Managed Security Services

Selling Enterprise Security Services From the Cloud

2012 IBM Corporation

Data tops concerns relative to cloud computing

Protection of intellectual property and data
Ability to enforce regulatory or contractual obligations
Unauthorized use of data
Confidentiality of data
Availability of data
Integrity of data
Ability to test or audit a providers environment
Other

30%
20%
14%
11%
9%
8%
6%
2%

Source: Deloitte Enterprise@Risk: Privacy and Data Protection Survey

2012 IBM Corporation

IBM Global Technology Services

Security Services Market Dynamics

Market dynamics Due to the nature of numerous

Major actors:

security technologies invented for resolving a variety of

security issues, security market is very fragmented,
crowded with a large number of vendors providing specific
solutions. New technologies are evolving rapidly, and M&A
has been incredibly active in the past few years. However,
there are very few full scale security solution providers
that can globally provide customers in different sizes and
industries with a comprehensive portfolio of security
solutions that combines security technologies, and
consulting, implementation, and managed services.

MSS IBM, Dell SecureWorks, Symantec,

Verizon, AT&T, HP, Wipro

WW Security Services market is a $31.5B opportunity

in 2011, growing at a CAGR of 10.8% throughout 2015
Education
$3.02B
Managed
Services
$4.51B

Implementation
Service
$14.29B
Page 3

Consulting
Service
$9.66B

Cloud Services IBM, HP, McAfee, Verizon,

Symantec, SecureWorks
Consulting services (PSS) IBM, Deloitte,
PwC,
E&Y, Accentuate, KPMG, Verizon
IBM has:
Solution comprehensiveness: IBM has a unique
position in the market as an true end-to-end security
provider we address virtually any dimension of
customers security challenges.

Leading technologies: All IBMs security solutions

are built based on unparalleled security technologies
invented by IBM research (including x-Force) &
development or market leading product vendors (

Global delivery: IBM has thousands of consultants,

specialist, and delivery experts and global security
operation centers to deliver professional, managed,
and cloud security services to customers in almost
every country in the world

Professional
Services
2012 IBM Corporation

Capability: The IBM Security Framework

Delivering intelligence, integration and expertise across
domains
IBM Security
End-to-end coverage across domains
6K+ security engineers and consultants
Award-winning X-Force research
Analyst recognized leadership
Continued commitment to investment
Trusted Advisor to Global companies

Intelligence
Intelligence

Integration
Integration

Expertise
Expertise

2012 IBM Corporation

IBM Managed Security Services approaches the problem two

ways:

Security for the Cloud

Helping clients begin their journey to the
cloud with relevant security expertise

Cloud Security Strategy Roadmap

Cloud Security Assessment
Penetration Testing
Application Security Assessment
Identity and Access Management

Security from the Cloud

Subscription service, Cloud-based, monitoring &
management Security Services that help reduce
costs & complexity, improve sec. posture, and
meet regulatory compliance

Security Event and Log Management

Vulnerability Management Services
Hosted Application Security
Hosted Mobile Device Management
Managed Email / Web Security
X-Force Threat Analysis Service

Security & Privacy Leadership

2012 IBM Corporation

Security FROM the Cloud:

Hosted Application Security Management (HASM)
Service Overview:
Helps customers identify and remediate web application
vulnerabilities on Internet facing servers without the need
to purchase, install, and configure separate servers and
software packages. The solution tests for common Web
application vulnerabilities including Cross-Site Scripting,
Buffer Overflow, and Web 2.0 exposure scans.

Application Security
Management

Service Quick Facts:

Service Type:

Cloud / Managed

Average Project:

$100K-750K

Key Offering Capabilities:

Business Challenges:
Web apps represent the fastest growing threat vector
70% of companies view web 2.0 as a top security
concern
Web vulnerabilities are easily remotely exploited
Web app scanning is required by regs such as PCI.

Service Value Proposition / Benefits:

Reduces risk with an unmatched time to value
Allows for vulnerabilities to be identified and
remediated without in-depth expertise

Application Security Analysts consult with clients to

help build a prioritized remediation strategy.

Full AppScan Enterprise access: The solution

delivers the power of enterprise class application
assessment capability directly to the organization via
a cloud based delivery model.
Skilled experts to assist in analyzing scan results:
Dedicated one on one time with security experts is
included in the service to assist with interpretation of
scan results and applicable remediation strategies
Suggested fixes and remediation steps provided:
Scan results are accompanied by detailed fix
suggestions that guide developers to solutions and
best practices.
24x7 support and on-demand access: The HASM
platform and associated support are available from
IBM experts 24x7.
2012 IBM Corporation

Situations that drive the need to HASM

Is web site used to collect any customer information?
Is it used to send or receive sensitive information including corporate IP, employee data, customer
or partner information?
Is it accessed by hundreds, thousands (or even millions) of users?

