Boardroom
IBM Internet Security Systems

Mr. Peter Evans
Director
IBM Internet Security Systems
www.IBM.com
NYSE: IBM

SecurityStockWatch.com: Thank you for joining us today, Peter. Please give us an overview of your background and your role with IBM ISS.

Peter Evans: Thank you Martin. Over the course of my career I have spent the majority of my time in the telecommunications and security markets, working with large carriers on network-wide transformations, and with enterprises to deliver both network and security solutions. In my work with IBM Internet Security Systems, I am concerned with developing new security solutions - from a market acceptance perspective - to address emerging market needs.

SecurityStockWatch.com: One will read in a recent IBM press release a comment by Mr. Tom Noonan, General Manager of IBM ISS, that, "For many enterprises, security is broken". Please share with us your perspective on this issue?

Peter Evans: Security is broken, and the marketplace is crying out for a new approach to address a problem that is growing in both complexity and risk annually. Traditionally, the industry's approach to security has been characterized by stand-alone security products designed to address the latest security concern. For viruses, the industry delivered anti-virus; for spyware the industry delivered anti-spyware, and so on. As a result, the average enterprise owns stand-alone security solutions from 32 different vendors. These solutions are not interlinked, do not scale, and do not adapt to the new forms of online threats or dynamic changes to the business environment. What we are seeing consequently is a situation where the spending on labor to manage security complexity is growing at three times the rate of the growth of the security budgets. Unfortunately, despite all this investment, in many cases the enterprises are no more secure than they were five or more years ago.

SecurityStockWatch.com: IBM ISS recently announced new technology for information security and compliance management. May we have an overview?

Peter Evans: IBM is announcing a number of new initiatives and solutions that leverage our security capabilities across the portfolio. Our latest efforts are aimed at rolling out integrated capabilities to address data security. Data is the new currency for the enterprise, as well as the crime syndicates. Businesses can have all the right checks and balances in place, streamlined reporting mechanisms and processes, and network and perimeter security, however, if the fundamental building block -- the data is corrupt, then the results of any activity associated with the data is in error. Securing data is a very complex problem that cannot be well served by independent solutions for authentication, encryption, leakage, removable devices, etc. Today's enterprises are looking for integrated solutions that protect the data in transit, at rest, in motion, in use, and throughout the lifecycle. It can be argued that no one knows data better than IBM - we deliver the server and storage solutions, the business intelligence tools and the applications to manage data for the largest enterprises in the world. It is a natural extension then for IBM and ISS to marry together the preemptive protection technologies found, for example, in our Intrusion Prevention solutions with IBM's data portfolio and create a unified solution to address the data security concerns. For example IBM has launched a comprehensive solution for the Payment Card Industry Data Security Standard, which is at its heart protection of data in the form of credit card information.

SecurityStockWatch.com: How does IBM's risk management approach differ from that of other vendors?

Peter Evans: There are several key tenants that differentiate IBM Internet Security Systems approach from others. The first, and most important, is that we are preemptive in nature. Other vendors still rely on an "Event/Response" approach, where the enterprise must first experience the security breach or event before protection is designed to prevent a re-occurrence of the threat. This model isn't effective. Why should an enterprise have to incur the pain of the threat, then to add insult to injury, the cost to the go and patch the event Instead IBM ISS developed an "ahead of the threat" approach whereby the customer is protected in advance, by looking for known behaviors and patterns of how threats execute. IBM is so confident in this approach, that any enterprise that outsources the management of its security to IBM can receive a guarantee of protection.

The second key approach that differentiates IBM is in the way the company builds overall enterprise security solutions. Instead of stand-alone boxes, designed for stand-alone issues, IBM looks at security as a systems problem. IBM sees all of the parts of the network and security solutions as interlinked components of an automated remediation system. The pieces work in harmony with each other, sharing detected information and using the information to learn about activities in the network, and then take the right laser-focused approach to managing risk. It is similar to how the human immune system operates, with a central nervous system correlating all the inputs from various sources, and triggering the body as a whole to manage the risk.

