B2B Tech Talk with Ingram Micro
B2B Tech Talk with Ingram Micro

Episode · 2 months ago

More than Just Consulting: The Security Side of IBM


You likely know IBM for the big blue logo.

They’re masters at technology consulting all over the globe. But did you know that they’re also the largest enterprise cybersecurity provider on the planet? Helping analyze over 2 trillion security events per day? With over 8,000 security-specific employees?

On this episode of B2B Tech Talk, Brendon Munn, the Channel Sales Leader for IBM North America, talks all about the ways that IBM can help keep your business safe, whether you have 5 employees or 50,000.

Some things we discussed:

- The 4 core competencies that make up IBM security services

- The challenges facing business today and how IBM can help

- How IBM can help not just enterprise companies, but SMBs as well

- His thoughts on where technology is headed in the next year

To join the discussion, follow us on Twitter @IngramTechSol #B2BTechTalk

Listen to this episode and more like it by subscribing to B2B Tech Talk on Spotify, Apple Podcasts, or Stitcher. Or, tune in on our website.

...you're listening to B B B Tech talkwith ingram Micro, the place to learn about new technology and technologicaladvances before they become mainstream. This podcast is sponsored by IBM. IBMis a leading hybrid, multi cloud solutions company, accelerating thecreation development and manufacturing of the industry's most advancedinformation technology for companies around the world. Let's get into it.Welcome to B two B tech talk with ingram Micro. I'm your host, Shelbyskirt Hawk. And my guest today is Brendan. Mahon business developmentexecutive for the channels in north America. Channel Leader Brendan welcome.Great to be here. Pleasure! Well, so today we are talking about IBM securityservices and I'll say, you know we all know who IBM is but I think peoplemight not be as familiar with the security division. So tell us moreabout IBM security. Sure, you're exactly right. As you mentioned, manypeople do know the big blue IBM logo. But as far as IBM security goes, uh youknow, we are large player in the industry, we are the largest enterprisecybersecurity provider out there. We make up about 8000 security employeeswithin the organization. And within that security organization we'rehandling upwards of two trillion events per day. The backbone of theorganization was started a little before my time, it was in 2002 and whenIBM started acquiring security but the real turn came in 2006 where I camefrom, which was Internet security systems based out of Atlanta. Theyacquired that for 1.3 billion in 2000 and six and that really sparked off thesecurity from hardware vendors moving into this space And from that point on,we truly made it more investments. We just didn't sit on that that purchaseand and made more investments in the security arena picking up big fixGuardian Q one labs which now cure...

...radar Lighthouse, all that resilientall these great security vendors that now are under the IBM makeup to make upIBM security and then finally to to kind of wrap everything around thatglobally. You know, our our organization's global, we're in every,almost every country out there. We sent on all the continents with our GlobalSecurity operations center. So our socks are monitoring our clients 24 7365. And the way we do this is we have operations all over the world so thatwe follow the Sun when it goes down in Atlanta. We're cutting over, you knowto the California when it's out in California, we're going to Australia.So we're following that sun so that at any given time our clients are beingmonitored and if they wanted to call in and talk about a ticket, they have theability to do that. So it's a, it's just a large organization that we helpour clients with security. Well that's that's definitely an advantage there tobe able to have the coverage and the broad scope that a large company likeIBM has. So what are then those core competencies I guess that make up IBMsecurity and what more importantly sets IBM security apart certain certainlythose those core competencies really are made up in what we call our oursecurity shield. Right. And it's divided into four areas. The alignprotect, manage and modernize. So starting with a line that's yourstrategy and risk, you know we're looking at strike doing strategy andplanning with our clients, looking at risk assessments, advisory services,regulatory compliance with your clients even down to bringing them into our IBMCommand center for an on site exercise, looking at threats and how they caninfect your environment. So really aligning your organizationappropriately for security and then moving into more of the digital trustprotect segment. That segment of course...

