With its latest security push, IBM is advocating a new approach to risk management that Big Blue is betting will limit the impact of threats, improve business resilience, and create an enterprise free of fear.

Instead of offering security technologies implemented in silos that don't address end-to-end risk, IBM's new initiative addresses security across several I.T. domains, from physical security to application security to identity and access management.

"For many enterprises, security is broken," Tom Noonan, general manager of IBM's Internet Security Systems, said in a statement. "The nature of evolving threats is such that installing point solutions to 'keep the bad guys out' is no longer a viable way to secure a business."

Advocating New Approaches

Fueled by recent security business acquisitions, IBM's company-wide initiative is entering the picture even as companies around the globe face increased regulation and scrutiny. The daily risk of security exposure and the cost to combat it are growing. In North America alone, companies are expected to spend almost $30 billion on governance, risk, and compliance this year, according to AMR Research.

The first wave of IBM's new security services and products will tackle security concerns from the enterprise to the edge of corporate networks. IBM's Internet Security Systems (ISS) unit is helping lead the way, teaming with IBM Research and integrating with IBM's Software and Systems businesses to deliver advanced risk-management capabilities.

Specifically, IBM announced data -inspection software that aims to prevent the loss of data and related services. The company also introduced enhanced data-security software to track, report, and investigate possible security breaches on the corporate network. New risk-management tools help I.T. execs assess risks.

Taking a Holistic Approach

Security has been a key issue among I.T.-focused enterprises for many years. And IBM has established its deep knowledge of security in hardware and middleware partly through acquisitions. With this security move, IBM seems to be putting a wrapper around those acquisitions to offer a highly integrated approach aimed at helping its large business customers, according to Charles King, principal analyst at Pund-IT Research.

From King's point of view, IBM's mainframes provide levels of application security, data security, and hardware security that is unmatched by any other enterprise computing platform. According to King, Big Blue's new initiative strengthens its position in the market.

"Security is something most businesses have historically approached in a piecemeal fashion. If you are having problems with external threats, you get one set of software. If you are having concerns about the way data is being used internally, you get another solution," King said.

The way businesses are evolving now -- increasingly dispersed across multiple locations, working with partners in many overseas locations, and driving more and more toward Web-based and Web-accessible applications -- many companies need to take a close look at the way they deal with security, King concluded. IBM's approach, he said, is correct for today's market risks.