Big Blue and Big Security
December 2, 2011 Leave a comment
- A “Smarter Planet” is not necessarily a safer planet
- Analytics will become an increasingly important component of security solutions
I spent an interesting couple of days this week at IBM Software’s Connect event. The yearly analyst event brings together IBM’s software brands to talk strategy and trends. This was the first year that IBM invited security analysts to the event: a nod to the formation of a standalone Security Systems division within IBM Software. IBM has had a checkered past in the security markets (most notably with the poorly-executed ISS acquisition), but I came away from the event with the feeling that the company has a strategy in place that realistically addresses IBM’s strengths and weaknesses.
IBM’s Smarter Planet strategy succinctly captures both the opportunity and the challenges facing governments and businesses from a security perspective. A “smarter planet” is instrumented, interconnected and intelligent – that is to say, a planet in which an increasing number of everyday devices (billions and billions of devices) will have sensors, processors and IP addresses. The challenge, of course, is that much of this data will need to be secured. The opportunity is that much of this data could provide valuable security intelligence.
And “Security Intelligence” just happens to be IBM’s new phrase for the foundation of its security strategy: security that is proactive and mostly automated and that leverages predictive analytics. Predictive analytics are not new to security. Predictive algorithms have been used for years in anti-spam tools, and Symantec made a big deal of its use of machine learning in its DLP 11.0 release earlier this year. But IBM sees (and can help drive) a convergence of security with traditional business intelligence products. Expect to see security as an important use case for IBM “Big Data” solutions. The framing of Security Intelligence furthers IBM’s strategic direction of the last couple of years to focus more on management, analytics and visibility, and less on some of the standalone threat products that have defined the security industry for so long. This strategy makes a lot of sense for IBM. It has a long and proud history in the business intelligence and database/data warehousing markets. It has broad portfolios and deep internal expertise. But there are also holes, and IBM is prepared to fill them. Strategically, the recent Q1 Labs acquisition is a good example, which brought in house both security analytics and additional expertise at applying analytics to security problems. IBM well understands, however, that there are plenty of security capabilities (what it likes to call elemental controls), that make more sense for third-party providers to deliver. Comprehensiveness is achieved by building out an ecosystem of partners and enabling IBM to consolidate, analyze, manage, and act on intelligence from a broad set of systems, network and security inputs.