Is the organization subject to federal or state legislative regulations or industry compliance stands? (PCI /
HIPAA / SOX / GLBA)

If so, then you need to assess the application to provide validation that it is within compliance standards
and regulations.
The Hosted Application Security Services conducts application assessments that help to provide
required information for compliance regulations.

2012 IBM Corporation

Security FROM the Cloud:

Hosted Mobile Device Security Management (MDS)
Service Overview:
Designed to provide expert monitoring and management
of policy enforced mobile connectivity to corporate and
enterprise-wide assets. Incorporates design and
deployment capabilities along with managed services to
accelerate time to value and drive established security
measures to mobile endpoints.

Mobile Device
Security Mgt.

Service Quick Facts:

Service Type:

Cloud / Managed

Average Project Size:

Varies

Key Offering Capabilities:

Business Challenges:
Attainment of mobile security skills can be challenging
Most mobile deployments combine corporate and
employee owned assets w/ varying security controls
More data lives on smartphones than ever before

Broad mobile platform support: Offers support for

leading mobile operating systems allowing for broad
applicability of policy and technology.

Service Value Proposition / Benefits:

Turn-key implementation: Comprehensive

deployment strategies designed to simplify the rollout
and reduce the burden on security / IT teams

Gain control over data stored on mobile endpoints

Helps organizations reduce the impact of lost devices
Supports the consumerization of mobile rollouts while
retaining a responsible and secure approach to data
management
8

Backed by IBMs industry leading MSS: Managed

and monitored by IBM, one of the largest Managed
Security Service Providers in the world.

Secure, policy based connectivity: When used in

conjunction with the Juniper SA gateway, secure,
policy based enforcement can be applied across
mobile devices accessing corporate resources.
Deep security technology: Introduced enterprise
class security to mobile endpoints: FW, AV, AS, etc.
2012 IBM Corporation

Situations that drive the need for MDS

What security policies does your company have for corporate desktops and laptops?
Are your employees' mobile devices compliant with relevant security policies?
Do you allow your workforce to access corporate data from their personal mobile devices?
Do you want to embrace mobile technology to provide flexibility to your employees?
Are you aware of the potentially disastrous risks and threats that can affect mobile
devices?
Do you lack the in-house expertise and technology needed to ensure secure mobile
access to corporate data?

Todays mobile device should be viewed as any other endpoint device in the organization
having an overall endpoint security strategy is key.
There are differences between desktops/laptops and mobile devices.
The risk of breaches for mobile devices is the same or even greater due to the proliferation of
smartphones.

2012 IBM Corporation

Security FROM the Cloud:

Security Event and Log Management (SELM)
Service Overview:
The Security Event and Log Management Service
enables compilation of the event and log files from
network applications, operating systems, and security
technologies into one seamless platform. The SELM
offering allows for automated analysis of IPS data as well
as robust query and research capabilities against a
variety of different log types.

Security Event and

Log Mgt.

Service Quick Facts:

Service Type:

Cloud / SaaS

Average Project Size:

Varies

Key Offering Capabilities:

Challenges:
Information and event management solutions can be
costly and overly complex depending on needs
Data often spans geographies and obtaining a
consolidated view can be difficult and costly
Many solutions struggle with real-time analysis

Service Value Proposition / Benefits:

Integrated workflow and analysis capabilities:

With SELMs integrated workflow and analysis
capabilities, security issues can be investigated,
escalated, and recorded using IBMs web based tools
Custom log parser and correlation engine: Easily
use regular expressions to add support for custom log
sources and correlation rules

Improve time to value by leveraging an on-demand

cloud based platform

Forensically sound storage and archival: SELM

employs best practice processes for storage

Shorten investigations for suspicious/malicious activity

Seamless blending of MSS and non-MSS data:

SELM blends managed and unmanaged logs and
events into a common data set

Centralize key data and reduce storage burdens

10

Two tiers of service: SELM is available in Standard

and Select service levels allowing for varying degrees
of analysis and analytics to be applied to data types

2012 IBM Corporation

Situations that drive the need for SELM

How are you managing, monitoring and archiving both log and event data across your
enterprise?
Does your company have a formal log management and monitoring process that supports
analysis, escalation, and investigation?
Do you consolidate log data from disparate geographies and systems or is this data spread
among many separate locations?
In the event of a security incident, can you effectively query and analyze logs from hundreds or
thousands of systems in minutes?
Could your security team use additional time and budget to address security issues?

