IBM announced it will acquire Q1 Labs, a data analytics software company, to expand its security and events management capabilities.
With advanced analytics from Q1 Labs, IBM can provide customers with correlation capabilities to automatically detect and flag suspicious or abnormal events, IBM said Oct. 4. The deal is subject to regulatory approval and is expected to close in the fourth quarter. Financial terms were not disclosed.
Following the close, Q1 Labs will join IBM as a newly minted security division, Robert LeBlanc, senior vice president of IBM Middleware Software, said during a conference call with journalists. The new division, IBM Security Systems, will be led by Brendan Hannigan, the current CEO of Q1 Labs, who will report to LeBlanc.
IBM Security Systems will be formed by Q1 Labs and security software, appliances, lab offerings and services IBM has picked up from more than 10 strategic security acquisitions and 25 analytics-related buys over the past 10 years, including Tivoli, Rational and i2, LeBlanc said.
"Q1 Labs' security analytics will add greater intelligence to IBM's security portfolio and continue to distinguish IBM from competitors," Hannigan said.
Organizations feel cyber-attacks are increasingly harder to detect, and their ability to identify threats, detect insider fraud, predict risk and comply with regulatory mandates would be easier with an end-to-end security platform, LeBlanc said, adding that security is at the "top of the list" of things they are worrying about. Customers will benefit from tightly integrated products and a unified road map.
"There's a lot of data, but not brought together in a way to give clients a way to understand the threats," LeBlanc said.
Q1 Labs recognized that application flow data can be used to identify security-relevant events from a wide variety of very different technologies, Scott Crawford, director in the security and risk management practice at EMA Managing Research, wrote in a blog. The approach allows organizations to focus on "security intelligence," or collecting and managing information relevant to security from multiple sources and correlating them to identify threats from legitimate activity, Crawford said.