
Benvenuto
Mauro Talà, MAX ITALIA
SECURITY Workshop
Il Gruppo HRI1
HRI1 The Global IT Integration Company
DLI Technologies Integration
Max Italia Services
Integration
A-Key Things
Integration
SECURITY Workshop
L’offerta
End User Computing
Services
Desktop Management
Mobile Device Management
Service Desk
Field Services
Integrated Logistics
Infrastructure Management
Services
Consolidation
Virtualization
Backup & DR
Systems Mgmt
Systems Moving
BU
Security
Compliance
Governance
Risk Management
Infrastructure & Architecture
Monitoring
Application Management
Services
SAP
Oracle
Microsoft
Mobile Platforms
Information Management
Business Intelligence
Analytics & Big Data
Application Development
SECURITY Workshop
IBM Security: approccio consulenziale
per le nuove sfide di sicurezza
Alberto Meneghini, IBM
IBM Security Services
The new security paradigm looks like a staircase response model,
merging IT Security preparedness and action with business
operations and end users
Typical GRC processes are manual, inefficient and ineffective
Document
Review
Assessment
Prep
Controls
Walkthrough Assessment
Risk review &
Recommendation
Close-Out
Meeting
Activities to Perform in SOX compliance)
Document
Review
Assessment
Prep
Controls
Walkthrough Assessment
Risk review &
Recommendation
Close-Out
Meeting
Take samples and assess. Status reporting through
Excel sheet
Interviews. Queries & Follow up (Workflow)
Risk Findings & Reporting
Interviews. Queries & Follow up (Email)
Take samples and assess. Status reporting through
Dashboard
Risk Findings & Reporting: Dashboard
Refer to earlier work papers in platform. Import templates, work allocation and tracking in workflow
Refer to earlier risk review documents, work allocation and tracking in excel sheet.
Automated IT GRC Platform
Without automated
IT GRC tools
With IT GRC
Automation
IBM risk reviewer Client IT project owner
IBM Security Services
An integrated Security Risk Management Life Cycle operating on a
continuous basis is required to facilitate risk-based decision making.
Risk Mitigation Build
and Deploy and Operate
Data and Information
Security
Identity and Access
Management
Application Security
Network Security
Mobile and Endpoint
Device Security
Fraud & Money Laundering
Unified Communications
Security (VOIP/SIP)
Incident Response – Corrective
Action Cyber Incident Investigations HOT
COLD Security Research – Preventive Action
Security Intelligence and Analytics
External
security
sources
Secu
rity M
on
itorin
g a
nd
SO
C O
pera
tion
s
Security In
form
ation
Real-time collection, normalization, and analysis of security data
Security Intelligence Generate Risk and
Compliance Reports
and Dashboards
Governance, Risk
and Compliance
Rem
ed
iate
Security Policy and
Control Management
Risk Management
Risk Assessment
Risk and Compliance
Monitoring, Measurement
and Analysis
IT security knowledge
Manage risk posture &
tolerance
Industry & regulatory
standards/policies
Establish metrics:
KRIs, KPIs
Establish security
policies, architecture
and controls
Establish risk posture &
risk tolerance
Develop risk directives
& objectives
Establish security
culture
Security steering
committees
Identify critical
assets
Identify & analyze
threats
Identify & analyze
risk
Several key SOC functions can be outsourced to IBM to create a
“Hybrid” solution that sets up quickly, scales effectively and
minimizes risk & cost
Security Analyst
Analytics
Vulnerability Mgmt.
