BASINGSTOKE, England, October 17, 2022--(BUSINESS WIRE)--A new study from Juniper Research has found that the total business spend on SIEM (Security Identity & Event Management) will exceed $6.4 billion globally by 2027, from just over $4.4 billion in 2022. It predicts that this growth of 45% will be driven by the transition from term licence (where businesses can use SIEM for specific licence lengths) to more flexible SaaS (Software-as-a-Service) models (where SIEM solutions are purchased via monthly subscription). This will enable small businesses to access previously unaffordable services.
A SIEM system is a combination of SIM (Security Information Management) & SEM (Security Event Management), which results in real-time automated analysis of security alerts generated by applications and network hardware; leading to improved corporate cybersecurity.
IBM Tops Juniper Research Competitor Leaderboard
The research identified the world’s leading SIEM providers by evaluating their offerings, and the key factors that have led to their respective success, such as the breadth and depth of their platforms.
The top 3 vendors are:
Research co-author Nick Maynard explained further: "Juniper Research has ranked IBM as leading in the global SIEM market, based on its highly successful analytics platform and its ease of integration. SIEM vendors aiming to compete must design scalable solutions that are accessible to smaller businesses, which can provide easy-to-understand, actionable insights for less experienced cybersecurity teams."
Transition to SaaS Accelerating Rapidly
Additionally, the research found that SaaS business models within SIEM are gaining traction; accounting for almost 73% of global business spend on SIEM in 2027, from only 37% in 2022. This significant increase represents an opportunity for newer vendors to break into the market with appealing SaaS-based models, but SIEM vendors must be careful not to leave larger enterprises, which still prefer term licences, behind.
View the SIEM market research: https://www.juniperresearch.com/researchstore/key-vertical-markets/security-information-event-research-report
Download the whitepaper: https://www.juniperresearch.com/whitepapers/why-siem-is-critical-to-cybersecurity-processes
Juniper Research provides research and analytical services to the global hi-tech communications sector; providing consultancy, analyst reports, and industry commentary.
View source version on businesswire.com: https://www.businesswire.com/news/home/20221016005001/en/
Sam Smith, Press Relations
T: +44(0)1256 830002
The latest global market research from IBM found that more than 77% of respondents have adopted a hybrid cloud approach which can help drive digital transformation, yet the majority of responding organizations are struggling with the complexity to make all their cloud environments work together.
As organizations face skills gaps, security challenges, and compliance obstacles, less than one quarter of respondents across the globe manage their hybrid cloud environments holistically—which can create blind spots and put data at risk.
“The IBM Transformation Index: State of Cloud,” commissioned by IBM and conducted by independent research firm, The Harris Poll, was created to help organizations map their cloud transformation and empower them to self-classify their progress. Built on a foundation that leverages insights from experienced cloud professionals, enterprises can use the Index to gain measurable metrics that can help quantify their progress and uncover areas of opportunity and growth.
The Index consisted of more than 3,000 business and technology decision-makers from 12 countries and across 15 industries including financial services, manufacturing, government, telecommunications, and healthcare, to understand where organizations are advancing, or merely emerging, on their transformation journeys.
The Index points to a strong correlation between hybrid cloud adoption and progress in digital transformation. In fact, 71% of those surveyed think it's difficult to realize the full potential of a digital transformation without having a solid hybrid cloud strategy in place.
However, only 27% of those surveyed possess the necessary characteristics to be considered as "advanced" in their transformation. A sampling of findings include:
"As we see regulatory requirements grow across the globe, compliance is top of mind for business leaders. This concern is even greater for those in highly regulated industries. Yet at the same time, they are facing a growing threat landscape—one that demands holistic management of their multicloud environments to avoid the risks of a Frankencloud—an environment that's so disconnected, it's difficult to navigate and can be nearly impossible to secure, particularly against third and fourth party risks," said Howard Boville, head of IBM Cloud Platform. "An integration strategy to bring together these different piece parts is what we believe separates the leaders from the rest of the pack—the alternative is to pay the price of the Frankencloud."
