IBM deal bolsters security management expertise

IBM is to buy Internet Security Systems (ISS) in a £684m deal that the company hopes will improve its ability to offer managed security services.

IBM is to buy Internet Security Systems (ISS) in a £684m deal that the company hopes will improve its ability to offer managed security services.

ISS provides security software, appliances and the xForce alert service to businesses and governments. IBM sees the acquisition as a way to address users' need to tackle rapidly evolving security threats and complex regulatory requirements.

Thomas Raschke, senior analyst at Forrester Research, said, "ISS gives IBM a lot of security expertise." This would strengthen the security expertise IBM already offered, he added.

Although IBM has yet to say how ISS will be integrated into its existing Tivoli systems management software, combining systems information with security management is something the IT industry is working towards, according to Forrester Research. "It means better visibility, cost savings, and higher efficiency when protecting and managing enterprise-wide IT systems," it said.

Forrester predicted that users would first look to systems management suppliers they trusted to help provide oversight of enterprise security systems. It expected suppliers including BMC, CA, Hewlett-Packard, IBM Tivoli, Sun, McAfee, Cisco and Symantec to be offering integrated products by expanding through acquisition and/or consolidating their existing product portfolios.

Val Rahmani, general manager for infrastructure services at IBM Global Services, said, "This acquisition will help IBM provide companies with access to trained experts and leading-edge processes and technology to evaluate and protect against threats and enforce security policies."

Choose 'proactive' security tools, urges Forrester

Forrester Research has urged users to buy security configuration management products rather than standalone patch management tools. The analyst group said such products helped firms to manage security proactively.

"Security configuration management tools combine vulnerability assessment, patch management, automated remediation and configuration compliance capabilities," Forrester said.

This gives users the ability to assess system configurations against known vulnerabilities and corporate compliance policies and take the appropriate actions.


Vote for your IT greats

Who have been the most influential people in IT in the past 40 years? The greatest organisations? The best hardware and software technologies? As part of Computer Weekly’s 40th anniversary celebrations, we are asking our readers who and what has really made a difference?

Vote now at:

Read more on IT risk management