The importance of interoperability and resource allocation to cybersecurity cannot be overstated. Protecting against today’s highly dynamic threat environment demands a concerted, collaborative effort, not a fractured or siloed method of handling a cybersecurity infrastructure. Security needs to be baked into the infrastructure as a function of business agility and operations. The proof in the pudding can be seen in the “2017 Security Capabilities Benchmark Study” from Cisco which found that 22 percent of organizations that had a cyberattack actually lost customers, and nearly one-third lost revenue. And a recent Cisco survey of chief information security officers (CISOs) found that 65 percent use up to 50 different security products that do not integrate, challenging their overextended security teams to move with speed. This undermines analysts’ ability to proactively identify malicious activity and then unleash a largely orchestrated response to halt the attack and mitigate the damage to the business.
So when IBM and Cisco announced Wednesday of this week their agreement on the combined efforts for integrated cybersecurity, a number of people have sat up and taken notice. The announcement included new IBM QRadar integrations with Cisco security offerings, including an agreement that Cisco will build two new applications for the IBM Security App Exchange for Cisco Firepower and Cisco Threat Grid.
More than just sharing information, the IBM Cisco security partnership also has product integrations to help enable organizations to benefit from the joint capabilities of the two companies. Among the planned integrations are a pair of Cisco applications that will run on top of the IBM QRadar security platform. The applications will bring Cisco’s Threat Grid and AMP (Advanced Malware Protection) to IBM, enabling users to benefit from advanced analytics. IBM Resilient Incident Response Platform (IRP) will also be integrated with Cisco’s ThreatGrid platform to pull in indicators of compromise (IOC). The goal of this announced collaborative effort is to ensure that all the pieces of a highly integrated cybersecurity solution work together. Elements of this collaboration will feature security products designed for interoperability at all levels of the security stack, whether they come from IBM or Cisco.
There are three core elements of this new partnership. The first is an integrated threat defense across networks and the cloud. Cisco plans to build new applications delivered via the IBM Security App Exchange to help security teams detect and respond more effectively and quickly to threats.
The second core element is essential threat intelligence sharing between Cisco Talos and the IBM X-Force Exchange, with teams from each collaborating closely on security research.
The third core element is jointly delivered managed services. Specifically, the IBM Managed Security Services group will team up with Cisco to deliver new security infrastructure services aimed at reducing the IT complexity often associated with cybersecurity efforts. One of the first managed service offerings will target hybrid cloud environments, since customers are aggressively migrating security infrastructure to public and private cloud models.
We strongly look forward to the initial outcomes for the end user that this collaboration agreement will provide.