Analysts say IBM’s $1.5 billion security push -- just a year after its $1.3 billion acquisition of Internet Security Systems -- is a big statement for a company that was once surprisingly weak in security offerings.
“IBM was not really visible in security at all, which is unusual for its size,” says Scott Crawford, research director at Enterprise Management Associates. “The strategy [announced this week] makes it clear that they intend to dominate strategic approaches to security and risk management in the enterprise.”
While IBM was strong in identity management and encryption even before acquiring ISS, Crawford says the company is now taking a more holistic approach that helps businesses focus on risk management related to securing a technology infrastructure and protecting sensitive data.
IBM’s latest initiative addresses five areas: information security; threats and vulnerabilities; application security; identity and access management; and physical security. IBM’s acquisitions of ISS and vulnerability-assessment security firm Watchfire are crucial in IBM’s push to build new security technologies, and more acquisitions could be on the way.
“We’ll have to see how the acquisition market looks. We’ve made a real strong statement here [with ISS and Watchfire],” says Eric McNeil, manager of IBM’s corporate security strategy.
Simply because of its size, IBM is likely to be an attractive option for customers looking to enhance their own security, analysts say. Companies are less willing to bet on start-ups today than a few years ago, at least when it comes to security, says IT consultant Joel Snyder of Opus One.
“People would rather buy a security product from IBM than from some start-up that might or might not be there in a couple months or a year,” Snyder says. IBM’s announcement “sounds really good not just for their customers but for people looking for a good security partner. … It’s really nice to have someone of the caliber of IBM with their support and integration.”
The company traditionally had a “thin portfolio” in security, particularly weak in firewalls, antispam and antivirus products, according to Snyder. While IBM’s ISS division has all three of those capabilities, McNeil said IBM might also partner with other vendors to provide technologies such as antivirus and antispam.
IBM says its $1.5 billion initiative is a response to security challenges posed by collaborative business models, sophisticated criminal attacks and increasingly complex infrastructures. One piece of this project is a collaborative research project with academia to focus on security risk management.
“Increasingly, Chief Information Officers (CIOs) and Chief Information Security Officers (CISOs) are focusing on securing critical business processes, not just the underlying IT assets,” IBM stated in a press release.
IBM also announced several new technologies and services this week. Here’s a summary:
* IBM Proventia content analyzer technology. This is a set of new data inspection capabilities for Proventia Network Intrusion Prevention System products. “The technology analyzes data packets as they move across the network, detecting the transmission of many types of confidential information, thereby increasing broad visibility of potential data loss,” IBM states.
Rss FeedRss Feed
The Leader in Network Knowledge
Comment