Two high-tech giants are joining forces to an effort to fight cybercrime. Cisco Systems and IBM will be essentially sharing and collaborating on threat intelligence incidents and research. The two will also work to integrate with IBM’s QRadar across networks, endpoints and cloud.
The agreement also means IBM X-Force and Cisco’s Talos security teams will be working together. In support of this, Cisco has introduced a Single Enterprise Agreement for its entire software line. Cisco believes this will change how customers purchase, deploy and adopt Cisco technology. And, to a certain extend how the channel manages and deploys it as well since close to 90 per cent of Cisco solutions go through the solution provider channel.
Called the Cisco Enterprise Agreement or EA, customers use the products and services they need and still have the ability to scale for the future or add new capabilities without penalty.
IBM Global Services will be involved in this partnership. IBM Global Services is one of Cisco’s top channel partners and they will be tapped to support of Cisco products in a managed security services model.
A recent Cisco survey of 3,000 chief security officers found that 65 per cent of their organizations use between six and 50 different security products. Managing such complexity is challenging over-stretched security teams and can lead to potential gaps in security. The Cisco and IBM Security relationship is focused on helping organizations reduce the time required to detect and mitigate threats, offering organizations integrated tools to help them automate a threat response with greater speed and accuracy.
The cost of data breaches to enterprises continues to rise. In 2016, the Ponemon Institute found for companies surveyed the cost was at its highest ever at $4 million – up 29 per cent over the past three years. A slow response can also impact the cost of a breach – incidents that took longer than 30 days to contain cost $1 million more than those contained within 30 days. These rising costs make visibility into threats, and blocking them quickly, central to an integrated threat defense approach.
The strategy behind this history team-up and the second such partnership between IBM and Cisco in the last two years, is to combine Cisco’s security offerings and its architectural approach with IBM’s cognitive security operations platform. Cisco has agreed to create new applications for QRadar security analytics platform. The first two of those applications will be designed to help security teams understand and respond to advanced threats and will be available on the IBM Security App Exchange.
In addition, IBM’s Resilient Incident Response Platform (IRP) will integrate with Cisco’s Threat Grid to provide security teams with more insights. For example, analysts in the IRP can look up indicators of compromise with Cisco Threat Grid’s threat intelligence, or detonate suspected malware with its sandbox technology. This enables security teams to gain valuable incident data in the moment of response.
David Ulevitch, SVP and general manager, Cisco Security, said Cisco’s architectural approach to security allows organizations to see a threat once, and stop it everywhere.
Marc van Zadelhoff, general manager, IBM Security, said IBM has long been a proponent of open collaboration and threat sharing in cybersecurity. With Cisco joining IBM’s immune system of defense, joint customers will greatly expand their ability to enhance their use of cognitive technologies like IBM Watson for Cybersecurity.