IBM is to expand its security portfolio through its acquisition of Israel-based Trusteer in a deal rumoured to be worth around $1 billion.
Trusteer brings a number of services to the table that broadens the IBM catalogue, including fraud and malware protection offerings. Founded in 2006, Trusteer specialises in helping the financial services industry repel advanced attacks, but recently has taken on a number of e-commerce sites as customers.
In addition, the vendor has extended its product line to mobile, where it offers fraud risk prevention technology.
“We're finding mobile operating systems are not as secure as people think they are,” Trusteer president Rakesh Loonkar told SCMagazine.com on Thursday. “It's a platform that can be exploited just like traditional operating systems. There aren't a lot of sensitive applications doing risky things. As applications migrate to mobile, we'll definitely be seeing an increase in mobile threats.”
Loonkar said he has already seen mobile devices being hit in markets, such as Asia, where the Android platform is the dominant operating system. He pointed to malware as one of the problems, and said he expects its prevalence to only spread in the coming years.
“In our strategy,” Marc van Zadelhoff, a vice president in IBM's security systems division, told SCMagazine.com on Thursday, “all our products will work together and share data. I think that's where the market is going, and IBM is leaps and bounds ahead in covering the most domains and doing the integration that is necessary. Five years from now [the market is] not going to be so fragmented.”
Part of the agreement includes the formation of a software lab in Israel that comprises more than 200 IBM and Trusteer researchers and developers. The facility will focus on mobile and application security, advanced persistent threat (APT) attacks, malware, counter-fraud and financial crimes. It will not replace IBM's existing research-and-development facilities in the country.
Security analysts applauded the decision, the latest deal that involves an IT giant wanting to bolster its security offerings. Last month, Cisco purchased IPS mainstay Sourcefire for $2.7 billion.
IBM and Trusteer executives could not comment on the price of the acquisition, but the Hebrew language financial paper Calcalist reported the sales price as between $800 million and $1 billion, according to a TechCrunch article.
“It's a good move for IBM,” Mike Rothman, president of security research at advisory firm Securosis, told SCMagazine.com on Thursday. “Bringing Trusteer in-house really bolstered their ability to deal with malware.”
In her blog, Avivah Litan, vice president and distinguished analyst at Gartner, said Trusteer was being sold at its peak, but expressed concerns that the company's talent may dry up with the transition.
“It's tough for large companies to attract and retain risk-taking innovative employees that seek the agility, creativity and potential for great wealth that small start-ups afford,” Litan said. “We'll keep our eyes on this one – but if it's like all the others I've personally watched, I'd give it about a year or two at the most before the innovative spirit and creativity slowly fizzles out.”
Applying the same synergy-building template to all its acquisitions through the years – Q1 Labs, ISS, Arsenal Digital Solutions and Guardium, to name a few – is how IBM has managed continued success, said van Zadelhoff.
“Our view is to make sure IBM gets out of the way and allows you [Trusteer] to execute your vision and accelerate it with our portfolio,” van Zadelhoff said.
Loonkar, who said discussions between the two companies had been on-going for several months, explained it was that operating philosophy that made the sale attractive. He joked that the news is almost anti-climactic because not much is changing structurally and clients will continue to get the services they have come to expect.