Security concerns can even hold organizations back from unlocking the full potential of partnerships. As potential security gaps can cause third and fourth party risks to loom, respondents say data governance (49%) and cybersecurity (47%) are the top challenges to fully integrating their business ecosystem into the cloud. In Brazil, cyberthreats are an even greater concern to ecosystem innovation—51% say cybersecurity risks pose a major challenge for businesses that want to integrate business ecosystem partners into cloud environments.
Based on the Index, IBM will launch an interactive tool to serve as a continual source of feedback for organizations to measure their transformation progress. With the ability to help companies assess how they fare against others, the tool will allow them to identify areas where transformation is stalled and where it may be excelling—unlocking the ability to diagnose and act with efficiency even against the real-world of complexity of cloud transformation.
IBM will make the “IBM Transformation Index: State of Cloud” tool publicly available in the coming months, aiming to provide business leaders with valuable benchmarking insights that can inform their hybrid cloud strategies.
The IBM Institute for Business Value also published a new report, "A Comparative Look at Enterprise Cloud Strategy" with an action guide for how leaders can use the Index to help advance their organizations' digital transformation.
For more information about this news, visit www.ibm.com.
Consistency of experience, operations and results is one of the most important factors in technology product success. However, while it is a commonplace issue in consumer tech, the subject is seldom highlighted in enterprise IT solutions and services. That makes last week’s announcement that Red Hat will transfer its data storage portfolio and teams to IBM Storage particularly interesting. Let’s take a look.
Also see: Top Cloud Companies
Why is consistency so important? Consider it from a consumer perspective, where a consistent, simple, recognizable, reliable interface removes much of the pain and confusion out of what are often highly complex operations and interactions. Developing reliably consistent, easy to use interfaces is a primary reason for the success of solution providers, such as Microsoft, Apple and Google, as well as web-based companies, like Amazon, eBay and many others.
Those same benefits—reduced complexity and confusion, and increased efficiency and productivity—are clearly in the interest of businesses, as well. But the basic nature of enterprise IT is usually at odds with reliance on or adherence to single companies or platforms. Instead, organizations tend to engage specific vendors to support specific workloads, applications and business processes.
That can be further complicated by leadership changes. For example, new CTO or IT decision makers who prefer or are more familiar with specific vendors and platforms often choose new solutions and tools to replace or run alongside legacy systems and applications. That is further exacerbated by the general longevity of business computing hardware, which is why many enterprise IT infrastructures are hodgepodges of heterogeneous hardware and software.
Let’s add two other issues to the enterprise IT headache heap. First and foremost, all those systems and applications need to be able to successfully access and use organizations’ stored information resources, and to consistently support the creation, acquisition and management of new data. Second, those same on-premises systems, applications and data assets need to be consistently supported and managed across off-premises cloud platforms.
In other words, without the vital benefits that consistent experience, results and expectations provide, enterprise IT can find itself on a fast track to frustration and failure.
Also see: Why Cloud Means Cloud Native
How does the transfer of Red Hat’s storage assets and teams to IBM address this? First, it is important to consider the work that both have put into taming heterogeneous storage complexity. In IBM’s case, the company’s IBM Spectrum Storage Suite has been designed to support both IBM’s homegrown storage systems and scores of solutions from third party vendors.
For example, IBM Spectrum Control and IBM Storage Insights are designed to effectively monitor, analyze and manage complex enterprise storage environments. In addition, IBM Spectrum Virtualize focuses on block storage management and IBM Spectrum Scale can be used to manage unstructured data storage.
Finally, IBM Spectrum Fusion is a container-native file storage platform designed for Kubernetes applications running on Red Hat’s OpenShift Container Platform (OCP). All can be used with select offerings from Dell EMC, Hitachi Data Systems (HDS), Huawei, HP/3PAR, Lenovo, NetApp and Pure Storage.
Red Hat’s Ceph Storage is a highly scalable open-source software-defined storage solution designed to address enterprises’ block, file and object storage needs. It is deeply integrated with Red Hat’s OpenStack Platform and is at the center of the OpenShift Data Foundation (ODF).
