An ExclusivE nEtworking EvEnt by in PArtnErshiP with

CIO Vision: Next Generation SecurityExecutive summary

introductionresearch from ibM’s global monitoring operations found

that the average company experienced more than 91 million

security events in 2013. As the number of security events

grows, so does the ability to analyze and manage them

more efficiently. As cyber criminals are getting smarter they

can hack systems and by-pass defenses blending into the

background noise of an organization’s operations or exploit

employees who inadvertently put the business at risk via

human error. security strategies and investments of the

past will no longer protect against these new classes of

attacks. it must design new security strategies to limit the

new risks and apply intelligence to protect the organization

and its assets through new analytics, innovation, and a

systematic approach to security.

it was against this backdrop that corporateleaders, in

partnership with ibM, recently hosted the exclusive cio

vision roundtable Meeting on “next generation security”.

the meeting was keynoted by nick coleman, global head

of cyber security intelligence at ibM, ian west, chief

cyber security at nAto communications and information

Agency, and Peter berghmans, trainer, thomas More &

Data Protection institute and Data Protection officer, gZA

Ziekenhuizen. Jesper lillelund, Partner & co-Founder of

corporateleaders, acted as moderator and Dirk De bevere,

integrated technology services Director benelux at ibM,

was the host and part of the debate panel.

Will I be affected?

Nick Coleman, who prior to joining IBM, was the UK National Reviewer of Security and wrote the ‘Coleman Report’ shared that he is often asked by senior executives: “how can they get a framework in place to address the cyber challenge, and what does good look like? ” he told delegates. “Some still look at cyber in a zero tolerance mentality. Saying they want to make sure attacks they experience never happen again. In reality, this is an unrealistic aim.”

Being more realistic

With the average 15,000-employee organization likely to record 1.7 million ‘security events’ every week, the solution, he argued, is “to get to a level of sophistication where you can spot attacks, and respond to, and manage them appropriately so that you have less disruptive events and can limit the damage.”

Coleman told the meeting this means accepting a security attack is more, not less likely to happen. According to an IBM Center for Applied Insights research 83% of security experts

“we can’t protect everything. so let’s figure out what we want to protect and let’s make sure that when we see an attack and it starts to target our critical assets, we can react in real time.”

know external threats have increased. The mindset one should have, he said, is simply to accept attacks will happen all the time. He said: “We’re not going to be able to deal with everything manually, but we need to ask if our capability is proportionate and whether we can manage the disruption to a level that makes sense for the organization.”

Be focused, be resilient, be real-time

Resilience is about making it harder for attacks to happen in the first place. “This means having the right eco-system to tell me what’s happening to my neighbors and to tell me what’s happening about the threats which might come to me.

As everything else starts to be connected, the challenge of understanding what’s really happening and spotting things fast with that intelligence becomes harder.

The good news, new capabilities are emerging – as an industry we are moving to something called stateful inspection, which looks at real-time behaviors. If something looks unusual and you’ve got the capacity, you can then pick it up and understand what they’re after.

The fact is, we can’t protect everything. So let’s figure out what we want to protect and let’s make sure that when we see an attack and it starts to target our critical assets, we can react in real time.”

There are internal threats too

To explain just how networks can be protected, Ian West of NATO, stated simply that in his mind, many forms of attacks were one thing, and one thing only: espionage. “That’s what describes someone who is after your secrets,” he said. But, he argued that the sorts of things agencies like NATO have to deal with are actually very similar to the problems mainstream businesses face too.

One thing West was clear about however, was not to forget the (mostly accidental) internal threats that are likely to happen too: “You can spend lots of money encrypting data, and creating closed systems, only to find that somebody then takes an enormously sensitive secret document from the closed network, transfers it to an internet connected system and tries to send it out over the internet.”

The 24/7 world

West looks after up to 100,000 user accounts and 10 levels of security. He said the strength of his Agency however, is about having a common purpose. “There is no 100% security, we know that. So when something does happen we’ve got the ability to detect and respond and recover from it.”

