IBM and Cisco are set to become the dynamic duo of the cyber world, with the two tech giants joining forces to address the growing global threat of cyber crime.
Cisco and IBM will collaborate across products, services and threat intelligence with a shared outcome focused on helping organisations reduce the time required to detect and mitigate threats.
Sitting at the core of this new relationship is integration, with the dynamic duo set to integrate threat defences across networks and cloud. This focus on integration comes at a time when security teams have to juggle the many security tools that do not communicate or integrate. A recent Cisco survey of 3,000 chief security officers found that 65% of organisations use between six and 50 different security products, with the management of such complexity challenging over-stretched security teams and resulting in potential gaps in security.
Cisco security solutions and its architectural approach will be integrated with IBM’s Cognitive Security Operations Platform, which aims to help customers secure their organisations more effectively from the network to the endpoint to the cloud. Cisco will also integrate its security offerings with IBM’s QRadar, with Cisco set to build new applications for the security analytics platform as part of the collaboration.
The first two new applications will be designed to help security teams understand and respond to advanced threats and will be available on the IBM Security App Exchange. These will enhance user experience, and help clients identify and remediate incidents more effectively when working with Cisco’s Next-Generation Firewall (NGFW), Next-Generation Intrusion Protection System (NGIPS) and Advanced Malware Protection (AMP) and Threat Grid.
IBM’s Resilient Incident Response Platform (IRP) will also integrate with Cisco’s Threat Grid to provide security teams with insights needed to respond to incidents faster. For example, analysts in the IRP can look up indicators of compromise with Cisco Threat Grid’s threat intelligence, or detonate suspected malware with its sandbox technology. This enables security teams to gain valuable incident data in the moment of response.
“Cisco’s architectural approach to security allows organizations to see a threat once, and stop it everywhere. By combining Cisco’s comprehensive security portfolio with IBM Security’s operations and response platform, Cisco and IBM bring best-of-breed products and solutions across the network, endpoint and cloud, paired with advanced analytics and orchestration capabilities,” said David Ulevitch, SVP and general manager, Cisco Security.
Integration is just one part of the tie-up between Big Blue and the networking giant, with the two companies also set to collaborate on security research. For mutual customers, IBM and Cisco will look into the most challenging cybersecurity problems by connecting their experts. Joint customers, meanwhile, will benefit from integration between IBM’s X-Force Exchange and Cisco’s Threat Grid. This integration greatly expands the historical and real-time threat intelligence that security analysts can correlate for deeper insights.
The sharing of threat intel is not new ground for the two companies, with both having recently shared intelligence as part of the recent WannaCry ransomware attacks. The teams coordinated their response and researchers exchanged insights into how the malware was spreading.
“IBM has long been a proponent of open collaboration and threat sharing in cybersecurity,” said Marc van Zadelhoff, general manager, IBM Security.
“With Cisco joining our immune system of defence, joint customers will greatly expand their ability to enhance their use of cognitive technologies like IBM Watson for Cybersecurity. Also, having our IBM X-Force and Cisco Talos teams collaborating is a tremendous advantage for the good guys in the fight against cybercrime.”
Managed Security Services will also be bolstered by the tie-up between the two companies, with IBM’s Managed Security Services team, which manages security for over 3,700 customers globally, set to work with Cisco to deliver new services aimed at further reducing complexity.
One of the first offerings is designed for the growing hybrid cloud market. As enterprise customers migrate security infrastructure to public and private cloud providers, IBM Security will provide Managed Security Services in support of Cisco security platforms in leading public cloud services.