IPS/IDS
Firewalls
Compliance CMDB
Identification
Classification
& Impact
Assessment
Notification Response &
Recovery Closure Validation
In House vs Out-Tasking Service
Traditional Software License Managed Security Services Provider
Entry cost High Low
Installation and implementation Requires in-house resources MSSP handles implementation
Time to value Long Short
Skilled resources Company must hire, train, and retain talent
MSS provides skilled resources
Efficiency and effectiveness Limited scalability prohibits efficiency and effectiveness
Greater efficiencies via scalability (1:many) is inherent in SOC operations
Security posture Dependent on skill, processes, and expertise of internal staff
Improved by diligence, guaranteed response times, security vulnerability research, and cumulative expertise of MSS team
Response Dependent on skill, processes, and expertise of internal staff
24x7 protection, critical alert notification and levels of response per severity
Security Operations Centers
Security Research Centers
Security Solution Development Centers
Institute for Advanced Security Branches
IBM X-Force Expertise 10
Security operations centers
10 Security research centers
15 SW Security development labs
400 Security operations analysts
650 Field security specialists
1,200 Professional services security
consultants
4,300 Strategic outsourcing security
delivery resources
150M intrusion attempts daily
83,000 documented vulnerabilities
40M unique phishing / spam attacks
Millions of unique malware samples
Billions of analyzed web pages
3000+ security patents
20,000+ devices under contract
3,700+ Security Svcs clients worldwide
20B+ events managed per day
133 monitored countries (MSS)
Unique research and reports
Managed Services Excellence
Tie into IBM‘s global SOC network to benefit from the full scale of IBM‘s worldwide security capabilities
SECURITY Workshop
IBM Security: garanzia per
la continuità operativa
Norberto Gazzoni, IBM
Bring your own IT
Social business
Cloud e virtualizzazione
1 Miliardo di lavoratori mobile
1.000 miliardi di oggetti collegati
Le tecnologie Innovative stanno cambiando tutto attorno a noi…
SECURITY Workshop
83%
Delle Enterprise hanno difficoltà nel
trovare gli skill di security di cui
necessitano 2012 ESG Research
85 security tools da
45 vendors IBM client example
… le pratiche tradizionali di security non sono più sostenibili
Degli executive nella security ha
timori per il cloud ed il mobile 2013 IBM CISO Survey
70%
di dispositivi mobile IBM X-Force Threat Intelligence Quarterly 1Q 2015,
11.6M Il Mobile malware ha colpito
…introducendo nuovi rischi e timori.
SECURITY Workshop
Attaccanti evoluti colpiscono i sistemi ogni giorno…
SQL
injection Watering
hole
Physical
access
Malware Third-party
software
DDoS Spear
phishing
XSS Undisclosed
Attack types
Note: Size of circle estimates relative impact of incident in terms of cost to business Source: IBM X-Force Threat Intelligence Quarterly – 1Q 2014
2011 Year of the breach
2012 Incremento del 40%
2013 Epico e senza precedenti
$3.5M+ Costo medio per violazione di dati 2014 Cost of Data Breach, Ponemon Institute
tempo medio per individuare un APT The State of Advanced Persistent Threats, 2013 Ponemon Institute
225 giorni
SECURITY Workshop
Cosa è successo nel 2014: X-force Interactive Security Incidents http://www-03.ibm.com/security/xforce/xfisi/
SECURITY Workshop
SECURITY Workshop
Cosa sta succedendo ora: IBM X-force Exchange https://exchange.xforce.ibmcloud.com/#/ - http://securityintelligence.com/
Cosa sta succedendo ora: IBM X-force Exchange https://exchange.xforce.ibmcloud.com/#/ - http://securityintelligence.com/
SECURITY Workshop
IBM X-Force: le fondamenta delle soluzioni IBM Security
- Tutte le attività di sviluppo di IBM security sono guidate da IBM X-Force che
incorpora le aree di sviluppo di tutte le Società/Tecnologie acquisite nel tempo
disegnando ed ottimizzando la integrazione delle tecnologie proprietarie e non.
- IBM X-force acquisisce dati riguardo ai trend di attacco da diverse fonti
“honeynet” nonché dalle attività svolte nella gestione delle decine di migliaia di
apparati di utenti che in tutto il mondo affidano ad IBM la gestione della loro
Sicurezza Informatica.
- X-force pubblica trimestralmente un l’X-Force Trend and Risk Report sul sito
Securityintelligence.com
- Sullo stesso sito si trovano diverse risorse tecniche e commerciali inclusa l’area
CISO Corner indirizzata al colloquio con i CISO ( Cheaf Information Security
Operation)
SECURITY Workshop
IBM Security Strategy Buyers
CISO, CIO, Line-of-Business
Fornire un ampio portafoglio di soluzioni differenziate mediante
