“Meet the Experts“ – IBM’s security event in London, 17 May 23
PAC recently attended IBM’s Meet the Experts, a cybersecurity event in London. Here are our key takeaways:
In general, IBM’s cybersecurity strategy is based on a comprehensive, multi-layer alignment ranging from on-premises solutions and infrastructure protection to environments based on cloud/hybrid multi-cloud. IBM’s product offering increasingly follows a platform-based approach, moving from licensed on-premises software products to multi/hybrid cloud solutions. PAC observes that IBM’s portfolio has been shifting toward a best-of-suite approach to addressing clients’ needs as the company consolidates different point solutions into several cybersecurity suites. Focused acquisitions of point solution vendors underscore IBM’s ambitions to integrate new technologies into its (suite) offering:
- Based on IBM Cloud Pak, IBM Security QRadar Suite offers EDR and XDR, Log Insights (as of April 24, 2023), SIEM, SOAR, and “Federated Access” for leveraging data and insights from existing on-prem and cloud security tools (which fits well with IBM’s hybrid/multi-cloud strategy). This is offered under the paradigm of a “Unified Analyst Experience” (a seamless front-end experience for security analysts) to detect and respond to threats. In addition, the acquisition of Boston-based start-up and security platform provider Randori in June 2022 added a new element to this suite, resulting in a SaaS-based, offensive security platform: the management of the attack surface (through Randori Recon). In PAC’s opinion, the acquisition is a good fit with IBM’s strategic positioning on security software (especially through Randori Recon) and IT services (through Randori’s other product, Randori Attack: Continuous Automated Red Teaming). With IBM’s threat intelligence services (from X-Force), and in combination with the soon-to-be-fully-integrated Attack Surface Management (the recent Randori acquisition, Randori Recon), IBM offers an end-to-end security operations suite that meets clients’ needs. This suite is increasingly offered as SaaS, with enhancements to licensed software.
- Polar Security – Among the many interesting topics covered at the event, PAC found the announcement made by IBM on May 16th 2023 very interesting that it had acquired Polar Security. Over the past decade, the purpose and value of the cloud have matured and it has established itself among organizations, with PAC first-hand witnessing organizations strategically moving to hybrid and multi-cloud operating models. However, despite the many benefits that migrating software services and solutions to the cloud can provide (if architected effectively), PAC has observed organizations in recent years wrestling with a range of new challenges relating to protecting data as it traverses one or more cloud services. It was very encouraging to see IBM discuss how incorporating Polar’s data security posture management solution will further enhance its already highly capable IBM Guardium data security solution. It is clear that the Polar acquisition has provided IBM with the ability to discover shadow data dispersed across the range of cloud services an organization uses. From our conversations had with CxOs, PAC understands that data lineage is critical for organizations as they expand into the cloud and seek to gain greater value from the data they generate and consume. The Polar acquisition provides capabilities to analyze the potential and actual flow of data within and across an organization’s cloud services to uncover vulnerabilities in data use, compliance controls, and overall data posture security. Between this acquisition and the other announcements made on the day, it is clear to PAC that IBM understands the importance of supporting organizations in securing their data and how it moves across and between cloud and on-premises services and solutions.
Overall, in PAC’s opinion, IBM is well positioned in the paradigm shift from best-of-breed to best-of-suite, which will shake the market over the next few years.