...is looking at protecting your criticalassets, looking at how your identity is tracked or a digital identity trustwhere are people going and coming and how are they doing it governing whereusers can go within the organization and then of course in point managementso that protects segment. And then moving over to more a proactiveapproach is your threat, manage your managed segment. So this is all thegood stuff. You know, this is your threat management at your sim operationwhere we're doing management and monitoring of the sim of externaldevices, looking at doing offensive testing through our X force red teamwhere we're going out and testing and making sure there's no *** in the armorthat they can evade and get into. And then of course our our modernizedshield or segment where you know everybody is evolving and whether it ison site or in the cloud and we have to look at that and help our clients makethat journey. That journey is tough and there's a lot of moving parts so we canhelp in that area too. So within those four segments aligned, protect, manageand monetize. We pretty much can address every facet of security when itcomes to your your client's needs. So that wraps up the security segment.Yeah, well I don't know if if one element you know of those four is moreimportant than the other. I imagine that you know all four of thoseelements do need to be there to have a comprehensive security solution. Butwithin those challenges that customers see, I mean what are the most commonproblems that either resellers or their clients or you know, just end users arecoming to IBM to help solve for their businesses. Yeah, so cybersecurity injournal is complex and ever evolving. You know, it's it's challenging to keepup with every threat. So staying ahead of the threats requires customers toinvest in people process and technology is to be completely secure. Thatbecomes a challenge when our customers need to staff a security team, they'releveraging, you know, their I. T.

Department or their networking team dueto budget limitations, they're moving into monitoring threats around theclock. You know it's really tough for your clients when you're dealing withthese threats that are 24 7 it's not your typical they're gonna hit youbetween the hours of eight and six. Typically you know hackers are going tobe up at night doing this type of work. So you gotta have the threats monitoredaround the clock, lack of technical expertise. Not only is it a staffingissue, as I mentioned that first one but technical expertise just becauseyou have the staff there, you also have to know how to handle and how to workaround these threats when they're coming in and how to attack themefficiently. And then of course the cost of building a sock, you know whenyou outsource to someone like IBM security to do your managed services,you're obviously paying a much lower cost for that monthly monitoring feerather than taking the investment on and building a multifaceted sock acrossthe globe, managing your security incidents. And then finally you know weall deal with security awareness really. It's a it's a real big challenge.You're always hiring new employees, you're bringing on new groups andsecurity awareness is a big thing. You can have the best security in the world.But if you know it's bring your kid to work day and little johnny is playingon your computer and he happens to download something that he shouldn't be,well he's behind the firewall. So security awareness is that so that kindof wraps up that the challenges that our that our customers face. So I thinkwith IBM services there might be a perception that only large enterprisesare a good fit for for IBM solutions. And you you point to this that you know,a lot of businesses are trying to do more with less there, you know,throwing in their I. T. Teams or their networking teams to handle theircybersecurity and so you know, there's a lot of challenges there. So whatsolutions are there specifically for S and B. S. So you know, our S and B sare definitely a challenge. Right? Like...

...we talked about in the previousdiscussion, lack of resources, lack of budget, all these things, third partyintegrations are really challenges to the small clients. So where we reallyshine in our small to medium enterprises is with solutions that aretruly going to help them at an efficient level like managed securityservices. Right coming in, having managed security services, look attheir firewalls, you tM devices and offload that so that what we're doingis we're looking for these threats were rising up, we're getting rid of thenoise, removing false positives and truly handing over to the client whatthey need to be concerned about what they need to go investigate. So in thatregard we are offloading all the heavy lifting, allowing your 1 to 2 resourceto truly be efficient and go attack these different vectors right therethat we're bringing up to you, another great solution that we find for some ofour smaller medium clients because of that resource issue that they run intoour incident response team. Right? We have a wonderful X force, it's called Xforce incident response. They are 24 7. Again, they're out there to help youwhenever you have a breach or you think you have a breach. Right? So it's notnecessarily something has happened but this is a group of individuals. It'sglobal available by email by call. However you see fit by chat, you cancall these folks and you can talk to them about things that you're seeing inyour environment. So when our clients, I think that there's somethingnefarious going on in there inside their environment, they can call themtalk through it. If it does end up being an issue, obviously we can reactto that. So it's a really great offering for their smaller clients thatdon't have the technical expertise, don't have the resources to do that andit fits perfectly. And then finally I would say the other ones are more ofour general offensive testing. Our X Force red Team offensive testing isgreat because you come in and you you...