l'integrazione e l'innovazione per affrontare le ultime tendenze di attacco
Key Security Trends
Advanced Threats
Skills Shortage
Cloud Mobile and Internet of Things
Compliance Mandates
IBM Security Portfolio
Strategy, Risk and Compliance Cybersecurity Assessment and Response
Security Intelligence and Operations
Advanced Fraud
Protection
Identity and Access
Management
Data Security
Application Security
Network, Mobile and Endpoint
Protection
Advanced Threat and Security Research
Supportare le
necessità del CISO 1
Innovare con
riguardo ai
megatrends 2
Leadership in
segmenti selezionati 3
SECURITY Workshop
IBM può aiutare a proteggersi rispetto a nuove e complesse sfide della Security
Proteggere gli asset critici
Utilizzare controlli sensibili al contesto per impedire l'accesso non autorizzato e la perdita di dati
Ottimizzare il programma
per la security Utilizzare gli esperti per modernizare security, redurre le complessità, contenere i costi
Bloccare le minacce avanzate Usare analytics e gli insight per una difesa più semplice ed integrata
Proteggere il cloud ed il mobile Usare la trasformazione dell’IT per
costruire una nuova, robusta postura di
sicurezza
SECURITY Workshop
Ottimizzare il programma per la security
Risk-Aware Culture
& Strategy
End-to-End Security
Intelligence
Intelligent Threat
Protection & Response
Analizzare e trasformare la
vostra postura di security
Costruire una nuova
generazione di attività di
security
Avere aiuto dagli esperti
worldwide 24x7x365
SECURITY Workshop
Un Sistema integrato e dinamico per interrompere il ciclo di vita di un attacco avanzato
e prevenire le perdite di informazioni e denaro
Open Integrations Global Threat Intelligence
Ready for IBM Security Intelligence Ecosystem
IBM Security Network Protection XGS
Smarter Prevention Security Intelligence
IBM Emergency Response Services
Continuous Response
IBM X-Force Threat Intelligence
• Leverage threat intelligence from multiple expert sources
• Prevent malware installation and disrupt malware communications
• Prevent remote network exploits and limit the use of risky web applications
• Discover and prioritize vulnerabilities
• Correlate enterprise-wide threats and detect suspicious behavior
• Retrace full attack activity, Search for breach indicators and guide defense hardening
• Assess impact and plan strategically and leverage experts to analyze data and contain threats
• Share security context across multiple products
• 100+ vendors, 400+ products
Trusteer Apex Endpoint Malware Protection
IBM Security QRadar Security Intelligence
IBM Security QRadar Incident Forensics
IBM Guardium Data Activity Monitoring
• Prevent remote network exploits and limit the use of risky web applications
IBM Unified Endpoint Management • Automate and manage continuous security
configuration policy compliance
Bloccare le minacce avanzate: IBM Intelligent Threat Protection System
SECURITY Workshop
Proteggere gli asset critici
Governare ed amministrare
gli utenti ed i loro accessi
Identificare e proteggere i
dati sensibili
Gestire il rischio di
sicurezza delle applicazioni
Gestire e proteggere la rete
e gli endpoint
SECURITY Workshop
Prodotti e servizi end-to-end per proteggere le risorse critiche
Identity and Access Management
Data Security and Privacy
“Crown Jewels”
Protection
Discovery and
Classification
Data
Security
Encryption
and Masking
Process and Method Product Assets and Tools People
IAM Assessment
and Strategy
Architect
and Design
Implement
and Deploy Manage
IBM Value
Application Security
Test
Applications in Development
Application Security Management
Data Protection Throughout the Data Lifecycle
Monitor and Protect
Deployed Applications
SECURITY Workshop
IBM Identity and Access Management Solutions, IBM Guardium Data Protection, IBM Security AppScan, and IBM Security Services
Proteggere il cloud ed il mobile: IBM Dynamic Cloud Security Portfolio
SaaS PaaS IaaS
Ottenere visibilità e controllo nel Cloud
Proteggere “the mobile enterprise”
Intelligent Threat Protection Cloud Cloud Security Managed Services Security Intelligence and Operations Consulting Services
SECURITY Workshop
Ottimizzare le Security Operation Fornire una visione consolidata delle operazioni di sicurezza - a velocità ed agilità senza precedenti
Proteggere i Dati
Identificare le vulnerabilità ed aiutare a prevenire gli attaccchi
indirizzati a Dati Sensibili
Migliorare la Visibilità
Monitorare il cloud per individuare violazioni della
sicurezza e delle compliance
Gestire gli Accessi
Salvaguardare le persone, le applicazioni
ed i dispositivi connessi al cloud
• Cloud Security Intelligence Cloud Data Activity Monitoring
Cloud Mobile Application Analyzer
Cloud Web Application Analyzer
Cloud Identity Services