Many enterprises are running Red Hat Rook as the Ceph operator in Kubernetes clusters. However, Ceph can run securely anywhere that OpenShift runs—on-premises and in the cloud—and is designed to help enterprises simplify operations and speed application developers’ time to market.
According to IBM, it will integrate the storage technologies from Red Hat ODF as the foundation for IBM Spectrum Fusion, thus combining the companies’ container technologies. In addition, IBM intends to offer new Ceph solutions to deliver a unified, software-defined storage platform that bridges the architectural divide between data centers and cloud providers.
As Denis Kenneally, GM of IBM Storage noted in a blog post about the announcement, “Today’s news means faster hybrid, multi-cloud deployments, with greater simplicity and expanded platform support backed by IBM’s global sales and lifecycle services. IBM will continue Red Hat’s commitment to existing customers and the open-source community, and we are accelerating our roadmap with new products and services to be announced in the coming months.”
Also see: Top Digital Transformation Companies
So what are the essential takeaways from this announcement? First and most practically, the combination of IBM and Red Hat’s storage assets and teams will support both companies’ existing solutions and initiatives. They should also result in a host of new storage offerings and services their customers can use to consistently manage and monitor their data resources. This is true no matter where they reside—on premises, off premises and in hybrid and multi-cloud environments.
Just as importantly, the announcement speaks to IBM’s continuing efforts to develop innovative heterogeneous storage solutions and to its ongoing commitment to support open-source projects and technologies. It also underscores the value of IBM’s acquisition of Red Hat, and the benefits that have accrued from that deal.
Overall, the combination of IBM and Red Hat’s storage assets and teams should benefit both organizations and their enterprise customers. It will also likely interest other large businesses that are struggling to capture consistent performance and benefits from their data storage investments.
Also see: Best Machine Learning Platforms
The world of cryptography moves at a very slow, but steady pace. New cryptography standards must be vetted over an extended period and therefore new threats to existing standards need to be judged by decades-long timelines because updating crypto standards is a multiyear journey. Quantum computing is an important threat looming on the horizon. Quantum computers can solve many equations simultaneously, and based on Shor’s Algorithm, crypto experts estimate that they will be able to crack asymmetric encryption. In addition, Grover’s algorithm provides a quadratic reduction in decryption time of symmetric encryption. And the question these same crypto experts try to answer is not if this will happen, but when.
Today’s crypto algorithms use mathematical problems such as factorization of large numbers to protect data. With fault-tolerant quantum computers, factorization can be solved in theory in just a few hours using Shor’s algorithm. This same capability also compromises cryptographic methods based on the difficulty of solving the discrete logarithm problems.
The term used to describe these new, sturdier crypto standards is “quantum safe.” The challenge is we don’t know exactly when fault-tolerant quantum computers will have the power to consistently break existing encryption standards, which are now in wide use. There’s also a concern that some parties could get and store encrypted data for decryption later, when suitably capable quantum computers are available. Even if the data is over ten years old, there still could be relevant confidential information in the stored data. Think state secrets, financial and securities records and transactions, health records, or even private or classified communications between public and/or government figures.
U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) believes it’s possible that RSA2048 encryption can be cracked by 2035. Other U.S. government agencies and other security-minded entities have similar timelines. Rather than wait for the last minute to upgrade security, NIST started a competition to develop quantum-safe encryption back in 2016. After several rounds of reviews, on July 5th of this year, NIST chose four algorithms for the final stages of review before setting the standard. IBM developed three of them, two of those are supported in IBM’s Z16 mainframe today.
The new IBM crypto algorithms are based on a family of math problems called structured lattices. Lattice problems have a unique characteristic that will make it reasonably difficult to solve with quantum computing. Structured lattice problems require solving for two unknowns – a multiplier array and an offset and is extremely difficult for quantum computing to solve the lattice problems. The shortest vector problem (SVP) and the closest vector problem (CVP) – upon which lattice cryptography is built – is considered extremely difficult to a quantum computer to solve. Each candidate crypto algorithm is evaluated not just for data security, but also for performance - the overhead cannot be too large for wide spread use.
