Even the largest cyber security vendors can use all the help they can get.
It’s only getting harder to defend against a vast threat landscape, which already this year includes ransomware attacks like Petya and WannaCry, nation-state adversaries like those that damaged Sony and allegedly attempted to compromise the 2016 US presidential election, and zero-day vulnerabilities that frequently and suddenly emerge to threaten, seemingly, everyone.
Sometimes cyber security firms forge partnerships in an effort to bolster each other’s capabilities, but those partnerships typically aren’t worth much.
Few meet expectations; most are simply forgotten.
But a new partnership between the cybersecurity divisions of IBM and Cisco Systems will prove to be the rare exception.
Not only will the deal make both vendors more competitive, but it will also provide meaningful benefits to their respective and joint customers.
The partnership covers three focus areas: threat intelligence, product integration, and security services.
Cisco’s Talos group and IBM’s X-Force are two of the industry’s most respected and capable cyber security research groups.
But in the high-stakes business of finding, classifying, and creating detection signatures for never-before-seen malcode, getting an expert second opinion can sometimes make all the difference in thwarting a sophisticated attack.
The new partnership creates a framework for sharing research, and a hotline for the two groups to quickly collaborate. This cooperation will undoubtedly help detect more attacks – and get customers protected – more quickly.
IBM and Cisco both have expansive cyber security product portfolios with surprisingly little overlap.
But until now they never had an agreement to create formal integrations. One of the first ways they’ll do just that is a new software integration between IBM’s QRadar SIEM product for security operations centre analysts, and Cisco’s Firepower next-generation firewall and intrusion prevention appliances, enabling SOC analysts to use a single console to identify a security incident with QRadar, and change network security policy via Firepower.
It’s the sort of improvement that rarely makes headlines, but enables security pros to do their jobs faster, easier, and ultimately better.
On the services front, IBM Global Services sells and supports many Cisco network security implementations, but obviously lacks the level of Cisco-specific expertise that Cisco brings to bear.
This arrangement formally enables Cisco to support IBMGS-led Cisco implementations, and creates a formal reference architecture for deploying Cisco and IBM security solutions jointly.
As a result, Cisco gains access (via IBM) to accounts it otherwise wouldn’t reach, IBM gains the ability to confidently sell any Cisco security solution knowing they’ll have the resources to successfully deploy, configure, and support it, and their joint customers get a smoother end-to-end experience, both for traditional and managed services deployments.
While the partnership presents tactical concerns – most notably whether the two giants can successfully work together to sell, implement, and support their combined solutions while keeping costs manageable – IBM and Cisco deserve credit for recognising how they can make each other more competitive in the marketplace, and forging a wide-ranging new relationship that will expand and flourish for years to come.
It serves as a model to which many otherwise rival tech giants should aspire.