WIXLIB

Partner acceleration guide forIBM Security QRadarApril 2021

Dear Business Partner,Today’s networks are more complex than ever before and protectingthem from increasingly malicious and sophisticated attackers is anever-ending task. IBM QRadar Security can help organizations gaincomprehensive insights to quickly detect, investigate and respond topotential threats.To accelerate your sales and marketing efforts we have created thepartner acceleration guide. This guide was expressly developed to helpyou to build a successful threat management business with QRadar.This simple, easy-to-follow guide provides the full value proposition forour partners to add QRadar into their portfolio including marketopportunity; solution description; client challenges and use cases; yourinvestment required to build a practice; how to make money and keyenablement resources.Here’s to great outcomes and explosive growth throughout the year!Please let us know if there is anything else, we can do to support yoursuccess.We thank you for your partnership with IBM.Mary O’BrienGeneral Manager, IBM SecurityDavid La RoseGeneral Manager, IBM Partner EcosystemIBM Security / 2021 IBM Corporation2

Table of contentsMarket landscapeClient challenges and solutions0408What is IBM Security QRadar?DifferentiatorsFree editionDemand generation tacticsYour investment1113161718ROI examplesGo-to-market resourcesDemand generation toolsExternal client referencesContact us1921222324IBM Security / 2021 IBM Corporation3

Market landscapeSIEM market is growingUSD 4.2BTop industriesKey findings– Finance– Compliance regulationsremain a strong factor inuse of SIEM technology1– Healthcare2020– TelecommunicationUSD 5.5B2025Security Information and Event Management(SIEM) market size is expected to grow fromUSD 4.2 billion in 2020 to USD 5.5 billion by 2025,at a CAGR of 5.5% during the forecast period.1– Retail– Manufacturing– Utilities– Offer SaaS andcloud-hosted models2– Provide customizabilityfor customers2– Provide true analyticsand operations2– Map to the MITREATT&CK framework2– Have a vision forextended detectionand response (XDR)21 191.html2 57496/reportIBM Security / 2021 IBM Corporation4

Market landscapeSIEM target audienceSecurity Executive (CISO)Securely enable the business, manage ITrisk and compliance, report to the BoardSecurity DirectorOversees Security Operations, IncidentResponse and report on MTTD, MTTRTier 3 AnalystsThreat hunting; system tuning for better detectionTier 2 AnalystsIn-depth investigations; incident responseTier 1 AnalystsFirst line triage – detect threats; gather infoand escalate to Tier 2IBM Security / 2021 IBM r5

Market landscapeCustomers haveenough data, butnot enough insightsof alerts are not investigatedlegitimate alerts are not remediatedsay “keeping up with alerts” is top concernIBM Security / 2021 IBM Corporation6

Market landscapeThe job keeps getting tougher for SOC teams – an opportunity for IBM Security Business PartnersSophistication of Blocked ThreatsTier 3Tier 2Tier 1Phishing link attackReset passwordOpen S3 bucketAlter configSimpleMalware behaviordetectedInvestigates andreimages machine,isolate issue, closecaseExecutive laptopinfectionEscalate severity,get legal involved,investigatepossible campaign,questions areansweredInvolvedPhishingcampaignTracked over timeto investigate andanalyzeLurking APTattackSearch forsuspicious patternsof behavior, usesenriched data toconnect the dots207 DaysTime to detect 1.22MSaved whenbreachesdetected soonerComplexIncreasing complexity in detection and responseIBM Security / 2021 IBM Corporation7

Client pain point #1ProblemLack of visibilityDisparate security data across a growing number of toolsbothin the cloud and on-premise limits visibility whileincreasing vulnerability to attacks, complicatingcompliance reporting.SolutionComplete visibility and real-time insights– A single pane of glass to view data from endpoints,network devices, cloud environments, applications– Real-time insights into user behavior– Integration with 600 tools and services– Out-of-the-box content for GDPR, ISO 27001 and HIPAAIBM Security / 2021 IBM Corporation8

Client pain point #2ProblemUndetected threatsHigh volumes of alerts overburden security teams whoneed to quickly identify and prioritize the most criticalthreats in real-time and understand the full chain of threatactivity.SolutionContext to discern what requires action– Threat intelligence feeds to reduce false positives– Adherence with the MITRE ATT&CK framework– Links seemingly unconnected events to identify threatactivity– Identifies and isolates known and unknown threats– Visualized use case coverage and expert threatintelligenceIBM Security / 2021 IBM Corporation9

Client pain point #3ProblemSkill shortageScarcity of skilled security staff requires a unified workflowand guided response in order to reduce churn and increaseproductivity of SOC analysts.SolutionStreamlined SOC operations– Alerts, automation, and AI-driven analysis that helpsecurity staff accurately triage incidents faster– Dynamic, adaptive playbooks, guided response, and casemanagement to resolve incidents with agility andconfidence– Automation and orchestration across security and IToperationsIBM Security / 2021 IBM Corporation10

What is IBM Security QRadar?QRadar is a market-leading Security Information and EventManagement (SIEM) solution that helps you defend against growingthreats while modernizing and scaling security operations throughintegrated visibility, detection, investigation, and response.With QRadar, you can:– Gain complete visibility into on-premiseand hybrid, multi-cloud environments– Detect threats in real time with advancedanalytics and threat intelligenceembedded with deep expertise– Prioritize and automate alert triage byleveraging IBM Watson to speed up to60x fasterIBM Security / 2021 IBM Corporation– Respond to threats faster and moreefficiently with orchestration andautomation, case management anddynamic playbooks– Scale rapidly with out of the box supportfor thousands of security use cases andintegrations– Accelerate compliance and manageregulatory risk with support for GDPR,ISO 27001, HIPAA and more11

