Big Blue Talks Carbon Black: Inside IBM's New Partnership With Endpoint Cybersecurity

Jim Probasco

Thu, Mar 3, 2016, 6:46 AM

International Business Machines Corp. (NYSE: IBM)’s announcement this week that its new security lineup includes a strategic partnership with endpoint cybersecurity leader, Carbon Black, signifies a realization that growing endpoint security issues demand innovative solutions.

Benzinga spoke with Carbon Black co-founder and chief security strategist, Ben Johnson who discussed the important synergy this partnership creates moving forward for Big Blue and for Carbon Black.

Benzinga: Why is endpoint security so important in the first place?

Ben Johnson: Endpoint security is a hot topic right now and the reason is people. Employees who sit at their laptops are vulnerable. Even though companies have a perimeter and a firewall, it’s kind of like the bad guys are throwing a pass over your defense.

Companies have more employees out there, working on laptops in coffee shops, at home and at business meetings so the perimeter is basically gone. Because of this, companies have to rethink their endpoint strategy.

BZ: A recent study you sponsored, indicated 85 percent of CIOs admit they're not being proactive about this problem but not all that concerned. How do you explain that discrepancy?

Johnson: (laughs) I cannot explain it. When those stats came out, it shocked me. A lot of CIOs thought that within 24 hours of a breach, they could have a full understanding of really the scope of what happened.

I’m like, “24 hours?” Try 24 weeks! And that’s probably optimistic.

BZ: Which sort of begs the question – how do you convince enterprise to engage in something they don’t seem to be interested in to begin with?

Johnson: I think a few things are working in our favor to start to change the tide. Media coverage certainly helps. You’re seeing more mainstream news about security breaches.

Policy and new law requires disclosure of certain types of compromise or breach within a certain amount of time. In Europe they say, “You have to tell us within 24 hours or we’re going to take up to 4 percent of your revenue.” That’s significant.

Even though the survey was disheartening, I think most of the discussions I have, people get it. It’s less about the need to do something and more about, “What do I do first?”

BZ: How does the partnership with IBM move the mission forward?

Johnson: We’re extremely excited to partner with Big Blue. A lot of people look to IBM for many aspects of their technology. They have a lot of trust built up over decades. By partnering with us, their customers get the advantage of the blending of multiple products with someone like us who is fast moving and agile.

We have really become the vendor for endpoint detection and response. We are helping take IBM products that are used every day and not only taking them to the next level but getting them to work together in a much nicer and more efficient way.

BZ: Who’s gaining what with this partnership?

Johnson: There are two things going on in security that are significant. The first is the drive toward automation. This has to do with the sheer number of events or attacks against business. It’s too much. Combine that with not having enough security talent. So you have growing threats and understaffed defenses. The only way to turn the tide in your favor is through more automation.

Secondly, people are buying more security products. Instead of a few, now you have dozens. Security teams don’t want to sit there with 20 different tabs open in their browsers to use for a security investigation. The buzz word is “single pane of glass.” That’s what everyone wants. Everyone’s trying to reduce what their security analysts have to learn and look at.

By blending best of breed products that really gives the security team a much better chance of keeping up.

BZ: How will all of this look to customers? Will they notice anything?

Johnson: The short answer is, “No.” Enterprise employees won’t notice a thing. The security team will be better armed.

IBM will be using our technology when their X-force response team is called in. That’s a new thing where they’ve chosen us as the standard for endpoint response and security. They are actually not going to notice as much.

A final aspect is that the integration of IBM products that are already deployed will be easier for the security team in place.

BZ: What’s the big take away?

Johnson: The days when IBM or any company would give you every part of your stack are really gone. Current strategy in cyber security calls for looking at each part of the security staff and saying, “Where can I get the best of breed tools?”

It’s now a blending of “best of breed” tools in a much more integrated holistic automated way. IBM sees the benefit of partnering with a younger player to combine their own offering with ours. For us it’s the same thing. Plus, it’s such a huge step forward due to IBM’s customer base.

The big take away is this new ecosystem in which everyone plays nice together and helps each other’s products work better.

At the time of this writing, Jim Probasco had no position in any mentioned securities.

Image Credit: By Luis García, CC BY-SA 3.0, Wikimedia

See more from Benzinga

Terms and Privacy Policy

Your Privacy Choices

Utah Privacy Notice

More Info

News

Life

Entertainment

Finance

Sports

New on Yahoo

Yahoo Finance

Recommended Stories