He said: “We’ve just gone through a huge modernization process, giving us a lot more emphasis on centralization across the enterprise, including full 24/7 incident response. Some might say having this is obvious, but for our first eight years, our security set-up was during office hours only. When I went home on a Friday afternoon it felt like I was hanging a sign outside on our website saying, ‘Please don’t hack us, we’ll back on Monday morning’.” He said: “Attacks can happen from anywhere in the world so security is a 24/7 global issue now. So we’ve updated our tools – everything from having online computer forensics, intrusion detection systems, online vulnerability assessments and log analysis. You have to be able to look into your networks for these indicators of compromise. What people have to remember is that IT security is a journey, not a destination because of the way that technology is evolving.”

“it security is a journey, not a destination because of the way that technology is evolving.”

Products create information

The protection of personally identifiable information is, of course, part of an IT security experts’ job. Being vulnerable to security threats may impact the privacy of your customers. Is the privacy risk in the scope of a cyber threat program?

The answer is yes, according to Peter Berghmans, Data Protection Officer and Privacy Expert. In his speech he argued how the Internet of Things are connecting basic products – even products like TVs – are no longer simple items anymore. Most collect information on customers – everything from data on what is watched, liked, and recorded. “Given information has now become part of a products’ value-chain: provided by the customer, managed by the manufacturer.” Berghmans said. Companies that ‘collect’ the information now not only have to meet the IT security baseline. “We have to ask questions about whether or not this new information is information you should keep and use,” he says. These questions enlarge the scope of current security programs.

“information has now become part of a products’ value-chain: provided by the customer, managed by the manufacturer”

Privacy by design

To understand this, according to Berghmans, the next big trend for IT experts will be thinking about so called ‘privacy by design’ – creating products/services that correctly balance the gain consumers get from a product, and the privacy they ‘give’ (not always consciously) for having it. This is the so called security paradox.

He said: “When Apple launched Apple Pay, it simply said: ‘we don’t know about your financial transaction; we just support it’. This is a design policy decision that’s been made. This gives Apple a real advantage against the Facebooks and Googles of this world which do process people’s data.”

Refering to a new European privacy regulation coming up, Berghmans concluded: “Being in control will be more important than it is today. Today you can choose whether or not you are in control, as current privacy regulations are difficult to enforce. Tomorrow with new regulations coming into play this will become more difficult.”

conclusionHaving the right eco-system built to a level of sophistication where companies can spot attacks, respond to them and manage them appropriately is critical. But as the number of security events grows, the ability to analyze and manage them more efficiently is getting harder. Companies can’t protect everything but they need to figure out what they want to protect and must make sure that when attacks are spotted targeting critical assets, they can react in real time.

As security is a 24/7 global issue, companies need to have updated tools – everything from having online computer forensics, intrusion detection systems, online vulnerability assessments and log analysis. IT security is a journey, not a destination because of the way that technology is evolving. And the protection of private business data is a security issue as well as a privacy issue.

Peter BerghmansTrainer, Thomas More & Data Protection Institute and Data Protection Officer, GZA Ziekenhuizen

As a Data Protection Officer (DPO), Peter Berghmans advises the information security board on how to optimise Information Security and Privacy in internal processes and products. His main focus is health care organizations such as GZA, a major hospital in Antwerp. He also acts as a DPO for the Flemish Government (health care and social welfare department). Taking into account the growing need for Data Protection Officers, Peter started different training programmes, both in private (Data Protection Institute) and public (Thomas More University College) sectors. Peter also participates in the research agenda on this topic together with Mobilab and the Business Intelligence Competence Center of Thomas More.

Dirk BeynaertsSecurity Business Leader, IBM

Dirk Beynaerts is Security Business Leader BeNeLux for IBM Integrated Technology Services. Dirk has more than 25 years of IT experience in

internal IT and customer-facing roles with a track record in several managerial roles in IT infrastructure & operations. Dirk has worked for 6 years at Verizon (Cybertrust/Ubizen) in their security department where he was Managing Director EMEA Security Consulting Services & Global Security Integration Services. Dirk joined IBM in June 2014 in his current role.

Nick ColemanGlobal Head of Cyber Security Intelligence, IBM

Nick Coleman is Global Head Cyber Security Intelligence Services at IBM and prior to this

was Global Cloud Security Leader across IBM delivered cloud platforms. Previous to his time at IBM he was the UK National Reviewer of Security with the UK government where he led the review on whether the government infrastructures and information were adequately protected. His report ‘The Coleman Report’ was published in the UK Houses of Parliament.

