Feeds

IBM launches $1.5bn IT security push

Compliance and control

Next gen security for virtualised datacentres

IBM has launched a major push to grow its presence in the information security market. The initiative is centered around two particular areas - compliance and content control - and weaves together technologies from recent IBM acquisitions Internet Security Systems (ISS) and Watchfire with technologies developed inhouse, many related to its Tivoli systems management arm.

The push will reportedly double IBM's security-related research and development spending to $1.5bn next year.

In a statement, IBM said the risk management landscape has changed with more collaborative business models evolving alongside more sophisticated criminal attacks. Current security technologies, implemented tactically in silos, are insufficient to deal with current challenges, the firm said.

Big Blue said it wanted to manage risk across an enterprise, with a particular focus on areas including application security, identity and access management, and physical security.

Substance

IBM bought security tools firm ISS for $1.3bn in a deal announced in August 2006. It followed up with the acquisition of web application security firm Watchfire in June 2007 in a deal valued at more than $100m. IBM's system rivals have also been active in the information security space, most notably marked with EMC's acquisition of RSA Security for $2.3bn in June 2006.

The introduction of corporate governance regulations such as Sarbanes-Oxley and HIPA have been a major driver for the information security industry as a whole over the last two years and go a long way to explaining why the likes of IBM and HP are looking to get a bigger slice of the action.

IBM's Internet Security Systems unit is a particular focus of the firm's wider push to add improved content inspection and compliance features to its technology portfolio. New data inspection capabilities are to be built into the Proventia Network Intrusion Prevention System line of products to provide increased visibility into data loss issues (eg alerting firms if someone tries to email sensitive data to unauthorised parties and the like).

Big Blue is also weaving technology from its Tivoli systems management arm with products from partners including Fidelis Security Systems, PGP Corporation, and Verdasys to produce new services. These include services that help clients encrypt and manage data on laptops and PCs, snappily titled IBM Data Security Services for Endpoint Data Protection, and IBM Data Security Services for Activity Compliance Monitoring and Reporting, a service for alerting on malicious and non-compliant database activity and vulnerabilities.

Other products, such as IBM User Compliance Management Software include access control and user activity monitoring, providing an electronic Big Brother. In market terms, technologies such as this push IBM into competition with the likes of Websense. In practical terms, it provides tools for firms keen to make sure their workers aren't spending their time playing network games or goofing around on Facebook instead of working.

Transmission

Big Blue also announced a one-stop program designed to offer compliance with the Payment Card Industry Data Security Standards (PCI DSS), an initiative by the credit card industry to make sure merchants have followed 12 basic security guidelines for processing credit and debit card data. This ties in with a wider push to sell more security products and services to small businesses.

Last, but not least, IBM announced a research project in security risk management.

More detail can be found in IBM's release here. ®

The essential guide to IT transformation

More from The Register

next story
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
Chinese hackers spied on investigators of Flight MH370 - report
Classified data on flight's disappearance pinched
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
New twist as rogue antivirus enters death throes
That's not the website you're looking for
ISIS terror fanatics invade Diaspora after Twitter blockade
Nothing we can do to stop them, says decentralized network
prev story

Whitepapers

A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Maximize storage efficiency across the enterprise
The HP StoreOnce backup solution offers highly flexible, centrally managed, and highly efficient data protection for any enterprise.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.