What IBM-Trusteer Deal Means to UsersBig Blue Marketing Trusteer's Wares Beyond Financial Sector
With IBM planning to acquire Trusteer, a security software company specializing in anti-fraud products for financial services organizations, enterprises can expect to see security technology that originally targeted financial institutions spread into the broader security market.
See Also: Live Webinar | Education Cybersecurity Best Practices: Devices, Ransomware, Budgets and Resources
"There is a lot of room for innovation to expand into the broader enterprise market" as organizations need to protect their web applications from attackers, says Avivah Litan, a distinguished analyst with market research firm Gartner. "This doesn't have to be just banking."
While Trusteer has focused on the banking industry with its desktop software and browser protection technology, the technology could be used for advanced malware detection, web application security and even defenses against distributed-denial-of-service attacks. IBM could expand into the advanced threats market, web application security and endpoint protection. "[Banking] was a clear-cut use case that Trusteer went after, but the products could work equally well in many other security and fraud markets," Litan says.
Trusteer, based in Israel, creates software that protects computers and mobile devices from malware, phishing and other web-based attacks used by banks and other financial services organizations. The company counts among its customers Bank of America, NatWest, HSBC, ING Direct USA (now part of Capital One), RBS, eBay and PayPal.
IBM announced its intent to acquire Trusteer on Aug. 15. While terms of the deal were not disclosed, Israeli media is reporting figures between $800 million and $1 billion. When the acquisition closes in the third quarter, Trusteer will become part of the IBM Security Systems division.
Latest Market Move
Large vendors often acquire smaller niche start-ups to enter new markets or to obtain emerging technologies that would enhance their existing offerings. In the past year, networking giant Cisco shelled out $2.7 billion for networking security company Sourcefire, and RSA, the security division of storage behemoth EMC, reportedly paid $350 million for web fraud detection company Silver Tail Systems earlier in the year. Cisco didn't need Sourcefire to gain government customers, but it became a major cybersecurity player because it could now offer Sourcefire's anti-hacking technology to other customers. IBM could theoretically do the same and offer Trusteer's anti-fraud technology outside of banking and into other industries. Enterprises can also expect to see Trusteer's advanced malware detection capabilities pop up in products and services they already buy from IBM, such as in Tivoli Endpoint Manager or the InfoSphere Guardium database management tools.
The Trusteer deal will "significantly enhance IBM's capabilities around web fraud prevention, endpoint security and advanced malware defense," Brendan Hannigan, general manager of IBM Security Systems, wrote on the Security Intelligence blog. More importantly, the acquisition of Trusteer confirms that companies are taking information security and fraud prevention more seriously and are willing to invest.
Enhancing Existing Security Portfolio
Angel Grant, a principal product manager at RSA, says organizations traditionally have focused on preventing fraud and cyber-attacks, but increasingly are shifting their attention toward detection. Prior to being acquired by RSA, Silver Tail Systems also focused on detecting web fraud for banks and related financial companies.
Fraud is no longer limited to the financial services sector, and organizations - regardless of which sector they are in - increasingly have to deal with the challenges of protecting mobile device users. Grant says they often look at the technologies used by financial services organizations to protect their networks.
The healthcare industry, with its HIPAA Omnibus Rule and other regulations, is beginning to see regulations demanding organizations take steps to combat breaches and fraud, similar to the kind of regulations in place for the financial services industry, Grant says.
Steve Robinson, IBM Security vice president of development, strategy and product management, says IBM will focus on "intelligent integration" points when assessing whether Trusteer's technology can enhance IBM's existing line of products. While details are not available because the acquisition has not yet been finalized, IBM offers plenty of products that could use Trusteer's advanced malware detection technology and endpoint security. Robinson cites as an example IBM's Tivoli Endpoint Manager, which could be used to automate the type of policies and rules that are delivered to the endpoint, or set up automated rules that are triggered when a vulnerability is detected in a web application. Organizations increasingly seek help to fight off botnets, zero-day attacks and detect web-based fraud.
"Organizations have smaller security teams and are looking for technology that can work smarter, or to automate responses by setting rules and policies," Robinson says. "Trusteer plays right into all of that."
John Zurawski, a vice president of marketing with identity management provider Authentify, says with this deal, "IBM is positioning themselves to have effective tools for the growing war on cybercrime - on all fronts, not just financial services." A man-in-the-middle attack is not just limited to bank accounts, as it can target other online accounts, payroll services, retirement funds and any other financial data stored on servers. "Everything is under attack," Zurawski says.
Business As Usual for Banks
Robinson says there will be no change in how Trusteer will operate, and customers will continue using Trusteer's services in the near-term. Trusteer's executive team has committed to stay on board, and while future deals may be completed under the IBM name, the security products the financial organizations rely on will remain intact.
IBM also announced the opening of a cybersecurity lab in Tel Aviv, Israel, to continue its security research and development efforts. The research will focus on mobile and application security, advanced persistent threats, malware, counter-fraud and financial crimes, which Robinson says would feed back into better detection methods. The lab will consolidate IBM's existing Israeli R&D team, Trusteer researchers and other security experts in the area from previous acquisitions, such as AppScan.
Intensifying cybersecurity R&D occurs as fraud rings and hackers groups increasingly organize and target financial institutions, payment possessors and retailers. As a result, enterprises try to strengthen their existing security and are investing in additional layers of protection, says Shirley Inscoe, an analyst with the Aite Group, a research firm focused on the financial services industry. "We will continue to see larger firms acquire these niche security or fraud prevention companies going forward," Inscoe says.