Coleman is an Honorary Professor at Lancaster University. He is an appointed advisor to the Executive Director of the EU Cyber Security Agency (ENISA). He is a Fellow of the Institution of Engineering and Technology (IET) and a Fellow of the British Computer Society (BCS). He also sits on the policy panel of the IET. He holds an MBA with Distinction.

Dirk De BevereIntegrated Technology Services Leader BeNeLux, IBM

Dirk is the Business Line Executive for Integrated Technology Services (ITS) in BeNeLux. ITS

serves customers in various industries and provides solutions ranging from smaller, short-term consultancy assignments to large, long-term managed services engagements and specializes

in the domains of Business Continuity & Resiliency, Security, IT Services Optimization and Cloud Computing.

Dirk has 22 years of experience in the IT industry, and is now with IBM for 12 years. Today he leads a cross-functional team spanning sales, solutioning, local and off-shored delivery. He is member of the IBM Benelux Senior Leadership Team and the IBM Belgium Executive Committee. Next to that he serves as board member for IBM Services Financial Sector Luxembourg and was the chairman of the board of Skillteam prior to its integration in IBM Belgium.

Before taking up his current role Dirk held several management roles in IBM”s Global Technology Services Department and prior to that in the Software Group. Dirk holds a University Degree from Antwerp University and an MBA from Henley Management College.

Jesper LillelundPartner & Co-Founder, CorporateLeaders

Jesper Lillelund has been engaged in building valuable business networks on the international scene for over 15 years. Jesper combines his in-depth industry knowledge,

access to a wide network of business leaders, and market development skills focusing on making business transformation and corporate excellence part of the business agenda.

Prior to co-founding CorporateLeaders, Jesper was instrumental in building a leading independent business transformation association from an informal business community to a global player. He also served as the Marketing Director at The Wall Street Journal Europe where he was responsible for managing brand, direct and on-line marketing. In his career at the Journal Europe, Jesper was also responsible for developing new revenue generating businesses. Prior to the Journal Europe, Jesper held market analyst roles at MAN B&W Diesel and Danisco in Denmark.

Jesper holds an MBA in International Management from the University of Dallas and a BBA in Management and International Business from Baylor University in Texas.

Ian WestChief, Cyber Security, NATO Communications and Information Agency

Ian West is the Chief of Cyber Security within the NATO Communications and Information

Agency - the primary provider of ICT solutions and services for the Alliance.

He leads an integrated team of experts which provides a broad range of whole-lifecycle, cyber security services: from service design, through to implementation and the operation of the NATO’s cyber security defences. From 2004 until his current appointment in January 2014, West was the Director of the NATO Computer Incident Response Capability (NCIRC) Technical Centre. From the initial declaration of the NCIRC’s operational status in 2004, he led the development of operational cyber defence within the Alliance, helping to transform the NATO Nations’ strategic vision for improved cyber defence into an effective capability.

West’s appointments with the NCI Agency follow around 30 years’ experience in the military security arena. He was formerly a law enforcement and security officer in the Royal Air Force of the United Kingdom and later responsible for INFOSEC policy, inspections and security accreditation for NATO’s Allied Command Operations.

Speakers

Hosts

IBM is one of the worldwide leaders in the area of IT Services and Consultancy. More than 400,000 IBMers worldwide are involved with inventing and integrating hardware, software and services to enable advanced companies, institutions and people to be successful. Computing power is no longer reserved for computers in the traditional way we think of it. There are chips in our cars, our domestic devices and our cameras. Even our highways have started to become intelligent, as has medicine and food. Furthermore, everything is connected and we have powerful new systems and advanced analyzing possibilities to transfer piles of data into knowledge, insight and useful information. This is how IBM can help make the world smarter.

www.ibm.com

CorporateLeaders is an exclusive independent network that inspires business and leadership by providing a trusted forum for executives to network, exchange ideas, share lessons learned and drive business forward in an ever changing environment.

We focus on providing exclusive membership services, intimate and content rich networking events, research, content, leadership development and advice on business transformation with the executive needs and experiences at its core.

www.corporate-leaders.com

CorporateLeaders

Email: info@corporate-leaders.com - Tel: +32 472 434 731

Fax: +32 2 791 9694 - Web: www.corporate-leaders.com