CrossIdeas Acqusition Underlines IBMs Security Drive

IBM seems hungry for acquisitions, even though its revenues are down two percent on the year. The latest buy comes in the shape of CrossIdeas, a Rome, Italy-based cyber security vendor.

Financial details of the deal were not disclosed, which means Big Blue probably got it relatively cheap. It also underlines IBM’s growing strength in the security space after it took third position as the biggest security vendor globally after Symantec and McAfee, pushing Trend Micros into fourth place.

Double Whammy

Explaining the acquisition, IBM pointed out that the double whammy of increasingly stringent government regulations along with sophisticated security threats is forcing IT departments to look for new tools and solutions.

CrossIdeas offers just that. The company bridges the gap between compliance, business and IT infrastructure, and in the process, claims to reduce the risk of fraud, human, error and outside interference. It will be added to IBM’s portfolio of identity and access management capabilities.

"IBM can now provide enterprises with enhanced governance capabilities and transparency into risk from the factory floor to the board room, giving leaders the insight they need to protect their brand and customers,” said Brendan Hannigan, General Manager of IBM Security Systems.

Why has IBM been developing its security business and what’s going on out there? According to research, DDoS attacks are growing – up 240% in 2014. Incapsula protects tens of thousands of websites from DDoS attacks – and can discuss, in detail, recent large-scale attacks.

Gartner reports that in the last two years there has been an increase in the sophistication of attacks against commercial and governmental infrastructure across the globe. Andrew Walls, research vice president at Gartner pointed out at last June’s Security and Risk Management Summit that threats are now also coming from the least expected places.

We are now dealing with government-sponsored espionage and infrastructure attacks, ideologically driven insider threats, and globally coordinated fraud. All of these threats, new and old, play out across infrastructure that is an assemblage of legacy infrastructure — both obsolete and up-to-date — and new, Internet of Things, operational technology, cloud and mobile infrastructure and services,” he said.

The Business Of Security

Security hasn't been one of IBM’s traditional stomping grounds. But it is quickly becoming big business for it, particularly as the security market is growing rapidly. Worldwide security software revenue totaled $19.9 billion in 2013, a 4.9 percent increase from 2012 revenue of $19.0 billion, according to Gartner.

While the growth is substantial, it is less than what was expected because of the commoditization of key subsegments and the decline in growth for two of the top five vendors.

2014-7-31 gartner top security vendors.jpg

Overall, Gartner reported, the larger trend that emerged in 2013 was that of the democratization of security threats, driven by the easy availability of malicious software and infrastructure that can be used to launch advanced targeted attacks.

The result of this that investment in security software continues unabated, particularly as more organizations are now looking to use multiple data repositories to become more competitive.

The security market is still dominated by a handful of vendors with IBM’s market share growing continuously. The top four vendors now account for 39 percent of the total security software market. Gartner noted that this is the first time years that a broad portfolio vendor like IBM — i.e a vendor that is not pure play security vendor — has been able to enter the top three.