IBM and Consul: A Year of Wedded Bliss in the Security Space

A year after acquiring Consul Risk Management for its compliance and risk portfolio, officials at IBM said the integration has produced some strong results.

There was a lot on IBM's plate in 2007-some 12 acquisitions company officials said worth more than $6 billion. Among those was the deal for Consul Risk Management, which IBM closed on last January for an undisclosed amount.

The acquisition was meant to bolster IBM's security portfolio by adding data governance and compliance monitoring, auditing and reporting capabilities across mainframe and distributed environments. A year later, the integration of the two companies has yielded positive results, as the company bested its expected sales goals of Consul technology by more than 200 percent.

Kris Lovejoy, IBM's director of corporate security strategy, counted both IBM's integration strategy-which involved heavy investing in Consul's products-and the rising number of global compliance requirements for the software's success.

"There's a certain comfort level from customers, knowing that their vendor will be around for years to come," she said, adding Consul's 20 years of experience and IBM's security strategy make for an intriguing mix for customers.

In one year, Consul has become a key pillar in IBM's planned $1.5 billion security investment for 2008, and has been credited as a major reason revenue for Tivoli software jumped 19 percent in the fourth quarter of 2007 over the same period of 2006. The company launched the first of three new products based on Consul technology in only five months-IBM Tivoli Compliance Insight Manager and the IBM Tivoli zSecure suite-as well as more than a dozen IBM software technologies and services.

Looking back, the acquisition plugged a hole in IBM's security systems management area, Forrester Research analyst Khalid Kark said.

"It definitely gave them enough credibility to compete with the likes of Symantec and it also brought in fresh perspective that helped IBM define their vision and solutions for the broader IT risk management-what IBM now defines as its GRM (governance risk management) space," Kark said. "IBM got the expertise in managing security logs, events and systems information....and Consul got a broader set of IT systems management capabilities."