Homeland Security Picks IBM Software, Services for Cyber-Security Program

The Department of Homeland Security has selected IBM software and services to be part of a cyber-security effort.

IBM announced that its security software and services offerings will be part of the U.S. Department of Homeland Security’s (DHS) Continuous Diagnostics and Mitigation (CDM) program.

The CDM Program will provide specialized IT tools and Continuous Monitoring as a Service (CMaaS) offerings to combat cyber-threats in the civilian and “.gov” networks including various network endpoints and mobile devices. The CDM Program moves the nation’s networks to a more real-time approach for the combat of advanced threats from the current legacy historical compliance reporting model, IBM said.

DHS awarded the $6 billion contract to 17 companies, including IBM, Lockheed Martin, General Dynamics, CSC, Northrup Grumman and others.

As part of the up to $6 billion CDM Program, government agencies can leverage IBM consulting services as well as security intelligence software including IBM Security Endpoint Manager, IBM Security Appscan and IBM Security QRadar.

“This award from DHS demonstrates that IBM’s $4B annual investment in cyber-security and security analytics research puts IBM in a unique position to help government agencies meet evolving cyber-security threats,” said Anne Altman, general manager of IBM US Federal, in a statement. “IBM will draw from our decades of experience working with federal agencies and worldwide clients and our own internal experience in securing the worldwide networks used by our 400,000-plus employees.”

Software technologies from IBM will help securing the thousands of endpoints on vulnerable networks as well as integrating “threat and event data” in real time. IBM Security Endpoint Manager offers a unified management platform that automates and streamlines systems and security management. IBM QRadar Security Intelligence Platform provides a dashboard and unified architecture for integrating Security Information and Event Management (SIEM), log management, anomaly detection, and configuration and vulnerability management.

State and local agencies can also benefit from the CDM Program leveraging the buying power and consistency offered by the program. The CDM Program will help transform the way federal and other government entities manage their cyber-networks through strategically sourced tools and services and enhance the ability of government entities to strengthen the posture of their cyber-networks. The CDM Program brings an enterprise approach to continuous diagnostics, and allows consistent application of best practices.

IBM provides the security intelligence to help organizations protect their people, data, applications and infrastructure. IBM operates a broad security research and development organization. For instance, Big Blue monitors 15 billion security events per day in more than 130 countries and holds more than 3,000 security patents, IBM officials said.

In October 2011, IBM announced an agreement to acquire security intelligence software vendor Q1 Labs and finalized the deal later that year. At the time, IBM also created a new security division--IBM Security Systems division–in a move to accelerate Big Blue’s efforts to help clients more intelligently secure their enterprises by applying analytics to correlate information from key security domains and creating security dashboards for their organizations.

The technology IBM acquired from Q1 Labs featured QRadar, which includes advanced analytics and correlation capabilities that automatically detect and flag actions across an enterprise that deviate from prescribed policies and typical behavior to help prevent breaches, such as an employee accessing unauthorized information.

In a recent blog post, Brendan Hannigan, former CEO of Q1 Labs and current general manager of the IBM Security Systems Division, said, “IBM’s security intelligence mission is to harness all of the security-relevant information across your organization (people, data, applications, infrastructure) and then apply advanced intelligence and analytics to help organizations detect threats faster, prioritize risks more effectively and automate compliance activities.”

IBM employs thousands of security experts globally such as security operations analysts, consultants, sales and technical specialists, and strategic outsourcing delivery professionals, the company said.

A recent Forrester report on Security Consulting Service indicates that IBM has some 6,000 security consultants.

According to the research firm, IBM came out as the most improved vendor in the recent Forrester Wave, substantially improving its scores as compared with other leaders, thanks to solid global delivery capabilities supported b the more than 6,000 consultants with an average of 9.5 years of experience.

“The purchase of Q1 Labs in late 2011 has added to IBM’s technical capabilities and provided it with additional insight and expertise to feed into a growing consulting and solution delivery organization,” Forrester said in a report. “IBM has an understandable focus on managed security services and is confident in its delivery capability that it chooses to share client risk, often in the form of fixed-price engagements. IBM has the largest client base of the participants in this Forrester Wave.”

However, Forrester also cited some areas for improvement including price, back-office formality and an overly heavy focus on technologies and processes rather than people.