The final selections are expected in 2024, but there’s still a chance there will be changes before the final standards are released.
IBM Supports Quantum Safe in New Z-Series Mainframes
IBM made a strategic bet before the final NIST selections. The recently released IBM Z16 Series computers already support two of the final four quantum safe crypto candidates: the CRYSTALS-Kyber public-key encryption and the CRYSTALS-Dilithium digital signature algorithms. IBM is set to work with the industry to substantiate these algorithms in production systems. Initially, IBM is using its tape drive storage systems as a test platform. Because tape is often used for cold storage, it's an excellent medium for long-term data protection. IBM is working with its client base to find the appropriate way to roll out quantum-safe encryption to the market. This must be approached as a life cycle transformation. And, in fact, IBM is working with its customers to create a crypto-agile solution, which allows the exact crypto algorithm to change at any point in time without disrupting the entire system. It’s not just a rip and replace process. With crypto-agility, the algorithm is abstracted from the system software stack so a new algorithms can be deployed seamlessly. IBM is developing tools making crypto status part of the overall observability with a suitable dashboard to see crypto events, etc.
These new algorithms must be deployable to existing computing platforms, even at the edge. However, it's not going to feasible to upgrade every system; it’s probably going to be an industry-by-industry effort and industry consortia will be required. For example, IBM, GSMA (Global System for Mobile Communication Association), and Vodafone recently announced they will work via a GSMA Task Force to identify a process to implement quantum-safe technologies across critical telecommunications infrastructure, including the networks underpinning internet access and public utility management. The telecommunication network carries financial data, health information, public-sector infrastructure systems, and sensitive business data which needs to be protected as it traverses global networks.
What’s Next for Quantum Safe Algorithms
Fault-tolerant quantum computing is coming. When it will be available is still a guessing game, but the people who most care about data security are targeting 2035 to have quantum-safe cryptographic algorithms in place to meet the threat. But that’s not good enough. We need to start protecting critical data and infrastructure sooner than that, considering the length of time systems are deployed in the field and data is stored. Systems such as satellites and power stations are not easy to update in the field.
And there’s data that must be stored securely for future retrieval, including HIPAA (for medical applications), tax records, toxic substance control act and clinical trial data, and others.
Even after the deployment of these new algorithms, this is not the end – there may still be developments that can break even the next generation quantum-safe algorithms. The struggle between those that want to keep systems and data safe and those that want to crack them continues and why companies should look to building in crypto agility into their security plans.
Tirias Research tracks and consults for companies throughout the electronics ecosystem from semiconductors to systems and sensors to the cloud. Members of the Tirias Research team have consulted for IBM and other companies throughout the Security, AI and Quantum ecosystems.
Customer Identity & Access Management (CIAM) , Security OperationsConsumerization of IT Has Brought CIAM Methods, Technologies to Workforce IAM Space
Perennial leaders ForgeRock, Ping Identity and IBM, along with a surging Okta, set themselves apart from the pack of CIAM vendors in the latest report by KuppingerCole analysts.
See Also: Building a Secure IoT Deployment Using 5G Wireless WAN
Ping Identity leapfrogged ForgeRock to capture the gold in product leadership, and IBM once again took the bronze. ForgeRock, Ping Identity and IBM maintained the gold, silver and bronze, respectively, in innovation leadership. And in the market leadership category, Microsoft again took gold, Auth0 catapulted from seventh to second place in market leadership due to becoming part of Okta, and SAP fell from second to third since the last report in late 2020, KuppingerCole found.
"The trend toward digitalization of consumer experiences was well underway in the late 2010s, and the COVID pandemic forced more businesses and other organizations to expedite digital transformation," John Tolbert wrote in the 120-page report. "With every iteration of this report, we observe significant acquisitions of CIAM certified by others in the market, and entry into the market of new vendors."
Microsoft, Okta and IBM were the three market share leaders in the broader $13.6 billion identity and access management category last year, while Ping Identity and ForgeRock captured ninth and 10th place, according to IDC. Thoma Bravo has acquired SailPoint and plans to buy Ping and ForgeRock. Should the three companies be combined, it would take the bronze in market share, narrowly edging out IBM.
