Feeds

IBM launches $1.5bn IT security push

Compliance and control

5 things you didn’t know about cloud backup

IBM has launched a major push to grow its presence in the information security market. The initiative is centered around two particular areas - compliance and content control - and weaves together technologies from recent IBM acquisitions Internet Security Systems (ISS) and Watchfire with technologies developed inhouse, many related to its Tivoli systems management arm.

The push will reportedly double IBM's security-related research and development spending to $1.5bn next year.

In a statement, IBM said the risk management landscape has changed with more collaborative business models evolving alongside more sophisticated criminal attacks. Current security technologies, implemented tactically in silos, are insufficient to deal with current challenges, the firm said.

Big Blue said it wanted to manage risk across an enterprise, with a particular focus on areas including application security, identity and access management, and physical security.

Substance

IBM bought security tools firm ISS for $1.3bn in a deal announced in August 2006. It followed up with the acquisition of web application security firm Watchfire in June 2007 in a deal valued at more than $100m. IBM's system rivals have also been active in the information security space, most notably marked with EMC's acquisition of RSA Security for $2.3bn in June 2006.

The introduction of corporate governance regulations such as Sarbanes-Oxley and HIPA have been a major driver for the information security industry as a whole over the last two years and go a long way to explaining why the likes of IBM and HP are looking to get a bigger slice of the action.

IBM's Internet Security Systems unit is a particular focus of the firm's wider push to add improved content inspection and compliance features to its technology portfolio. New data inspection capabilities are to be built into the Proventia Network Intrusion Prevention System line of products to provide increased visibility into data loss issues (eg alerting firms if someone tries to email sensitive data to unauthorised parties and the like).

Big Blue is also weaving technology from its Tivoli systems management arm with products from partners including Fidelis Security Systems, PGP Corporation, and Verdasys to produce new services. These include services that help clients encrypt and manage data on laptops and PCs, snappily titled IBM Data Security Services for Endpoint Data Protection, and IBM Data Security Services for Activity Compliance Monitoring and Reporting, a service for alerting on malicious and non-compliant database activity and vulnerabilities.

Other products, such as IBM User Compliance Management Software include access control and user activity monitoring, providing an electronic Big Brother. In market terms, technologies such as this push IBM into competition with the likes of Websense. In practical terms, it provides tools for firms keen to make sure their workers aren't spending their time playing network games or goofing around on Facebook instead of working.

Transmission

Big Blue also announced a one-stop program designed to offer compliance with the Payment Card Industry Data Security Standards (PCI DSS), an initiative by the credit card industry to make sure merchants have followed 12 basic security guidelines for processing credit and debit card data. This ties in with a wider push to sell more security products and services to small businesses.

Last, but not least, IBM announced a research project in security risk management.

More detail can be found in IBM's release here. ®

The essential guide to IT transformation

More from The Register

next story
One HUNDRED FAMOUS LADIES exposed NUDE online
Celebrity women victimised as Apple iCloud accounts reportedly popped
Rubbish WPS config sees WiFi router keys popped in seconds
Another day, another way in to your home router
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
NZ Justice Minister scalped as hacker leaks emails
Grab your popcorn: Subterfuge and slur disrupts election run up
HP: NORKS' cyber spying efforts actually a credible cyberthreat
'Sophisticated' spies, DIY tech and a TROLL ARMY – report
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
New Snowden leak: How NSA shared 850-billion-plus metadata records
'Federated search' spaffed info all over Five Eyes chums
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?