IBM to Buy Resilient Systems in Security Incident-Response Play

With the average cost of a data breach running at $3.8 million, IBM plans to buy Resilient Systems to beef up its security incident-response capabilities.

data security

With security as one of its strategic imperatives, IBM made a series of moves to bolster its security incident response capabilities, including announcing its intent to acquire Resilient Systems, a provider of a popular incident response platform.

Resilient Systems, whose CTO Bruce Schneier is a well-known cryptographer, computer security and privacy specialist, develops and markets a security incident-reporting platform that automates the process of responding to cyber-security breaches. The addition of Resilient expands IBM's capabilities in the incident-response space, where Big Blue has been more active in the security threat-detection and -prevention space.

Financial terms of the deal, which IBM announced at the RSA Conference 2016 in San Francisco, were not disclosed.

"We have a nice portfolio; it's like an immune system we've been putting together for the prevention and detection of security threats, primarily in software and services," Marc van Zadelhoff, general manager of IBM Security, told eWEEK. "What this acquisition does is it really helps us double down in the area of response. Detect and prevent is one area that we spend a lot of time in."

However, IBM has had an existing services team you could call in when there was an attack—sort of like a "Ghost Busters" incident-response team, van Zadelhoff said. "But we're announcing Resilient Systems will be joining us," he said. "And they are the leading incident-response platform. It's a real nice fit on top of our portfolio. Our 6,000 QRadar customers have been asking us to get more into this area. There's also our BigFix, Guardium and our managed services team that will all be leveraging this capability as Resilient comes on board."

IBM is in the midst of a transformation to focus on a core set of growth imperatives: cloud, analytics, mobile, social and security (CAMSS).

"We've seen those imperatives grow quickly over the last couple of years," van Zadelhoff said. "We launched the security business unit about four and a half years ago. It crosses software and services and is focused toward the CISO [chief information security officer]. We've become one of the biggest enterprise players and I see no lack of appetite by IBM to continue to invest and help us grow this business."

IBM Security has been building its business up over the last couple of years. In 2015, the unit became a $2 billion business for IBM, grew 12 percent and hired 1,000 people over the last year to amass well over 6,000 people in the unit.

IBM Security is growing at about two times the market average, and in prevention and detection, Big Blue already is the market leader, van Zadelhoff said. Meanwhile, the security market is consolidating, with many of the pure-play providers beginning to struggle. "So we're already the leader in the one big pillar in the market," he said. "Incident response is the other and we're investing in the leader with this. We're going after the next segment of the market very aggressively."

The Resilient Systems team consists of about 100 people situated just across town from IBM Security's headquarters in the Kendall Square area of Cambridge, Mass., van Zadelhoff said. "Our headquarters is in Cambridge; they're based in Cambridge and their management team is outstanding," he noted. "They have some really brilliant players like Ted Julian, Bruce Schneier and John Bruce. These guys are known players in the space. There are other players in the incident response space, but these guys are leading the pack."