Lessons from IT Security

Here in the metro Atlanta area where the SecurityInfoWatch.com offices are, we've got a few big security players, like Videolarm and Vistacape, but on the IT security side, none are bigger than Internet Security Systems, better known as ISS. This...


Here in the metro Atlanta area where the SecurityInfoWatch.com offices are, we've got a few big security players, like Videolarm and Vistacape, but on the IT security side, none are bigger than Internet Security Systems, better known as ISS.

This morning, as I walked in the door, I took a call from IBM's public relations department asking me to join them on a call discussing how they plan to acquire ISS. Three hours later, I was on the call with Tom Newnan of ISS and IBM's Val Rahmani, plus a pack of other news hounds.

Now, our industry, being largely focused on physical security systems (but with obvious overtures to IT security), may not pay great attention to the buys and sells of the IT world, but it should, and her's why:

--For one, IBM earlier bought a company called MRO Software. While MRO's website makes it difficult to understand what the company does, the best way to summarize is that the company develops systems to help businesses protect and track physical assets as well as information assets.

--Secondly, IBM quietly has created the S3 architecture for managing video surveillance and video analytics.

--Thirdly, the insights of people like ISS's Tom Noonan on security are applicable to our industry as well. During this morning's press conference, Tom spoke about how security is often considered by the appliances and hardware devices on the network that filter traffic and threats. But with a hardware approach to security, says Tom, "How do you manage that?"

Instead of this hardware approach, he says, the model ISS and IBM are promoting is one of managed services, where businesses pay for IT security protection much like they pay for alarm system monitoring from the central station. Noonan also stressed how the IT security arena has -- just like our physical security industry -- been plagued by proprietary systems for security. His goal, he says, and IBM's is to move to open systems and open platforms.

And the reason for this focus on IT security that businesses must make? Tom says that as the Internet developed, the number one promise to businesses is that it would help increase productivity. But today, says Noonan, "Productivity gains are being subsumed by today's well-targeted attacks." Yet again, it sounds a lot like the lessons that have to be learned in physical security and anti-terror we're facing today.

See the full news story from the AP news service on our homepage or at this link.