Like the other 125+ industry analysts attending the recent IBM InterConnect 2017 conference in Las Vegas, I attended various keynote speeches, partner panels, product updates and client meetings, but I found two sessions with IBM executives particularly interesting.
The first one was with Denis Kennelly, a former IBM Security VP who recently became GM of IBM’s Hybrid Cloud Offerings. Kennelly’s deep experience in enterprise security informs his new role but he noted that organizations considering or planning cloud migrations don’t often see how cloud might impact the security of their data, applications and operations. He cited three examples:
- Companies typically secure private clouds with the same tools and applications organizations use in the rest of their IT infrastructure, even though those technologies may not be ideal for cloud processes and workloads.
- Businesses using public clouds seldom consider that they are essentially outsourcing security processes and responsibilities to provider to providers whose security capabilities vary hugely.
- Finally, deploying hybrid clouds requires complex integration efforts, any of which might stress, bend or even break security processes and compliance requirements.
How can IBM help to address these issues? Kennelly noted that the company’s Watson Analytics can be used to detect a range of network anomalies, a capability that includes successfully reducing false positives and security alerts. That can help increase the efficiency of administrators and free up time for them to work on more pressing matters.
Watson also plays a central role in IBM Security’s “immune system” approach to protecting customers’ IT infrastructures. In those scenarios, IBM Watson Analytics can correlate customers’ data and relevant external information sources, like the data generated by IBM’s X-Force Threat Intelligence Research, and respond to threats and attacks when they first appear.
Kennelly also noted that huge and continually expanding threat surfaces are growing beyond the abilities of the security industry. The issue security customers need to focus on isn’t the attack itself—in the current climate, attacks are inevitable. The bigger point is in how they can prepare to meet those attacks, and how they respond after attacks eventually occur.
Disruption is Inevitable
My second meeting was with Laurence Guihard-Joly, GM of the Resiliency Services group in IBM’s Global Technical Services (GTS) organization, and Chandra Pulamarasetti, Co-Founder & CEO, Sanovi Technologies which IBM acquired in October 2016. Pulamarasetti is now VP of the Cloud Resiliency Orchestration Software & Services within IBM GTS Resiliency Services.
If you’re unfamiliar with resiliency services, IBM says that its organization “delivers business continuity and disaster recovery management (DRM) services that support businesses across all environments —including public cloud, private cloud and on-premises IT environments.” That may seem a bit arcane but it is deadly serious business for IBM’s 4,000+ global Resiliency Services professionals and the tens of thousands of companies that depend on them to help keep their IT infrastructures in an “always on environment.”
But just how serious is IT resiliency? Consider that in the weeks leading up to IBM InterConnect, two of the biggest news stories concerning cloud computing focused on outages at AWS and Microsoft Azure. In AWS’ case, the S3 services in its Northern Virginia data center were down for five hours, during which time a majority of websites that rely on that facility hung or stalled. The eight-hour Azure outage was less severe—some compared it to a “brown-out” rather than the AWS “black-out” but many businesses and their online customers were likely impacted by poor service quality.
IBM’s Resiliency Services group focuses on preventing or reducing those and other kinds of events. The size of the group indicates the importance of the task to IBM customers. Why so important? As Guihard-Joly noted, “A decade ago only about ten percent of business applications were considered mission critical. Today, interdependencies between applications have substantially increased potential problems and the impacts resulting from natural and man-made disruptions.”
The acquisition of Sanovi Technologies aims to make IBM Resiliency Services’ work considerably easier. Pulamarasetti explained that Sanovi software runs on top of customers’ platforms, and can be used in numerous disaster recovery management (DRM), hybrid cloud recovery, cloud migration and business continuity scenarios. With the addition of IBM analytics capabilities, Sanovi gathers and analyzes performance data, develops deep insights and orchestrates control/response efforts.
Over time, IBM envisions leveraging Watson Analytics to substantially expand Sanovi’s DRM capabilities, thus enabling customers to embrace proactive resiliency programs that anticipate potential failures before they occur.
The conclusions I took away from my IBM Resiliency Services meeting paralleled my discussion about IBM Security: Since disruptions are inevitable, the critical point lies in how organizations prepare to survive those disruptions, and how they respond after disruptions occur. At IBM InterConnect, I learned about how the company is effectively working and investing to ensure that its customers can achieve just those outcomes. Can the vendors your organization works with say the same?