It’s no secret that cloud computing, managed services, software as a service and other remotely accessed/delivered communications initiatives are hot topics right now, with industry folks saying we’re to see a rapidly expanding market going forward thanks to IT departments wanting to cut costs amid rocky economic times. Ironically, those same hardships are causing a spike in the very thing that could effectively stake any promise for remote and managed services right through the heart: security breaches.
Computing pioneer IBM has launched white-label managed security services for operators to add to their portfolios. And it’s not a moment too soon: It said Dec. 4 that its X-Force researchers have detected what it calls “an alarming correlation” between the worldwide economic decline and increased cyberthreats, from both inside jobs and external ne’er-do-wells (this group includes professional hackers, bored teenagers and people that like to make viruses and hoaxes). Based on data from IBM’s security services client base of 3,700, there has been a 30 percent increase over the last 120 days in network and Web-based security events, with the total number rising from 1.8 billion per day to more than 2.5 billion worldwide. And there’s been a 40 percent increase in clients’ access of IBM virtual security operations centers.
“We are currently in a perfect storm of security threats as businesses are cutting costs, insider threats are rising, and cyber-criminals are using the ensuing confusion to create opportunities for themselves,” said Val Rahmani, general manager of IBM’s Internet Security Systems.
Consider what could be lost: If all goes well, IDC says the market for cloud services will triple in the next five years. And Gartner Inc. expects sales for remotely accessed enterprise applications to surpass $6.4 billion in 2008, a 27 percent increase from last year’s revenue of $5.1 billion. And that market is expected to more than double by 2012.
That is, if service providers take necessary actions to assuage security fears, especially when you consider that the average cost of a data breach to a corporation is $6.3 million, according to the Ponemon Institute. In fact, concerns over security, data portability and reliability already are causing reluctance among some enterprise customers to sign on for remote services.
Here to help, IBM has opened eight global virtual security operations centers (VSOC) from which telcos and other service providers can offer private-label managed security services to shore up offerings like hosted IP and cloud offerings (and legacy offerings too). Big Blue says it’s a win-win, because the IBM VSOC can save end-users up to 55 percent in security costs (but peace of mind? priceless) and allows service providers to bundle in revenue-generating "security-as-a-service" offerings as one more thing it can deliver from the cloud. It could be lucrative for carriers if you believe Gartner, which expects the market for such in-the-cloud security to grow at a compound annual rate of 30 percent through 2012.
The managed offerings let end users access the VSOCs via a branded portal to monitor and verify network and Web-based attacks. They can also leverage new identity and access management services that help combat online threats. Those services help organizations define system users and manage who has access to sensitive data and applications ... that’s important considering the IBM X-Force Quarterly Report released in early December shows more than 42 percent of vulnerabilities are caused by weaknesses in access and identity management.
IBM also has a company-wide project to create a comprehensive security architecture specifically for use by those creating cloud computing environments. This effort is aimed at re-architecting and re-designing technologies and processes, and to ensure that going forward, security is built into cloud strategies, not added as an afterthought. The project focuses on developing trusted virtual domains, authentication, isolation management, policy and integrity management and access control technologies designed specifically for cloud computing.
Read more about all things “cloud” in xchange’s upcoming January print edition and on the Web in the coming weeks. The January digital edition will be available online beginning Dec. 17.
