Software // Enterprise Applications
News
2/7/2007
09:13 PM
Connect Directly
RSS
E-Mail
50%
50%

How Many Security Vendors Do You Use? IBM Says 32

IBM and other large IT infrastructure companies are bulking up in an attempt to provide a one-stop shop for comprehensive security systems.

The forecast for improvements to IT security has been a bleak one because no technology vendor has had the right combination of resources and knowledge to adequately attack the problem. Until now, that is, Tom Noonan said Wednesday during his first RSA Conference keynote as an IBM employee.

Noonan, who in October became general manager of IBM's Internet Security Systems when his company ISS was bought for $1.3 billion, said that IBM's move has sparked a resurgence at ISS, starting at the top. "For the first time in more than a decade, I'm reporting to more than a board of directors and Wall Street," Noonan said, adding that he expects IBM's backing to accelerate ISS's security research and product development. "The problems that we were trying to solve were too big for us. IBM ensures the systems view is designed into the network."

The insatiable appetite that IT infrastructure vendors Cisco Systems, EMC, IBM, and others have displayed over the past few years for security technology is a crucial step toward giving businesses and other organizations the secure systems needed to finally get in front of the security threats they face. "Our customers are in business to serve their customers," but Internet security threats keep them from those goals, Noonan said.

Noonan cited research from ISS's X-force research team to support his assertion. The average large enterprise has security products and/or services from 32 different security vendors in its IT environment, he said. In addition, IT security spending continues to grow at a rate of three times that of other IT investments. "This is a pretty unsustainable business problem," Noonan said. Despite these investments in security technology, customers are left with the most difficult task: making them all work together.

The ideal security solution today can't be based on reactive, signature-based systems. "We must have systems that are continually enabled by the intelligent monitoring of systems," Noonan said. "Security has to have a continuous source of intelligence," rather than waiting on vendor software patches. This intelligence will come from security information extracted from multiple points throughout the network, including intrusion detection and prevention systems, identity and access management systems, and PC and mobile endpoints.

Sounds like a plan, but it's too early to tell how well ISS is being absorbed into IBM, or, for that matter, how well RSA is being absorbed into EMC after EMC's September purchase of RSA for $2.1 billion. Integrated "solutions" from a single vendor are a recurring promise from large vendors to justify their unwillingness to push themselves away from the acquisition banquet table.

Comment  | 
Print  | 
More Insights
Building A Mobile Business Mindset
Building A Mobile Business Mindset
Among 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps – and it's past time for those with no plans to get cracking.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest September 24, 2014
Start improving branch office support by tapping public and private cloud resources to boost performance, increase worker productivity, and cut costs.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.