Finally, by building this security platform on key components that reach across the network, servers and desktop, we have created a system that is adaptable and extensible to address new threats, or allow enterprises to introduce new business applications such as VoIP or Wireless LANs, without having to stack yet another siloed box on an already burdened security organization.

SecurityStockWatch.com: What are your key target markets and what is your perspective on the market drivers for IBM ISS solutions at this time?

Peter Evans: The 'sweet spot' for ISS solutions has always been the large enterprises. These organizations, such as large financial institutions, government and industrial customers, are typically those with the most to lose, and therefore the first to adopt advanced capabilities such as those found in our security solutions. In recent years we have been expanding our offerings to address the growing need in the small and medium business (or SMB) market, and in the carrier space. This next generation of threats can just as easily target local businesses as readily as multinationals. These mid-market customers are looking for the same degree of advanced security as their larger counterparts. SMBs realize they need to move beyond their traditional firewalls and anti-virus. With limited resources and security skills to address the evolving threat, many are turning to IBM preemptive solutions including IBM managed security services to provide them the security they need.

In the carrier market, the rapid adoption of internet-enabled TV (or IPTV), VoIP and multimedia (or IMS) services, is introducing new risks that were not prevalent in the circuit switched world. Accordingly IBM has been working with a number of carriers to not only protect these networks, but also to enable "clean pipe" services, scrubbing malware out of the traffic before it is delivered to the enterprise. This offers the carriers the ability to deliver the productivity benefits of these IP based networks, but also to create differentiated service value to their customers

SecurityStockWatch.com: Are there some success stories you'd like to talk about? Perhaps one in each of the financial, healthcare and technology verticals?

Peter Evans: We have numerous instances where our solutions have protected customers from potential and real network risks. This means everything ranging from power outages to illegally regulating water systems to offloading customer data and everything in between. The crux of the situation is without IBM's preemptive security solutions enterprises are trying to protect themselves with defenses that are easily bypassed by today's modern cyber-criminals. They believe their security infrastructure is working when it isn't. And this creates an incredibly target-rich environment for today's cyber-criminals.

SecurityStockWatch.com: What resources such as webinars, 'white papers' and 'case studies' are available for end-users at IBM.com?

Peter Evans: There is a host of information available to anyone looking for more information at ibm.com/security. Here people can find industry specific information on securing telco or SCADA networks, meeting PCI compliance, or secure solutions for the retail and distribution environments, as well as specific white papers and documentation for building a secure enterprise, alternative approaches to addressing security and protecting data loss and leakage. Additionally, IBM provides ongoing education through webinars and in-city seminars where subject matter experts provide their views of specific topics. But the real gold IBM offers to your readers is the research reports from the IBM X-Force. X-Force is the oldest and most well known cyberthreat research organization researching the latest threats, trends, and vulnerabilities, and publishing their findings in quarterly and annual reports. This work is considered best-in-class in the industry and is used by groups who fight cyber-terrorism around the world as part of their arsenal of information.

SecurityStockWatch.com: What do you see as the major trends CSOs and CISOs will have to deal with as we head into the end of this decade?

Peter Evans: One of the key concerns that will emerge is how to deal with those security issues that are outside of the control of the CSO, but can impact and can cause risk to the business. As more DNS servers become poisoned, online crime organizations become evermore sophisticated, and remotely exploitable malware continues to propagate, one has to wonder does the enterprise, or end-user even have a chance? The answer is yes, but again, it will take a rethinking of how to address security - taking a mental "right-angle turn." Tomorrow's security solutions must be designed to adapt to human nature and human failure, and to use trust models and other forms of validation and verification to manage risk, and to do so in a fully automated way.

SecurityStockWatch.com: Thanks again for joining us today, Peter. Are there any other subjects you'd like to discuss?

Peter Evans: At this point we have covered a broad set of subjects; however I would invite you and the readers to continue to watch what is happening at IBM. The security space is changing and IBM intends to be the agent of that change and lead a revolution in how the enterprise continues to deliver their customers value in a secured manner.