IBM Fills In Security Lineup With Trusteer Acquisition

IBM is acquiring Israeli security software company Trusteer to fill a gap in its security portfolio.

With the acquisition of security specialist Trusteer, IBM aims to advance its investment in cloud-delivered software and services and expand its security portfolio.

IBM, which announced Aug. 15 that it had signed a definitive agreement to acquire Israel-based Trusteer, did not disclose financial terms of the deal.

IBM is forming a cyber-security software lab in Israel that will bring together more than 200 Trusteer and IBM researchers and developers to focus on mobile and application security, advanced threat, malware, counter-fraud and financial crimes, Caleb Barlow, director of mobile security at IBM, told eWEEK. This lab is an addition to IBM's existing research and development facilities in Israel.

The new IBM cyber-security software lab will focus on mobile and application security, as well as advanced fraud and malware detection. Trusteer's research and expertise in fraud intelligence and malware helps secure organizations in a constantly evolving threat landscape. This is done by analyzing data gathered from more than 30 million endpoints, using data analytics to develop real-time, actionable intelligence that will be incorporated into IBM's security products and services.

With offices in Boston and Tel Aviv, Israel, Trusteer works with hundreds of organizations, including many financial institutions, to protect Web applications, employee and customer computers, and mobile devices from threats. Cyber-criminals are becoming increasingly efficient in creating and deploying attacks to bypass existing security controls, IBM said.

The technology from Trusteer goes beyond the norm, Barlow said. "Things like traditional, signature-based antivirus solutions just aren't getting there anymore," he said. "With Trusteer, we gain Web fraud protection technology and we strengthen our mobile security strategy."

Trusteer software can identify security threats that can be missed by traditional security software, Yishay Yovel, vice president of marketing at Trusteer, said. For example, to help ensure that banking customers can safely transfer money on a mobile device, Trusteer software is used to detect malware that can infect a smartphone, and the bank can take steps to prevent fraudulent behavior and account takeover before the transaction occurs. Seven of the top 10 U.S. banks and nine of the top 10 U.K. banks use Trusteer's solutions to help secure customer accounts against financial fraud and cyber-attacks, IBM said.

"Trusteer's expertise and superior technology in enterprise endpoint defense and advanced malware prevention will help our clients across all industries address the constantly evolving threats they are facing," Brendan Hannigan, general manager of IBM's Security Systems Division, said in a statement. "Together with IBM's capabilities in advanced threat detection, analysis and remediation, we will now be able to offer our clients several additional layers of defense against sophisticated attackers."

Trusteer provides a security-as-a-service solution. Cloud-delivered security solutions by Trusteer will complement more than 100 IBM software-as-a-service (SaaS) solutions. In addition to traditional IT solutions, Trusteer leverages SaaS architecture to enable protected PCs, desktops, smartphones and tablets to rapidly adapt against emerging threats. IBM has spent $4 billion in SaaS acquisitions and expects to rake in $7 billion annually in SaaS-related business by 2015, Barlow said.

"The way organizations protect data is quickly evolving," Mickey Boodaei, CEO of Trusteer, said in a statement. "As attacks become more sophisticated, traditional approaches to securing enterprise and mobile data are no longer valid. Trusteer has helped hundreds of large banks and organizations around the world defeat thousands of sophisticated attacks using innovative solutions that combine intelligence, cloud, mobile and desktop technologies."

IBM noted that Trusteer's cyber-security protection can scale to protect tens of millions of endpoints, including smartphones and tablets. One of the primary targets of malware attacks are consumer endpoints. Financial malware and fraudulent activity can be identified and removed using solutions from Trusteer.

Moreover, of the top 25 U.S. financial institutions, about half are offering mobile person-to-person transfers and mobile remote deposit capabilities, a figure that has more than doubled since 2011. This steady increase in adoption opens the mobile channel up to account-takeover attacks that are launched using credentials stolen from customers via phishing and malware attacks. Trusteer can help provide account-takeover prevention, compromised-device detection, complex device fingerprinting and a global fraudster database.

The acquisition of Trusteer will complement IBM's portfolio of counter- fraud software and services, including QRadar, i2, SPSS, InfoSphere and Enterprise Content Management. These capabilities offer predictive, content and investigative analytics to help prevent and solve cases of fraud for private- and public-sector organizations.