...know, we're posing as a hacker so we'regoing to come in and hit him from the outside and see if there are any *** inthe armor And what's wonderful about the penetration testing is once we gothrough the exercise and we do find the high risk targets for those for yourclients. We go back at no charge and retest those high risk targets. We wantto make sure that when your client makes that investment, you know,because for some of these smaller clients, these are this is asignificant investment for security that they are getting the results andthe way that we ensure that is after the testing is done, we go back, wehave give them time to button up everything, do what we've recommended.All of our services come with recommendations on how you get to a,you know, a better spot or better point in your journey to locking everythingdown. And then we retest and make sure that everything that was done obviouslyis shut down the Attackers and that there's no threats that can beexploited going forward. So those are the three main ones that we apply toour clients. Obviously small to medium customers range from, you know, a fewemployees all the way up to 1000 employees are bigger. We we love towork with them and help them. And one final thing to add to the benefitbecause you're right, you know, IBM is based around large enterprise, butthere is benefit to that with our smaller clients when we are, you know,when we see these attacks coming in in whatever industry, it might be anindustrial industry or financial industry, all of that knowledge goesinto the same security operation center that's monitoring large clients andsmall clients, so are smaller clients get that benefit as well. You touch onthis. And maybe it reminded me when you were talking about how IBM wasacquiring some of these um, you know, security vendors and and you know, andthese other services to kind of help build IBM security's arsenal. Itreminds me that, you know, no solution is one size fits all. Obviously, I knowone company can provide every single...

...solution to to what what challengesthey have. So how does IBM work with security? OM vendors to really expandtheir capabilities in coverage? Absolutely. I mean, we have made greatstrides in this area. You can't acquire every company that's out there justbecause they're wonderful in their space. Right? So we have to have thesetypes of programs where we work with these vendors. So we have developedover the past couple of years and alliance program where we are focusedmore on our alliance partners than we ever have some examples would be Paloalto Z scalar crowdstrike checkpoints for net, all of these different vendors.And what we found is, you know, there's a lot of opportunity out there forthese vendors to work with our clients and fix a lot of security issues thatare out there, but they do not have the manpower or they don't have theexpertise to maintain those systems. Right. So we have partnered with thesewith these different vendors and made these alliances that we will worktogether in concert with our clients. So now, instead of just having IBM gearand services that are around it, we've entered into a whole different area. Wetalked about the segment earlier with the line, protect, manage and monetize,you know, in the aligned segment, the strategy and risk. We're working withMicro Focus to name a few proofpoint a nap sis you move into that digitaltrust area, you're talking about, you know, your octaves of the world, your,your Cisco's your Cloudflare is your force points, all these great vendors.We have the ability to work with threat management of course, you know, wewe've got a cue radar but there's also crowdstrike cyber reason, Micro focus,all these great vendors that we work within that threat space. And then ofcourse modernize of course Palo Alto checkpoints, working with those guystoo. So the long and short of it is we have a ton of vendors out there thatwe're working with in all capacities.

You know, it's not just managed. I saidthat earlier that we do management of these devices and that certainly is abig portion as well. But they're also devices and inventors out there that wedon't need to manage, that. We're just doing uh, an install configuration atuning to it. So very point specific ways that we can help our clients withthose alliance as well. So it's been a great adventure, you know, and it'sonly growing more and more, you know, once we have established theserelationships, obviously the word gets out and more vendors want to work withus and so we are really focused on the key strategic, you know, securityvendors out there, the leaders in these spaces so that we can expand our reachand security and help our clients even more definitely. Well as we start towrap up this episode, you know, we always ask our guests where do you seetechnology going in the next year and I guess I would ask specifically where doyou see cybersecurity going in the next year? It's a it's a loaded question.It's it's hard to get your arms around it since there's so many facets andlevels insecurity. But for one thing is for sure it's going to continue. It'snever gonna give up. And it's continued to increase over time. You know, we allhave been dealing with very unique circumstances over the past couple ofyears here. More and more companies are evolving their work environments fromthe home office or excuse me from the office to the home, you know, with thepandemic going on and all these things. This is completely changing the makeupof these architectures and how businesses are working, especiallysupply chain issues, right. This is another area, you've, you've heard iton the news. Everybody is dealing with supply chain issues, getting things.It's forcing companies to work with new vendors. So, you know, whether it'schanging environments from where your workers are dealing with new vendorsthat are introducing new threats, or just the fact that we've all, you know,from an environment that wasn't work from home. Now, we've got a lot more ofthe work force coming out of the house is, you know, we've got more noise outthere for these nefarious, you know, at...

