"The security business has no future", says IBM

IBM is to radically change its existing security strategy, instead concentrating on business sustainability, according to a leading executive speaking at the RSA Conference in San Francisco.

Val Rahmani, general manager at IBM Internet Security Systems, said that enterprises needed to fundamentally change their security strategies and follow a new mandate in the context of 'sustaining the business.'

"The security business has no future. We're putting an end to it. There are headlines every day," she said. "The security business' obsession with fighting worms, trojans, viruses, insiders, outsiders, criminals, Martians. It's a futile pursuit."

She said that IBM was tired of making traditional big efforts to be on top of the latest security threats because it was a never ending cycle of success and failure as new malware and methods of cybercrime came out every day.

"We keep rolling that boulder up the hill, and just when we think we've got there, along comes a new threat and we are starting all over again," she said.

Rahmani then answered the question of how the security business could be dead if IBM had bought twelve security companies last year and publicly stated that it was going to spend $1.5 billion (£750 million) this year on security.

"The answer is simple. We are spending all that money to get out of the business of security and into 'business sustainability'. I'm advising you now. That's the business we should all be in," she said.

She said that business sustainability was security, but in a business context where security is designed into systems and processes. This means that businesses could expand their capabilities and into new markets without increasing security risk.

Rahmani continued: "It's protecting our customers even when they don't know they need to be protected. It's about creating an environment where security risks cannot disrupt our online transaction and business processes. It's about providing a sensible roadmap for us all to get there."

She said that companies all knew that there would be continued threat to their business sustainability, and said that it wouldn't be able to work if industry continued to work on each individual security threat.

"The computer industry is growing at a rapid pace, and the threats they face are growing even faster. However, the security business is lagging," she said.

"The security industry pretty much looks like it was 20 years ago. Every product has a point solution. The problem with this mentality is that it is much better geared at solving Elk Cloner [one of the first known viruses that spread in the wild] instead of current parasitic threats."

At the RSA conference, host company RSA announced a number of new security products.

Email to a friend

Print this page