IBM Canada opened a Security Operations Centre in Markham, Ont., in 2004 with an initial investment of $40 million over five years. Another $43 million is necessary to keep up with the demand for security services from Canadian enterprises, said Nicole Stampatori, IBM Canada’s national practice leader for security, identity and privacy.
Since the SOC opened, IBM has largely focused on delivering managed services like intrusion detection, anti-virus, anti-spam. The fresh investment will allow the company to expand those services – particularly to small and medium-sized businesses – and bolster other areas like identity management.
A lot of enterprises have dealt with their perimeter security requirements and are now addressing their internal issues, like reporting and staff management, said Stampatori.
“Compliance, as an example, is driving a lot of companies (towards) a really good understanding of who connects to what system and the reports that can show that yes, this person has gotten access to this system,” she said.
The fact that IBM is willing to disclose its security funding levels is a signal to clients and competitors that it is serious about addressing the market, said IDC Canada Ltd. analyst Joe Greene.
“They know the Canadian marketplace is looking for help, particularly on the services side of things,” he said.
Even with growing support from IBM, as well as rivals Bell Canada and Telus, the Canadian security market continues to be underserved, said Greene. The number of potential corporate security threats is escalating, he said, and compliance issues around legislation like PIPEDA continue to confound businesses.
“It’s really only in the last two years that Canadian organizations really started to pay attention to security,” said Greene. He agreed with IBM’s assessment that larger enterprise clients are beginning to look more closely at security and identity management issues within their own walls.
“The big issue that Canadian organizations really need to come to grips with is the people and the process,” said Greene. “You may have the best anti-virus, anti-spyware and intrusion detection systems going, but if your people aren’t aware of what your actual security policies are, that can be a problem.”
Stampatori said that IBM Canada is also planning to offer more integrated security solutions that combine IT with physical security like biometrics and video surveillance.
According to the most recent data from IDC Canada, the Canadian security market will experience double-digit growth every year for the next five years. To meet expected demand, IBM plans to double its security workforce, increasing the number of security consultants and intelligent specialists it employs to approximately 150 by 2009.