The future is platform-based – insights from the IBM Security Summit 2019

On June 5th, 2019, a radiant summer day in Berlin, teknowlogy visited this year's IBM Security Summit taking place at "Bikini Berlin"; the event, part of the "Think at IBM" series, provided a whole range of information and insights for the avid security expert.

The focus was primarily on IBM's view of the security market and its technical solutions to combat threats, accompanied by various keynote speeches from customers such as Zalando or Festo; in those, they talked about how they went about getting their security challenges under control – for example with the help of an in-house and IBM-supported Security Operations Center (SOC).

How the digital economy evolves

Michael Cerny, Head of Security DACH at IBM, emphasized at the beginning of his keynote that the future of security would logically lead to platforms, since only by synchronization and integration would it be possible for the masses of information to be processed cleanly and thus checked for potential attacks – even if individual data silos could not be broken up completely. This is a particularly serious issue when talking about the "fusion" of IT and OT. And of course, "platform economy" is a real buzzword today, and a lot of consolidation is occurring in the market (which is, naturally, not appreciated by the large number of IT providers trying to establish their own platform). But at this point, it becomes apparent that IBM is one of the few providers who are able to realize exactly such platforms, both for its customers and for itself, supported by its large product portfolio, resources and expertise.

A good example is the recent collaboration with Maersk, a global leader in container shipping. At the beginning of last year, IBM and Maersk announced a joint venture to implement a global trade platform (called "TradeLens") based on a secured blockchain, which serves to ensure much better visibility and control of supply chains. As is the case with any other platform, the business value of TradeLens increases exponentially with the number of participants, and even strong competitors of Maersk such as CMA CGM or MSC Mediterranean Shipping Company are participating by now; according to IBM, almost half the volume of shipped goods worldwide can be covered by TradeLens, which is a good example of how competitors can actually cooperate in certain cases if the business value outweighs the perceived risks.

How IT security benefits

How platforming is being transferred to the cyber security area becomes apparent by the example of the new cloud platform "IBM Security Connect", which was presented at the event; its aim is to bundle the multiple security tools and products of a company in a practical way and integrate them without the need for migration. The interesting thing is that, as is already quite common in IBM's strategy, the platform is 

  1. based on open standards, including STIX 2 and TAXII 2, which allows for the development of individualized microservices; 
  2. designed not only to monitor IBM's own tools and use their data, but also to leverage the data from tools such as those from McAfee, Splunk, Symantec, VMware and many other providers. This should be relevant especially for users with a highly fragmented security application landscape.

All in all, it is made clear how IBM intends to consolidate its dominant position in the highly focused cyber security market segments. SIEM tools such as QRadar belong to the standard repertoire of numerous companies, and Security Connect is supposed to guarantee the necessary visibility of potential threats. IBM will also continue to push its cognitive intelligence, Watson, in this field, for example to automate security detection and to compensate for the scarcity of human resources.

In teknowlogy's point of view, this open approach is a cornerstone of its strategy, through which IBM can position itself in the market and which has already played a major role in its entire multi-cloud strategy, i.e. when looking at its focus on open standards and comprehensive use of Kubernetes for containerization (see also our report on the recent Analyst Relations Day in Milan by Joachim Hackmann and Mathieu Poujol). These topics were a recurring theme in all the speeches and discussions heard at the event and will remain important in the future.