Underlining its growing interest in security products and solutions, IBM (news, site) has just announced that it is to buy Open Pages, a MA-based company that develops risk and compliance software for business.

When the deal is closed, IBM intends to add the company to its business analytics portfolio rather than to the Tvioli part of its business that benefitted from the BixFix security acquisition last July, an indication that Open Pages will be sold as part of its data analytics packages on which IBM has spent a whole pile of money over the last ten years.

Data and Security Threats

So why data security and why now? The answer lies in the level of risk that is now threatening enterprise data and which is steadily rising on a year-on year basis, making it one of the major concerns of enterprises at the moment.

In August, IBM published the results of its X-Force 2010 Mid-Year Trend and Risk Report, which showed that vulnerability disclosures are increasing dramatically, having reached record levels for the first half of 2010.

It showed that in the first half of 2010 there was a 36% increase in vulnerabilities over the same period last year. Over half (55%) of all these disclosed vulnerabilities had no vendor-supplied patch at the end of the period.

Security Markets Worldwide

In fact IBM has been putting a lot of thought and resources into security recently. Gartner (news, site) has pointed out that securing the enterprise is a top priority for its clients. Worldwide security software revenue is forecast to surpass US$ 16.5 billion in 2010, an 11.3% increase from 2009 revenues of US$ 14.8 billion.

In the Forecast Analysis: Security Software Markets, Worldwide, 2009-2014, 2Q10 Update Matthew Cheung, senior research analyst at Gartner says that compliance is one of the major drivers in many areas including user provisioning, security information and mobile data protection -- all areas that IBM is playing strong in.

The growing sophistication of the threat landscape — with malware composed of multiple components that can be installed after the initial infection and the exploits of socially engineered trojans, which trick end users into downloading and executing malicious files — will push organizations and consumers to invest in endpoint security products in coming years,” Cheung said.

IBM, Open Pages and Security

And now we have the acquisition of Open Pages. Terms of the deal were not disclosed and it is not possible to estimate how much it might be worth. However, none of the deals done recently have been cheap -- the BigFix deal was estimated to be worth US$ 400 million.

Open Pages, which is based in Waltham, MA, makes software that helps companies develop strategies for operational risk, financial controls management, compliance and internal audits, enabling enterprises view data from different systems to get an idea of a business's total exposure to danger.

It already has quite a reputation with over 200 clients, many of them Fortune 500 Companies including Duke Energy, Allianz and BP.

The analytics part comes from the software’s ability to highlight any inconsistencies in risk and performance goals, giving enterprises a comprehensive view of the business opportunities and risks associated with new business interests, and should complement IBM's other analytics offerings quite nicely.

IBM v the Others

IBM though is not the only one starting to play big in the security and compliance market. This summer alone, Intel agreed to pay US$ 7.68 billion for McAfee causing absolute consternation, especially on Wall Street where analysts still haven’t decided what that was all about.

In May Autonomy closed the deal with CA to buy its information governance business and has already integrated its IDOL search platform into what was CA’s Message Manager.

Only two days ago, HP announced that it was buying security software provide ArcSight for US$ 1.5 billion and only a few weeks prior to that had beat Dell to pay US$ 2.07 billion for data storage and security company 3Par.

An interesting aside on the HP deal is that that the Wall Street Journal cites IBM CEO Samuel J. Palmisano saying IBM would never have paid that much for the company (3Par), but HP had to because former CEO Mark Hurd cut that company's research and development.

Where all this will end up is anyone’s guess, but one thing is certain -- security is a good business to be in at the moment and apparently there is no shortage of cash to buy whatever’s needed.