What is IBM Security QRadar?QRadar HREATSDETECTINSIDERTHREATSRESPONSEDETECTION D TOINCIDENTSPRIORITIZEAND MANAGERISKSPROVECOMPLIANCEIBM SecurityApp ExchangeHUNT THREATS, RESPOND FASTER AND CONTINUOUSLY IMPROVEAPPLY M/L, AI AND ADVANCED ANALYTICS TO DETECT, CONNECT, PRIORITIZE AND CLOUDRESOURCESSeamlessintegration andcontent toaugmentplatform.COLLECT DATA ACROSS THE ENTIRE ENVIRONMENTON PREMAS A SERVICECLOUDHYBRIDHW, SW, VMSaaS, Managed ServiceAWS, Azure, Google CloudOn-prem, SaaS, IaaS12IBM Security / 2021 IBM Corporation12

QRadar differentiatorsComplete visibilityIntegrated responseGain comprehensive visibilityinto enterprise-wide dataacross network, endpoint,cloud, user and applications.Outsmart, outpace andoutmaneuver threats byusing dynamic playbooks,automation and orchestration.Also, satisfy privacyregulations using privacybreach reporting.AutomatedinvestigationsPrioritized threatdetectionAutomated alertinvestigation driving fastermore consistent andaccurate responses using AI,supervised learning andfederated search.Track threats as theyprogress, prioritize criticalevents and investigatepotential incidents usingbehavior chaining andglobal threat intelligence.IBM Security / 2021 IBM Corporation13

Significantly improve your security operations with QRadarVisibilityDetectionInvestigationResponse600 51%60x8xvalidated integrations toreduce risk and MTTDIBM Security / 2021 IBM Corporationincrease in ability todetect attacksfaster investigation timeusing IBM Security QRadarAdvisor with Watsonincrease in speed torespond to securityincidents using IBMSecurity SOAR14

Deploy QRadar withIBM Cloud Pak for SecurityThe integration between QRadar and Cloud Pak forSecurity will allow security analysts to work thethreat lifecycle from detection to response in asingle, unified interface.On PremiseAll In One (AIO)Hardware,VM Distributed,HybridIBM Security / 2021 IBM CorporationOn CloudSaaS, IaaS,CP4S, 3rd PartyMarketplaceAs A ServiceFrom IBM MSSPPartner“The future of IBM’s security analyticsplatform is based on its Cloud PakFor Security platform, built in onOpenShift cloud-native architectureand based on its RedHat acquisition,which seeks to deliver multiplesecurity services in the IBM Cloud”— Forrester15

Try free edition for yourselfExplore a trial of QRadar on Cloud:– Delivers elastic scalability and rapid time to value– Ingests vast amounts of data from on-premises andcloud– Correlates related activities to prioritize incidents– Enables real-time analytics to accurately identifythreats– Helps address audit and compliance requirementsGet started hereIBM Security / 2021 IBM Corporation16

Demand generation for QRadarPaid social, paid search, competitive targeting, email nurture streamsIBM Security / 2021 IBM Corporation17

YourinvestmentGet started quicklyand grow as fast asyour timeinvestments allowSign-up, start learning,start sellingBuild employee skillsin as little as 3 weeks– Register for IBMPartnerWorld– Sign-up for Seismic– 2 technical credentials– 1 sales credential– Register for QRadar on CloudFree Trial– Review interactive demos andtutorials– Required to earn channelincentives– Time CostIncrease your rewards– Complete advanced technicalcertifications & badges– Demonstrate sales success– Achieve customersatisfaction targets– Time CostCan be accomplished concurrentlyIBM Security / 2021 IBM Corporation18

QRadar:new licenseexampleIncentive typeIncentive ratesCommentsEstimated average deal size for QRadar – 100,000Sales incentive10%Sales incentive rewards Business Partners for the opportunities they generate and the valuethey bring through the different stages in the sales cycle which result in the sale of IBM newlicense software to the end user.Co-Led/BP-Led segmentincentive ratesFocus offeringincentive10%Focus offerings incentive rewards Business Partners for selling eligible IBM productofferings which are core to IBM’s strategy with value (applicable when transaction alsoreceived sales incentive or engagement incentive).Partner incentivepotential*Growth clientaccelerator incentive(BP Led only)15%Growth Client Accelerator rewards Business Partner for selling in the BP-Led (Growth)customer segment with value (applicable when transaction also received Sales Incentive orEngagement Incentive).Engagementincentive10%Engagement Incentive rewards Business Partners for their role and post-sales value-addactivities they bring which result in the sale of IBM New License software to the End Userand implementation and usage of the newly acquired IBM licenses.Value-add distributorchannel marginContact VADIBM Distributors have sole discretion to determine the amount (if any) of channel marginshared with the reseller. Resellers should discuss the channel margin with their distributors.Additional BPprovided servicesrevenue1 x deal sizePotential additional BP services negotiated and provided by BP to clients.Maximumpotential margin30% (Co-Led)45% (BP-Led) VAD marginEarnings on your first deal may defray the costof your time investment.Average sale cycle:6 to 9 monthsTiming for initial deployment:30 to 60 daysIBM Security / 2021 IBM Corporation*For planning purposes only, incentives for GOE clients and VAD margin paid at time of transaction; incentives for non–GOE clients are paid back-end. Incentivesabove are worldwide rates; some Geos or Markets may vary. Refer to e/ibm-product-groups-exhibits forparts eligibility and ftware-new-license for detailed incentive descriptions19