...bad actors to do nefarious activities.So really, that's, you know, where it's evolved, just kind of sighting our Xforce threat in the intelligence that was just released every uh, for 2 2021ransomware is last year made up 23% of all instance observed. Right, That's upfrom 20% the prior year. And what that suggests is simply they're making moneyand it's profitable and they're investing more in this area. So I thinkyou're gonna see ransomware obviously, uh, with a big uptick there. And thenfinally, covid, of course, we all know and deal with everybody's takingadvantage, unfortunately of that phishing campaigns where people arecoming out and they're trying to take advantage of folks whether it's avaccination, whether it's a medical record, whatever it may be, they'regetting really clever with all of this new noise and trying to, you know, makeyou click on something, you shouldn't be clicking on. So, you know, really,that's why it's critical. It's critical for our business partners. It'scritical for IBM to stay ahead of these threats and help our clients with theirsecurity needs. So we're here to help. Right? That's where where I think wefit the best is enabling our business partners to truly service theircustomers and and be a value add resource where you're going in thereand truly helping them with their security needs. They are clever. Badactors are very clever. I think the last one I saw was a text saying ourrecords show that you're due for your booster. And the only hint was that itsaid, you know, you received the johnson and johnson vaccine. Did youreceive that one? Yeah, they're taking the guests and they're saying becauseyou're going to get some hits on that because a lot of people signed up forthose text alerts when their next up in line and so you know, to be able todecipher is a definite challenge. Yes, it is. It is. So keep your eyes openand don't just click if you get...

...something, you know for sure. Well, howcan our listeners find out more about what we talked about today? Absolutely.You can find out more by just simply reaching out to your ingram micro rep.They will get in touch with me, I will play quarterback when it comes togetting engaged with your deals. What we'll do is once we get engagedtogether an opportunity, we'll try to understand what the makeup of it is andwhat we need to do to support you, whether that's getting on the phone anddoing discovery with your client, we have that ability, we also following upwith that can bring on resources, any of the resources from the companies,the competencies that I talked about today, we can bring them on the phoneto help that journey, right, talk with your clients, understand their problemsand needs and address them. And finally, for sales enablement, we're able toprovide that wherever it makes sense on this podcast today, you've heard a lotof different areas of the security business and it's overwhelming. And ifthere are areas that one you have interest in, certainly reach out andwe'll be happy to do a deeper dive individually with you and go into thoseareas or if you want a large breath of just going through the portfolio at adeeper level, but you know, still keeping it high. But understanding alittle bit more about the intricacies underneath in these competencies. Wehave the ability to do that. So we look forward to working with you ingram andIBM, we're here to support your journey with your clients providing themsecurity and I really appreciate your time today and I look forward toworking with you. Excellent. Well Brandon, thank you so much for forjoining us and sharing all of your insight. Absolutely. Have a great day.Thanks for your time and thank you listeners for tuning in and subscribingto B two B tech Talk with ingram Micro if you like this episode or have aquestion, please join the discussion on twitter with the hashtag B two B Techtalk. Until next time I'm Shelby scare hawk. You've been listening to B two BTech Talk with ingram Micro, hosted by Kerry roberts. This episode wassponsored by IBM B two B Tech Talk is a joint production with Sweet Fish Mediaand Anger Micro. To not miss an episode.

Subscribe today to your favoritepodcast platform. Mhm.

In-Stream Audio Search


Search across all episodes within this podcast

Episodes (355)