How Many Security Vendors Do You Use? IBM Says 32 - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Software // Enterprise Applications

How Many Security Vendors Do You Use? IBM Says 32

IBM and other large IT infrastructure companies are bulking up in an attempt to provide a one-stop shop for comprehensive security systems.

The forecast for improvements to IT security has been a bleak one because no technology vendor has had the right combination of resources and knowledge to adequately attack the problem. Until now, that is, Tom Noonan said Wednesday during his first RSA Conference keynote as an IBM employee.

Noonan, who in October became general manager of IBM's Internet Security Systems when his company ISS was bought for $1.3 billion, said that IBM's move has sparked a resurgence at ISS, starting at the top. "For the first time in more than a decade, I'm reporting to more than a board of directors and Wall Street," Noonan said, adding that he expects IBM's backing to accelerate ISS's security research and product development. "The problems that we were trying to solve were too big for us. IBM ensures the systems view is designed into the network."

The insatiable appetite that IT infrastructure vendors Cisco Systems, EMC, IBM, and others have displayed over the past few years for security technology is a crucial step toward giving businesses and other organizations the secure systems needed to finally get in front of the security threats they face. "Our customers are in business to serve their customers," but Internet security threats keep them from those goals, Noonan said.

Noonan cited research from ISS's X-force research team to support his assertion. The average large enterprise has security products and/or services from 32 different security vendors in its IT environment, he said. In addition, IT security spending continues to grow at a rate of three times that of other IT investments. "This is a pretty unsustainable business problem," Noonan said. Despite these investments in security technology, customers are left with the most difficult task: making them all work together.

The ideal security solution today can't be based on reactive, signature-based systems. "We must have systems that are continually enabled by the intelligent monitoring of systems," Noonan said. "Security has to have a continuous source of intelligence," rather than waiting on vendor software patches. This intelligence will come from security information extracted from multiple points throughout the network, including intrusion detection and prevention systems, identity and access management systems, and PC and mobile endpoints.

Sounds like a plan, but it's too early to tell how well ISS is being absorbed into IBM, or, for that matter, how well RSA is being absorbed into EMC after EMC's September purchase of RSA for $2.1 billion. Integrated "solutions" from a single vendor are a recurring promise from large vendors to justify their unwillingness to push themselves away from the acquisition banquet table.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
8 AI Trends in Today's Big Enterprise
Jessica Davis, Senior Editor, Enterprise Apps,  9/11/2019
IT Careers: 10 Places to Look for Great Developers
Cynthia Harvey, Freelance Journalist, InformationWeek,  9/4/2019
Cloud 2.0: A New Era for Public Cloud
Crystal Bedell, Technology Writer,  9/1/2019
White Papers
Register for InformationWeek Newsletters
Current Issue
Data Science and AI in the Fast Lane
This IT Trend Report will help you gain insight into how quickly and dramatically data science is influencing how enterprises are managed and where they will derive business success. Read the report today!
Flash Poll