ISS Chief: IBM Has Big Plans for Security Business

By Matt Hines  |  Posted 2006-12-06

ISS Chief: IBM Has Big Plans for Security Business

When IBM announced its $1.3 billion buyout of Internet Security Systems in late August, many industry experts wondered aloud what its long-term strategy for the company might be.

According to ISS long-standing chief executive, Big Blue is already investing time and money in the name of boosting the firms standing in the market.

Rivals including McAfee have already begun using IBMs ownership of the firm as a marketing tool, telling customers that the tech giant doesnt care about supporting many of ISS existing technologies, such as its intrusion detection appliances.

The companys systems integrator partners, critics say, are being scared off by the notion of doing business with rival IBM Global Services.

But Tom Noonan, the CEO who helped co-found Atlanta-based ISS in 1994 and spearheaded the deal to sell the company to IBM contends the outlook for his company has never been better.

While industry watchers and rivals have questioned IBMs commitment to becoming a more significant player in the security space, Noonan said that Big Blues intent in buying his firm was exactly that, and that it is already pouring a significant amount of investment into ISS to help it grow at a pace it could not afford if it remained a standalone vendor.

IBM may not be known as a security provider, but it has had its hands in the business for a long time, Noonan said.

"IBM is already a huge security company today; theyve been in the business for forty years, and theyre very serious about building an even more robust, market-leading security company and ISS is a key part of the DNA from which that business will grow," Noonan said.

"I read these comments that IBM isnt committed to security and that couldnt be further from the truth. Theyve already armed us with far greater resources to invest in our products, along with more marketing, sales and support."

Noonan said that despite the investment from IBM, ISS new owner is sticking to the hands-off approach that it detailed to market watchers when the deal was first announced.

IBM and Narus offer telecom security package. Click here to read more.

And rather than looking to cut staff or expenses, the CEO said that IBM, based in Armonk, N.Y., has given ISS a large amount of money to hire additional workers to help speed up its product development.

According to Noonan, many large IT vendors have purchased security companies simply to lend credibility to their products, such as storage giant EMCs deal to snap up authentication specialists RSA Security.

IBM made its deal with plans to expand ISS footprint, rather than simply integrate its technology into other business units, he said.

"Customers are attempting to simplify their IT infrastructure and reduce the number of vendors they deal with, and at the same time security is becoming a core requirement for enterprises when they consider broader solutions from larger providers," said Noonan.

Next Page: Is IBM really committed to security?

Is IBM really committed

to security?">

Rather than putting off ISS existing customers, the deal has helped ease concerns over the companys future, according to the CEO.

Moving forward, Noonan said IBM is certain it can become a serious contender in the enterprise security space, using ISS products and services to help lay the foundation for a business that can help large companies protect their operations and manage risk in the same way that security market leaders Symantec and McAfee have recently positioned themselves.

The security industry remains fragmented, forcing customers to juggle more relationships than they care to, and IBM will look to take advantage of that issue, he said.

The company will also look to launch hosted security services, similar to those recently detailed by executives at Symantec, and bring its expertise in the open-source arena to bear on the market by helping customers integrate formerly disparate security systems.

"No one big company with all the resources needed to help enterprises deal with all their security issues has stepped forward as a dominant player in the space," said Noonan.

"IBM has an incredible opportunity to build an 800 pound gorilla and fundamentally change the industry, based on ISS platforms."

Despite Noonans pledge that IBM is committed to expanding its role in the security sector, some industry watchers remain unconvinced that Big Blue currently entertains such a strategy.

ISS managed services business, along with its vulnerability assessment and security information event management technologies, will be of use to IBM, said John Pescatore, analyst with Gartner in Stamford, Conn.

IBM snaps up compliance specialist Consul. Click here to read more.

However, the analyst does not see how the remainder of ISS business, including its intrusion detection appliance product lineup, fits into the big picture at Big Blue.

"When you look at ISS, the majority of their revenue was from intrusion protection and detection, which is not a good fit for IBM, since theyre not likely to try and compete with Cisco, Juniper and Check Point in that market," said Pescatore.

Pescatore added that Wall Street experts believe that IBM only wanted ISS services business, but that Noonan and ISS wouldnt sell off those pieces, so IBM paid for the whole company.

"For now theyll likely integrate those services and leave ISS products alone, but long term it seems likely theyll spin those off, sell them, or just let them wither away," said Pescatore.

Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Ryan Naraines eWEEK Security Watch blog.

Rocket Fuel