"Innovation in CIAM drives the wider IAM market," Tolbert wrote. "The 'consumerization of IT' is exemplified by the push to use CIAM methods and technologies for registration, authentication, and authorization in workforce IAM. Features that were considered innovative in the previous edition of this report are going mainstream."
Outside of the top four, here's how KuppingerCole sees the CIAM market:
The latest rankings represent a drop for SAP and WSO2, which fell from third to fifth and eighth to 10th, respectively. Microsoft and OneWelcome leapt from ninth to seventh and 10th to ninth, respectively. LoginRadius held steady in sixth place, while Transmit Security - which raised $543 million last year - is new to the list.
"The CIAM market is growing and there is room for much further expansion, with many vendors offering mature solutions providing standard and deluxe features to support millions of users across every industrial sector," Tolbert wrote. "Some vendors have about every feature one could want in a CIAM product, while others are more specialized, and thus have different kinds of technical capabilities."
|IBM||Lighthouse Security Group||Not Disclosed||August 2014|
|Ping Identity||UnboundID||Not Disclosed||August 2016|
ForgeRock in April refreshed the user interface around its authentication app to Boost the customer experience, add functionality for facial biometrics, and leverage capabilities from Apple and Android, according to CEO Fran Rosch. He says ForgeRock has sought smarter ways to identify legitimate users and deliver them access by leveraging AI to collect signals of typical user and device behavior.
Once ForgeRock has collected patterns around a typical positive user experience, the company develops a risk score to deliver customers more confidence about whether a legitimate user is attempting to log in. To prevent account takeover fraud, ForgeRock has factored in both known threats and threats projected via AI into its risk score and has incorporated more information about device behavior into its app (see: Thoma Bravo Identity Push Continues With $2.3B ForgeRock Buy).
"CIAM has got a strong security component, but also a strong usability component," Rosch tells Information Security Media Group. "And we've always worked to embed that capability of self-service and ease of use into the platform."
KuppingerCole criticized ForgeRock for implementation challenges around the on-premises version and a lack of native marketing analytics, marketplace integrations and certification around FIDO. Rosch says ForgeRock has focused on simplifying the deployment of its on-premises offering by crafting DevOps capabilities for implementation, simplifying upgrades and creating new configurable AI for the platform.
"Every company's got room to improve," Rosch says. "Generally, we would agree with those areas identified by KuppingerCole. We're continuing to work and to improve."
Over the past five years, Ping Identity has migrated all of its core capabilities to the cloud, meaning customers don't have to deal with infrastructure, management or upgrades and can focus on the user experience, says Dustin Maxey, vice president of product and solutions marketing. Having everything available as a multi-tenant, SaaS-based offering means Ping can support customers' various deployment options, he says.
Maxey says Ping has defined and developed workflows for CIAM scenarios such as account registration and fraud detection that incorporate both native and third-party capabilities and are easy for customers to use. Over the past year, Ping has made real progress on decentralized identity and combining multiple fraud signals in one place so that risk and fraud can be assessed at the point of authentication, he says (see: Ping Identity to Go Private in $2.8B Thoma Bravo Acquisition).
"A lot of competitors will have orchestration platforms, but Ping really differentiates in that we fully embrace this open mentality," Maxey tells ISMG. "If you want to use competitive services - if you want to use ForgeRock authentication or Okta authentication - we can plug that authentication service into our orchestration platform that we created."
KuppingerCole criticized Ping for its inability to collect device attributes, customization requiring for consent handling, and lack of simple connectors for BI, CRM, marketing analytics and automation. Maxey says Ping has focused on building the most important connectors first and wants to create deep integrations within its existing connectors before pivoting to construct new connectors.
"We are on a tear to build connectors that are deep, that are numerous and that are the ones that represent the services that our customers work with," Maxey says. "And we are moving very, very fast at that."
