IBM to buy Resilient Systems, bringing security guru Bruce Schneier on board

Resilient makes an incident-response platform that automates and orchestrates the processes for dealing with cyber incidents such as breaches and lost devices, and enabling companies to respond more quickly. The acquisition will give IBM Security the industry's first integrated end-to-end platform combining analytics, forensics, vulnerability management and incident response, the company said.

IBM intends to bring Resilient's full staff of roughly 100 on board once the acquisition is completed, including cryptographer and security guru Bruce Schneier, Resilient's CTO.

The transaction is expected to close later this year; terms were not disclosed.

IBM has already been beefing up its security muscle for some time, including hiring 1,000 new experts last year, it said. Late last year, it appointed Mark van Zadelhoff general manager of its security business.

The Resilient acquisition bolsters IBM's incident-response capabilities.

Toward that end, IBM on Monday also launched IBM X-Force Incident Response Services to help clients plan for, manage and respond to cyberattacks. Resilient's platform will be a key component of those new services, as will IBM’s QRadar Security Intelligence Platform. IBM plans to integrate Resilient's technology across the full IBM Security portfolio, it said.

Security has become an increasingly pressing challenge in the corporate world, because it's no longer possible to make any company fully secure, said Rob Enderle, principal analyst with Enderle Group.

"The race has now moved to how quickly an attack can be discovered and mitigated so that damage is minimized," Enderle added.

At the same time, more than two-thirds of U.S. security executives say they do not have a cybersecurity incident-response plan in place, according to a Ponemon Institute study released last fall. In 2015, the average cost of a data breach for companies participating in a separate global study was $3.8 million, the research firm found.

Cyberthreats to businesses have changed considerably over time, said Charles King, principal analyst with Pund-IT.

"During the past decade, cyber attacks have grown in number, speed and sophistication, evolving from random individual incidents to systematic assaults, often funded by organized criminals or hostile governments," King explained. "The most effective way that companies can address such incidents is with what IBM calls 'immune response' solutions that constantly monitor IT environments, detect security breaches and respond instantaneously."

The addition of Resilient should broaden the areas where companies can use IBM security and also deepen the features and performance of those tools, King said. "The deal should be good for both companies, and will certainly benefit their respective customers," he added.