The FINANCIAL — IBM Security on February 29 announced a significant expansion of its security operations and incident response capabilities with its plans to acquire Resilient Systems, Inc. The incident response platform, pioneered by Resilient Systems, automates and orchestrates the many processes needed when dealing with cyber incidents – from breaches to lost devices. This enables clients to respond and mitigate cyber incidents more quickly while helping minimize their exposure.
As part of today’s announcement, the company also launched the new IBM X-Force Incident Response Services, further expanding IBM’s capabilities by helping clients plan for, manage and respond to cyberattacks, tapping the knowledge of 3,000 consultants and security researchers globally. Resilient Systems’ award-winning platform will be a foundational component for these new services, along with IBM’s QRadar Security Intelligence Platform and planned integration with Resilient Systems’ technology across the full IBM Security portfolio. The new services include a remote incident response capability to help clients map how a breach occurred and take action to shut it down, according to IBM.
Preparing for and responding to cyber attacks has proven to be a major challenge for organizations. According to a recent Ponemon Institute study, 70 percent of U.S. security executives do not have a cyber security incident response plan in place. This has proven to be costly for business, with the average cost of a data breach rising to $3.8 million in 2015 – a 23 percent rise since 2013 according to a separate Ponemon study..
“By adding Resilient Systems’ technology and expertise, IBM will have an industry-leading range of capabilities to help clients respond to cyber breaches, across consulting, services, and products,” said Marc van Zadelhoff, General Manager, IBM Security. “IBM is the world’s fastest-growing enterprise security company, and we lead the industry in the detection and prevention of cyber attacks. With our intent to acquire Resilient Systems, and our other announcements today, we are doubling down on the incident response market. Cybersecurity needs to function like an immune system, both in preventing breaches, but also in quickly eradicating those that do occur.”
The new incident response capabilities significantly increase IBM Security’s capabilities. IBM already is the Security Intelligence market leader , enabling businesses to detect and prevent breaches. IBM reached $2B in security revenue, outgrew the market, and hired 1,000 new experts into its security business in 2015.
IBM Announces Intent to Acquire Resilient Systems
IBM today announced its intent to acquire Resilient Systems, a leader in security incident response solutions, based in Cambridge, Mass., with approximately 100 employees. The Resilient Systems Incident Response Platform is used today by a wide variety of the Fortune 500 as well as mid-sized organizations across a range of industries, including financial services, healthcare, retail, U.S. federal, manufacturing, and education. Financial terms were not disclosed. The transaction is expected to close later this year, subject to any required regulatory reviews.
Resilient Systems’ incident response platform technology enables clients to respond to security breaches faster and with greater precision and coordination, allowing orchestration of response process across functions (security, HR, finance, government relations, etc.) and across security systems (those monitoring data, applications, end points, networks, etc.). It also helps clients to respond to increasing regulation. Upon acquisition of Resilient Systems, IBM Security will have the industry’s first integrated end-to-end Security Operation and Incident Response Platform offering. The platform will bring together security analytics, forensics and vulnerability management along with incident response into a coordinated approach for enterprise threat protection, detection and response.
“We are excited to be joining IBM Security, the industry’s fastest-growing enterprise security company,” said John Bruce, Resilient Systems Co-Founder and CEO. “By combining, the market now has access to the leading prevention, detection and response technologies available in the same portfolio – the security trifecta.”
A major benefit will be the planned combinations of Resilient Systems’ Incident Response Platform with IBM QRadar Security Intelligence Incident Forensics, BigFix, IBM X-Force Exchange and IBM Incident Response Services that can enable an orchestrated process for addressing security incidents. Enhanced analytics capabilities will also deliver an integrated incident response solution spanning organizational and product boundaries.
Resilient Systems’ platform provides a comprehensive set of response playbooks for different incident types and a knowledgebase of global regulatory requirements and compliance actions. This provides best practices for responding to a range of incidents, from malware and DDoS attacks to data loss. It enables users across the organization to collaborate in the response process and provides instant access data from more than a dozen cyber threat intelligence feeds, and other integrated cyber security and IT systems, including IBM’s X-Force Exchange, one of the largest threat intelligence databases in the world.
Launches IBM X-Force Incident Response Services
IBM today also launched new X-Force Incident Response Services, which include consulting and managed security services to help clients manage all aspects of responding to a cyber breach. IBM X-Force security experts will help clients develop response strategies, including Computer Incident Response Team playbooks, and a means to more effectively discover, track, respond to and report on security incidents. These new capabilities will be further enhanced through the planned acquisition of Resilient Systems.
The new services will also include a new remote incident response service, which actively hunts for threats and allows IBM security experts to remotely manage active attacks via the cloud. Part of this capability will be enhanced via technology from Carbon Black, which will enable IBM security analysts to conduct security forensics on compromised endpoint devices, determine where a breach first occurred, map it across other devices, contain it quickly and take action to shut it down.