• United States



Contributing Writer

IBM’s Security “Tiger Team”

Jul 20, 20092 mins
Cisco SystemsData and Information SecurityIBM


Last month, IBM announced the creation of a security “tiger team” with limited detail on the team itself, its role, or its makeup. I decided to ask IBM for a bit more specifics and I’m glad I did as I came away quite impressed.To summarize, the security tiger team was created to:1. Articulate and sell IBM security solutions to “C-level” executives. In other words, align security solutions to business initiatives.2. Cut across IBM brands. Tiger team members have deep knowledge of IBM security solutions from ISS, Rational, Tivoli, Websphere, etc. The focus is on customer needs rather than internal IBM organizational boundaries.3. Act as security advocates within IBM. Aside from the external focus, the tiger team will act as the security-focused “voice of the customer” back to IBM. This should help IBM get creative with vertical solutions and new product development.The tiger team will also work with IBM security partners such as Application Security Inc. and PGP. I’ve been astounded for years at the tactical nature of security vendors. Most sell products as countermeasures for particular threats but they don’t understand the “big picture.” CEOs don’t care about firewalls and IDS, they want to make sure that their business processes are secure and meet regulatory requirements. IBM’s tiger team not only recognizes — and addresses — this fact.Who else could pull off a similar tiger team? Few vendors come to mind. Systems integrators like Accenture and federal government specialists like SAIC could. HP and Symantec could. McAfee? Check Point? I don’t think so. IBM’s tiger team may be a subtle organizational move, but other security vendors should pay keen attention to it. If IBM can sell “top down” security solutions, it could marginalize the multitude of tactical security vendors hawking point products.

Contributing Writer

Jon Oltsik is a distinguished analyst, fellow, and the founder of the ESG’s cybersecurity service. With over 35 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies. Jon focuses on areas such as cyber-risk management, security operations, and all things related to CISOs.

More from this author