skip to main content
Close Icon

In order to deliver a personalized, responsive service and to improve the site, we remember and store information about how you use it. This is done using simple text files called cookies which sit on your computer. By continuing to use this site and access its features, you are consenting to our use of cookies. To find out more about the way Informa uses cookies please go to our Cookie Policy page.

Global Search Configuration

Ovum view

Summary

2016 will be the year that actionable intelligence moves to center stage on the IBM X-Force Exchange threat intelligence sharing platform. The objective during the year ahead will be to improve the relevance and timeliness of the threat information on offer, and to integrate it into workflows that enterprise security analysts can use more effectively.

More actionable intelligence and less noise is the objective

For IBM in 2016, there will be less visible focus on individual threat intelligence contributions from Trusteer (malware and fraud prevention), WatchFire (application security), Guardium (database security), Q1Labs (security intelligence and SIEM), and Internet Security Systems (security services). While these groups aren’t going away, their input will be unified under the IBM X-Force brand.

Since X-Force Exchange was launched in April 2015, the emphasis has been on ensuring that the threat intelligence gathered was of good quality. This has been achieved using IBM’s in-house threat research teams that collectively cover most security disciplines. The teams have now turned their focus to the objective of separating out the volume of noise that multiple threat intelligence feeds commonly produce to focus on delivering targeted and relevant threat information for its platform users.

At the same time, IBM has built up an infrastructure of trusted external resources and security partners to take the X-Force Exchange proposition onto the next level. It has established a group of more than 11,000 contributors and registered users. This incorporates more than 2,000 enterprise organizations across 16 global industries, including five of the world’s top 10 banks, six of the top 10 retailers, six of the top 10 automobile manufacturers, and three of the top 10 healthcare providers.

IBM has seen the number of data collection resources grow by a factor of 10 since the X-Force Exchange platform launched. However, this is not about the type of numbers game that has clearly failed to deliver genuine threat intelligence elsewhere. Its strategy of building a strong partner pipeline of established security and business partners (threat intelligence producers and consumers) adds a controlled public collection element to the overall threat intelligence package.

IBM is looking to extend its influence over the security intelligence sector through the delivery of actionable intelligence from the Exchange directly into customers’ security infrastructure platforms. This is an approach that won’t immediately deal with all of the complexity and data management issues that currently exist within the threat intelligence arena, but on a practical level, it is intended to reduce the time to identify and deal with emerging threats using commercial, trusted circle, open source, and publicly sourced threat intelligence.

Appendix

Further reading

2016 Trends to Watch: Security, IT0022-000522 (October 2015)

“Proactive CISOs do not always see shadow IT as a major problem”, IT0022-000427 (July 2015)

Author

Andrew Kellett, Principal Analyst, Infrastructure Solutions

Andrew.kellett@ovum.com

Have any questions? Speak to a Specialist

Europe, Middle East & Africa team - +44 (0) 207 017 7700


Asia-Pacific team - +61 (0)3 960 16700

US team - +1 646 957 8878

+44 (0) 207 551 9047 - Operational from 09.00 - 17.00 UK time

You can also contact your named/allocated Client Services Executive using their direct dial.
PR enquiries - +44 (0) 207 017 7760 or email us at pr@ovum.com

Contact marketing - marketingdepartment@ovum.com

Already an Ovum client? Login to the Knowledge Center now