clock menu more-arrow no yes

IBM Raises Its Security Profile With Threat Info-Sharing Initiative

CEO Ginni Rometty says sharing info on cyber attacks can help create an "immune system" for companies threatened by hackers.

Computing giant IBM has quietly started to raise the profile of its Internet security unit among its customer base as part of a broader effort to diversify its revenue away from hardware-related sales.

Key to the effort is a new IBM-led initiative to encourage companies to share intelligence about hacking attacks, as a way of creating what IBM CEO Ginni Rometty described as an “immune system” for businesses seeking to fend off the unceasing efforts of computer criminals.

Last week Big Blue said that its month-old X-Force Exchange threat intelligence network had already attracted more than 1,000 companies in 16 industries that are sharing threat intelligence. Companies that participate get access to information about attacks that IBM has saved over two decades plus anonymous data from companies contributing information about attacks on their systems.

“The more you share, the greater you’ll be protected,” Rometty said, according to a transcript of a speech she made to customers at a closed event in New York last week.

In the speech, Rometty also threw her weight behind the idea of a federal law that would give companies the ability to share information about cyber threats without facing liability lawsuits from customers.

“The immune system and the global public health system is the analogy there. … We all have to advocate that laws get passed that you can share data without liability issues, you have some protection in doing that,” she told IBM customers.

There is as yet no law in place that protects companies for sharing data on cyber threats. Earlier this year President Obama signed an executive order that is intended to encourage companies and the government to share information about hacking threats. The House of Representatives has passed a bill while a related bill in the Senate is awaiting action.

IBM doesn’t break out the size of its security business, but it has made several security-related acquisitions in recent years, including two cloud security companies, Cross Ideas and Lighthouse Security last year, and Trusteer, for which it paid $1 billion in 2013.

Rometty has also put security on her list of “strategic imperatives” — along with cloud and mobile computing, analytics and social data — that could account for $40 billion in combined revenue by 2018, and in which IBM is investing $4 billion this year.

IBM’s sales declined last year to $93 billion from about $100 billion the year before, in part because of slowdowns in some of its traditional computing hardware and software businesses, but also because it has been selling off business units. In 2014 it sold a server business unit to Lenovo and its chip-manufacturing assets to GlobalFoundries.

This article originally appeared on Recode.net.

Sign up for the newsletter Sign up for The Weeds

Get our essential policy newsletter delivered Fridays.