IBM isn’t a name that typically springs to mind when it comes to leading IT security technologies and services. However, along with analytics, cloud, mobile and social solutions and services, security is one of the five strategic imperatives the company has singled out as critical to its future business.
More importantly, IBM Security is a healthy and growing commercial business that currently serves over 4,500 clients in 133 countries. The group has also enjoyed consistent double digit growth since its formation, delivering a reported $2B in revenues during FY 2015.
How does the company plan to continue or even substantially grow that success? Earlier this year, IBM Security announced plans for a $200 million expansion of its incident response capabilities, then on November 16th it updated its progress with additions, including a new, recently opened global headquarters in Cambridge, Massachusetts that features the industry’s first physical Cyber Range.
What is a Cyber Range exactly? Consider it a “flight simulator” where IBM customers can practice how to meet and defeat cyberattacks. As the announcement noted, the Cyber Range, “Uses live malware, ransomware and other real-world hacker tools culled from the dark web to deliver realistic cyberattack experiences.”
Deployed inside an air-gapped network, the Cyber Range emulates a fictitious corporation consisting of one petabyte of information, 3,000+ employees/users and a simulated internet that can be subjected to exploits and attacks. Why is the Cyber Range valuable? For the same reason that professional pilots use simulators to train for encounters with challenging, hazardous, even catastrophic events.
While not so inherently dangerous to life and limb, it’s far better for IT business professionals to have a taste of what’s coming when cybercriminals attack rather than learning “on the fly” during confusing, destructive and costly real events.
While fascinating, the Cyber Range wasn’t the only element featured in the November 16th announcement. Along with its new Cambridge headquarters, IBM Security also significantly expanded the capacity of its X-Force Command Center in Atlanta, Bangalore and Poland. Those facilities handle billions of security events, analyze over 100 million web pages and images, collect data from 270 million endpoints and bring in 200,000 new pieces of threat intelligence every day.
The company also announced a new incident response and intelligence consulting team called IBM X-Force IRIS which includes over 100 elite cybersecurity consultants worldwide with deep expertise in incident response and threat intelligence. Many X-Force IRIS members worked with Federal law enforcement and intelligence agencies where the intelligence collection and analysis capabilities they built are still in use.
What’s the key takeaway here? First, that IBM is investing in and delivering services designed to help clients improve and ensure the security of their organizations, even as the cyber threats they face continue to grow in number and sophistication.
However, rather than focusing on point products, as do so many other security vendors, IBM is developing solutions that support and answer the demanding cross-functional requirements of its enterprise clients.
That is apparent in the company’s new Cyber Range and X-Force IRIS team, as well as its new, higher capacity X-Force Command Centers. It also includes strategic acquisitions, like Resilient Systems and QRadar which have helped notably increase IBM’s incident response capabilities.
Bottom line: The November 16th announcement shows that the company deeply understands the challenges that enterprises face from ruthlessly well-organized, well-financed cyber criminals. Moreover, IBM Security is continuing to invest in the technologies and tools that businesses need to prepare for and successfully defeat cyberattacks.