Yes, the IBM/Trusteer deal happened on 8/15 but summer activities interrupted my blogging schedule so I’m just catching up.
Rumor has it that IBM paid somewhere between $800m and $1 billion for the Israeli cybersecurity firm. That’s a lot of dollars, shekels, or any other currency but Trusteer can help IBM extend its information security shadow with:
1. A greater presence in the financial services market. IBM is a major player in financial services with IT equipment, software, and services but is still playing catch up with CISOs in this space. With the acquisition of Trusteer, IBM grabs and established leader in web fraud detection (along with Silver Tail/RSA)and a killer installed base in the world’s largest banks. IBM will certainly use this new stature to position QRadar against ArcSight and establish a leadership position big data security analytics. This is important since financial services firms tend to be aggressive spenders when it comes to information security.
2. An advanced endpoint security solution. In spite of its aggressive push into security over the past few years, IBM’s participation in endpoint security has been limited to management (i.e. BigFix) and partnerships. The Trusteer acquisition gives IBM a new type of anti-malware solution that can act as an additional layer of endpoint security and can be deployed on PCs, Macs, and mobile devices. Trusteer endpoint security technology is sound but it was not big enough to push into the enterprise market to compete with Bromium, Invincea, Malwarebytes, or Sourcefire. IBM certainly has the resources to make this happen soon. Look for IBM to integrate Trusteer anti-malware capabilities with its network-based solutions (i.e. ISS) to form a comprehensive network/endpoint anti-malware architecture.
3. Greater intelligence and cloud services. Trusteer solutions are anchored by research, intelligence, and cloud-based protection. IBM can spread these capabilities across existing resources like its xForce security research, QRadar SIEM, and various managed security services options.
4. Mobile security solutions. Rather than develop its own MDM, IBM is pitching mobile security as part of a bigger play that includes secure application development processes, application security testing, endpoint device management, identity and access management, and network security. IBM will likely fold the Trusteer mobile risk engine, SDK, and secure browser, and out-of-band mobile authentication into its mobile enterprise security mix.
5. A recruiting hub. IBM plans to establish a presence in Israel for cybersecurity research and development. Given the global shortage of security talent this is a very shrewd move giving IBM access to elite talent coming out of the IDF and the Unit 8200 Israeli Intelligence Corp.
Look for IBM to also get the most out of the Trusteer Cybercrime Prevention Architecture, a technology stack that includes device-based protection, middleware services, and cloud-based intelligence. This architecture gives IBM the opportunity to integrate Trusteer security technology with existing products, layer in other acquisitions, or work on common solutions with 3rd party partners.
With the Trusteer acquisition, IBM fills in a few product gaps and continues to demonstrate its intentions to compete in all aspects of enterprise security. Look for IBM to continue to be aggressive and set the pace.