Cloud Sign On Service
Cloud Access Manager
Cloud Privileged Identity Manager
Smartphones & Tablets
Mobile
Devices
Mobile
Apps
PC’s, Macs, POS, ATMs In rete e fuori dalla rete
IBM Unified Endpoint Management: Portiamo la Sicurezza degli Endpoint ad un Nuovo Livello
Servers Fisici e Virtuali
SaaS, On-premise, o MSP
Compliance più veloci
Comprehensive Security
Contenimento del TCO
SECURITY Workshop
• Trovare e Risolvere problemi in pochi minuti su tutti gli endpoint, dentro e fuori dalla rete
• Aggiungere nuove funzioni in pochi minuti senza risorse addizionalio infrastrutture
Patch
Management
Lifecycle
Management
Core
Protection
Security &
Compliance
Power
Management
SW Use
Analysis
Mobile
Management
Server
Automation
IBM Security Systems, un Portfolio completo in tutti i domini di sicurezza
SECURITY TRENDS
Skills Shortage
Compliance Mandates
Cloud Advanced Threats
Mobile and Internet of Things
SECURITY Workshop
SECURITY Workshop
MAX ITALIA Security: servizi
professionali nel mondo della sicurezza
Caterina Bretti, MAX ITALIA
L’offerta completa del Gruppo HRI1
End User Computing
Services
Desktop Management
Mobile Device Management
Service Desk
Field Services
Integrated Logistics
Infrastructure Management
Services
Consolidation
Virtualization
Backup & DR
Systems Mgmt
Systems Moving
BU
Security
Compliance
Governance
Risk Management
Infrastructure & Architecture
Monitoring
Application Management
Services
SAP
Oracle
Microsoft
Mobile Platforms
Information Management
Business Intelligence
Analytics & Big Data
Application Development
Corporate Governance
IT Governance
Req
uis
iti d
i B
usin
ess
Req
uis
iti Leg
ali e
N
orm
ati
vi C
og
en
ti
Reg
ola
men
ti e
No
rm
e d
i S
ett
ore
IS Governance
Processi Risorse
Tecnologie
Approccio metodologico
Consulting Services
IS Governance Cyber Intelligence
Process Governance Standard & Compliance
PRIVACY D.Lgs. 196/03
Reati Inform. D.Lgs. 231/08
Fatturazione Elettronica
COBIT
ISO 27000
ISO 20000
BP Mapping & Optimization
BP Risk MNGT
IT Process Sec. Assessment
IS Assessment
IS Risk Analysis & Mitigation
VA/PT
Cyber Security Intelligence
Ethical Hackering
Cyber Security Solutions
Mobile / Cloud Monitoring
Infrastructure Infrastructure Services Enterprise Solutions
Antivirus / Antispam / AntiPh
Accounting
Backup / Disaster Recovery
WEB Security / Reputation
E-Mail Solutions
Firewall / IDS-IPS
Gateway / VPN
Server / PdL
Virtualization
Networking / WiFi
Identity & Access MNGT
Data Protection / DLP
Event & Incident MNGT
Compliance MNGT System
PKI Infrastructure
Endpoint Protection
Mobile Enterprise MNGT
Mobile Security Solutions
Secure Cloud
Systems
Applications
Network
Border Security
WEB
Safety
Videosorveglianza
Safety at Work
Certificazioni dell’Organizzazione
Certificazione della Qualità ISO 9001 sul processo:
– “conduzione sistemi informativi”
– “installazione e assistenza prodotti hw e sw”
Certificazione ISO 27001
Certificazione ISO 20000 (Sistema di gestione dei servizi IT) Sistema informativo integrato di ticket e workflow management:
– Web Customer Portal
– Web Technician Interface
– E-mail & SMS Integration
Certificazioni del personale
• Circa 160 certificazioni tecniche specialistiche sui Brand Partner
• Circa 30 certificazioni commerciali sui Brand Partner
• 20 certificazioni di processo – ITIL Foundation, Intermediate, Expert
– Project Management Professional (PMP)
– 196 Privacy Professional
– BS7799 – ISO 27001
• 30 specialisti interni a disposizione per progettazione e supporto
• 180 tecnici sul territorio nazionale
• Abilitazione all’assistenza in garanzia dei principali Vendor
Partnership IBM – Premier Business Partner
Partnership IBM – Premier Business Partner
Partnership IBM – Premier Business Partner
www.max-italia.it
Caterina Bretti – ICT Security Manager Email: [email protected]
Mobile: 3483709472
Edoardo Salemme – Security Sales Manager Email: [email protected]
Mobile: 3346130123
SECURITY Workshop
Chiusura
Francesco Supino, HRI1
SECURITY Workshop
IoT: un futuro pieno di cose Smart
La regola aurea: aggiungere una parte IT ad un oggetto di uso comune, create valore
localmente e usate l’oggetto come veicolo di nuovi servizi….
Thing
Intelligenza intrinseca
(nell’oggetto)
Intelligenza connessa
(comunità di oggetti)
Software
Rete
Tutti gli analisti concordano che
entro il 2020 avremo miliardi
di questi oggetti connessi...
…allo stesso modo in cui noi
oggi siamo connessi sui social
network
SECURITY Workshop
A-key, The Things Integration Company
Sviluppo di applicazioni e processi innovativi
Internet of Things
Embedded Software
Web/Mobile Applications
Smart Plants
Smart Energy
Smart Cars, Connected Cars
grazie per la partecipazione
SECURITY Workshop