CEOs may look twice at IBM's new security suite, services as Target's head rolls

IBM picked a good day to launch a suite of security tools and services: a Monday morning when many CEOs saw in their news roundup that retailer Target is newly rid of a CEO who presided over a catastrophic data breach.

The new IBM Threat Protection System product suite and the Critical Data Protection Program set of IT services are aimed at enterprises that want to protect themselves against data theft.

The business consequences of poor enterprise security are growing ever larger, as cybercriminals get more ambitious: last year's intrusion into point-of-sale systems at Target led to the theft of 40 million credit cards and personal data on 70 million people. While the company's CIO was replaced earlier, the chairman and CEO Gregg Steinhafel is now stepping down as well, the retailer announced.

IBM's new and improved security products go beyond perimeter firewalls and signature-based defenses, and use behavioral analytics and other advanced methods to defend against zero-day attacks, breaches and general and targeted attacks, the company said Monday.

The IBM Threat Protection System includes a new Trusteer Apex tool designed for zapping malware in endpoints and improvements to the IBM Network Protection security appliance for quarantining against attacks. The QRadar Security Intelligence platform has improved ability to detect attacks and block them. It also includes a new product called IBM Security QRadar Incident Forensics. This suite can be monitored by IBM from its security operations centers on behalf of customers who purchase it.

Meanwhile, the IBM Critical Data Protection Program's set of consulting and IT services are designed to safeguard an enterprises' most valuable data, such as merger and divestiture plans, confidential board communications and intellectual property. This suite of services can help companies define, find and secure this data.

IBM formed a dedicated cybersecurity business in late 2011 and the products and services announced Monday are the result of in-house development as well as acquisitions of companies like Q1 Labs, Trusteer, Guardium, Ounce Labs and Watchfire in the past two years, according to the company.

IBM said that the average cost of an enterprise data breach is US$3.5 million and that in the case of deliberate, targeted attacks, the average cost to the company is $9.4 million for damages to their brands specifically.

IBM didn't immediately respond to a request for comment about pricing and availability of these products and services.