Do you have the tools in place for centralizing data, storing long term (up to 7 years), and an
automated form of analysis?
What tools are being used for existing efforts, are those tools integrated off the shelf vs. cobbled
together?
What would be the implications of a distributed data deployment if you attempted to quickly
respond to a global security incident?
How would you check all of your systems for suspicious activity if you knew of an attackers IP or
a compromised account?
IBM Confidential

2012 IBM Corporation

Security FROM the Cloud:

Hosted Vulnerability Management Service (VMS)
Service Overview:
Offers network based vulnerability assessment from the
cloud via the VSOC web portal. Scans can be
configured and scheduled via the web, with scanning
performed from the cloud or via IBM managed scanners
at the customer premise. Results are and archived in the
cloud, and accompanied by reporting, workflow, and
remediation capabilities.

Vulnerability
Security
EventMgt.
and
Service
Log
Mgt.

Service Quick Facts:

Service Type:

Cloud / SaaS

Average Deal Size:

$75K-300K

Key Offering Capabilities:

Business Challenges:
Vulnerabilities allow easy access to systems
Proper assessment and remediation is required for
compliance initiatives
Todays solutions can be difficult to use and manage

Service Value Proposition / Benefits:

Streamlined SaaS delivery model saves clients money
and improves time to value.
Assists with compliance efforts for multiple regulations,
including PCI
Reduces risk and improves security posture.
12

Vulnerability management: Agent-less scanning

from both inside and outside the firewall
Remediation guidance and workflow: Fix
vulnerabilities quickly and easily with the information
provided in remediation reports
Intelligent scanning: Delivers accurate scanning
results in less time with a system that follows an
assessment similar to that used by ethical hackers.
PCI compliance assistance: IBM can serve as an
Approved Scanning Vendor (ASV) in support of PCI
compliance initiatives
Web and dbase vulnerability detection: Identifies
basic web and database vulnerabilities to satisfy
compliance requirements
2012 IBM Corporation

Situations that drive the need for VMS

How are you managing software vulnerabilities (Network, database, and application) in your IT
environment today?
Does your company have a formal vulnerability management program that supports frequent
scanning, prioritization, and remediation efforts?
Does your current scanning solution support Network, application and database vulnerabilities?
Have you considered the cost savings that could be realized by leveraging scanning from the
cloud vs. maintaining your own solution in-house?
Could your security team use additional time and budget to address big picture issues in your
environment?

What is the importance of a vulnerability management program with repeatable process,

documentation, reporting, and validation?
What tools are being used for your existing efforts, are those tools integrated off the shelf vs.
cobbled together.

13

2012 IBM Corporation

Cloud security service value

The value proposition for cloud security has become widely understood,
creating projects within many enterprises.

Services FROM the cloud:

Online access to key security tools that enable clients to efficiently perform key security functions
Reduced up-front capital investment and deployment
Lower overall security management costs
Quicker time to deploy and time to value vs. on-premise
Reduced on-premise skill requirements
Ability to standardize capabilities on one platform
Ability to rapidly consume software improvements

14

2012 IBM Corporation

IBM Managed Security Services helps answer critical security

questions

Virtual SOC Portal

13+ billion events per day

9 security operations centers

Answering customers critical questions:

Am I being targeted?
Where else has this IP been?
Whats the attack vector?
Is the attack approach custom or common?
Is the attack against a vulnerable system?
Is there a block or prevention rule?
Can you shut down that port?
Is this website malicious?
Is that an email virus?
Firewalls

15

Intrusion detection

Routers/switches

Servers

Emails

URLs

2012 IBM Corporation

IBMs global security expertise extends to cloud and is trusted

by some of the worlds most demanding companies!
9
Security operations centers

9
Security research centers

11
Security development labs

400
Security operations analysts

520
Field security specialists

941
Professional services security
consultants
Security Operations Centers

3,300
Strategic outsourcing security
delivery resources
16

Security Research Centers

Security Solution Development Centers
Institute for Advanced Security Branches

15B-plus events managed per day

1,000-plus security patents
133 monitored countries (MSS)
2012 IBM Corporation

IBM Security Services Cloud Security Resources

Web Pages:
IBM Cloud Security Web page

Papers:
Cloud Security Guidance
Strategies for Assessing Cloud Security
Leveraging Security from the Cloud
IBM POV: Security and Cloud Computing

Tools:
MSS Total Cost of Ownership

Offering Details:
Hosted Application Security Management
Hosted Vulnerability Management
Hosted Mobile Device Security Management
Hosted Security Event and Log Management

17

2012 IBM Corporation

Retrouvez une slection doffres Cloud

IBM pour les Partenaires sur :
http://ibmcloudcatalog.blogspot.com

18

2012 IBM Corporation