Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
30%
20%
14%
11%
9%
8%
6%
2%
Major actors:
Implementation
Service
$14.29B
Page 3
Consulting
Service
$9.66B
Professional
Services
2012 IBM Corporation
Intelligence
Intelligence
Integration
Integration
Expertise
Expertise
Application Security
Management
Cloud / Managed
Average Project:
$100K-750K
Is the organization subject to federal or state legislative regulations or industry compliance stands? (PCI /
HIPAA / SOX / GLBA)
If so, then you need to assess the application to provide validation that it is within compliance standards
and regulations.
The Hosted Application Security Services conducts application assessments that help to provide
required information for compliance regulations.
Mobile Device
Security Mgt.
Cloud / Managed
Varies
What security policies does your company have for corporate desktops and laptops?
Are your employees' mobile devices compliant with relevant security policies?
Do you allow your workforce to access corporate data from their personal mobile devices?
Do you want to embrace mobile technology to provide flexibility to your employees?
Are you aware of the potentially disastrous risks and threats that can affect mobile
devices?
Do you lack the in-house expertise and technology needed to ensure secure mobile
access to corporate data?
Todays mobile device should be viewed as any other endpoint device in the organization
having an overall endpoint security strategy is key.
There are differences between desktops/laptops and mobile devices.
The risk of breaches for mobile devices is the same or even greater due to the proliferation of
smartphones.
Cloud / SaaS
Varies
How are you managing, monitoring and archiving both log and event data across your
enterprise?
Does your company have a formal log management and monitoring process that supports
analysis, escalation, and investigation?
Do you consolidate log data from disparate geographies and systems or is this data spread
among many separate locations?
In the event of a security incident, can you effectively query and analyze logs from hundreds or
thousands of systems in minutes?
Could your security team use additional time and budget to address security issues?
Do you have the tools in place for centralizing data, storing long term (up to 7 years), and an
automated form of analysis?
What tools are being used for existing efforts, are those tools integrated off the shelf vs. cobbled
together?
What would be the implications of a distributed data deployment if you attempted to quickly
respond to a global security incident?
How would you check all of your systems for suspicious activity if you knew of an attackers IP or
a compromised account?
IBM Confidential
Vulnerability
Security
EventMgt.
and
Service
Log
Mgt.
Cloud / SaaS
$75K-300K
How are you managing software vulnerabilities (Network, database, and application) in your IT
environment today?
Does your company have a formal vulnerability management program that supports frequent
scanning, prioritization, and remediation efforts?
Does your current scanning solution support Network, application and database vulnerabilities?
Have you considered the cost savings that could be realized by leveraging scanning from the
cloud vs. maintaining your own solution in-house?
Could your security team use additional time and budget to address big picture issues in your
environment?
13
14
15
Intrusion detection
Routers/switches
Servers
Emails
URLs
9
Security research centers
11
Security development labs
400
Security operations analysts
520
Field security specialists
941
Professional services security
consultants
Security Operations Centers
3,300
Strategic outsourcing security
delivery resources
16
Papers:
Cloud Security Guidance
Strategies for Assessing Cloud Security
Leveraging Security from the Cloud
IBM POV: Security and Cloud Computing
Tools:
MSS Total Cost of Ownership
Offering Details:
Hosted Application Security Management
Hosted Vulnerability Management
Hosted Mobile Device Security Management
Hosted Security Event and Log Management
17
18