IBM has actively participated in committees and bodies that manage protocol support to help clients better manage API and authentication requests in applications, says Wesley Gyure, director of product management for IBM Security. Offering support for both old and new protocols gives clients a seamless experience across apps in legacy infrastructure as well as modern web-based applications in the cloud.
Gyure says the company has integrated its CIAM offering with threat intelligence to get more visibility into everything from compromised passwords to potential malicious account takeover and the opening of fraudulent accounts. Identity threat detection and response starts with determining whether to block or challenge a registration request based on if the IP address is known and if the device could be malicious (see: IBM Buys Startup Databand.ai to Address Data Quality Issues).
"We have very large Fortune 500 clients that are using our systems, both legacy and off-prem," Gyure tells ISMG. "Auto manufacturers, retail, state and local government - they all have millions of users that are authenticating to our system, and they're doing so in a frictionless way and they're doing so with high throughput."
KuppingerCole chided IBM for complicated licensing, limited configurations for family management, and no built-in identity proofing or out-of-the-box consumer device management portals. The complexity stems from thousands of customers already using CIAM in large deployments, and Gyure says a pricing calculator for the newest tools should deliver clients visibility and transparency into how IBM licenses.
"We're not going to be the experts in every area," Gyure says. "Customers already have investments in solutions that they're using, and those investments have to integrate into whatever CIAM solution they may choose. This is not a rip-and-replace conversation. We want to make this easy and consumable, and to do that means to leverage capabilities and investments that they may already have."
Okta has made strides to enable app builders to better manage user authentication at scale by enabling developers to add another layer of access controls that's more fine-grained and consistent across apps, says Matt Duench, senior director of product marketing. The company's flow editor allows for no-code integration with firms such as Duo directly into the platform by leveraging a drag-and-drop interface.
Duench says the company has debuted a deployment option in Microsoft Azure so that customers in Europe and elsewhere can deploy in the environment that makes the most sense for them. Okta has strengthened its account takeover prevention capability through investments in Credential Guard and has reduced bot attacks by 79% by incorporating machine-learning upgrades in its bot detection engine (see: Okta-Auth0 Sales Integration Falters, Fueling Staff Turnover).
"We were born in the cloud, and so we're really well suited for companies that are focused on digital transformation and cloud migration versus more of an on-prem system," Duench tells ISMG. "And that's because a lot of the flexibility that now you get from a cloud-based system you can get within our platform as well."
KuppingerCole criticized Okta for a lack of built-in behavioral biometrics, FIDO certification, and ability to collect device intel via mobile SDK. Okta says there are regulatory, privacy and technology constraints around capturing device intel via mobile SDK in consumer applications and that the company chose to allow customers to integrate Okta's CIAM tool with the behavioral biometrics technology of their choice.
"You need a cloud-based platform that is extensible, that is unified and that is neutral so that you can really allow the application builder to build those use cases in the way and using the methodologies that they're traditionally used to," Duench says.
Amanda “Mandy” Long, most recently vice president of information technology automation at IBM (NYSE: IBM), has joined BigBear.ai (NYSE: BBAI) as CEO and a board member.
Long succeeds Reggie Brothers, who will stay as a company adviser and transition to the role of operating partner at BigBear’s private equity owner AE Industrial Partners, the Columbia, Maryland-based company said Tuesday.
Brothers, a two-time Wash100 Award winner, has led the analytics and cyber engineering services company since its founding in December 2020.
Peter Cannito, chairman of the board at BigBear.ai, said Long brings to the company her experience in mergers and acquisitions and software products and expertise in advancing the adoption of artificial intelligence platforms, building technology portfolios and driving revenue growth.
“With Mandy at the helm, we expect to accelerate BigBear.ai’s ability to bring AI-based products to both Commercial and Federal markets as the Company transitions from a premier services and solutions provider to a technology-led, multi-market leader in AI,” Cannito added.
Long spent five years at IBM and held roles of increasing responsibility, including VP of IBM integration and application platform, general manager for IBM Watson health provider analytics and chief product and strategy officer, AI for IBM Watson. She previously served as VP of product management at Modernizing Medicine and Experian Health.