Cloud Security, Channel partners, Content

IBM Emphasizes Multi-Cloud Security Push

BARCELONA, SPAIN – FEBRUARY 26:  A logo sits illumintated outside the IBM booth on day 2 of the GSMA Mobile World Congress 2019 on February 26, 2019 in Barcelona, Spain. The annual Mobile World Congress hosts some of the world’s largest communications companies, with many unveiling their latest phones and wearables gadgets like foldable...

IBM has launched the Unified Key Orchestrator key management service to help organizations mitigate risk across their hybrid and multi-cloud environments, the technology giant disclosed today. Unified Key Orchestrator is now available on IBM Cloud.

Unified Key Orchestrator enables organizations to use IBM's cloud security capabilities both in the cloud and on premises, IBM indicated. It provides organizations with visibility and control over who has access to their data and enables them to run workloads across hybrid and multi-cloud environments.

In addition, Unified Key Orchestrator offers "one single point of control" for managing data across multiple platforms, IBM Cloud CTO Hillery Hunter asserted. As such, Unified Key Orchestrator helps organizations manage their encryption keys and protect data across a wide range of environments.

Unified Key Orchestrator also gives organizations a clear understanding of their security posture, IBM noted. In doing so, Unified Key Orchestrator helps organizations in highly regulated sectors comply with industry regulations.

IBM Prioritizes 'Keep Your Own Key'

Along with Unified Key Orchestrator, IBM provides IBM Cloud Hyper Protect Crypto Services and Guardium for cloud key management.

The Hyper Protect Crypto Services encrypt cloud data in a hardware security module and give organizations complete control over their encryption keys, according to IBM. They enable organizations to use keys to secure their applications, databases and files.

Meanwhile, organizations can use Guardium to centralize management of cloud encryption keys across multiple clouds, IBM stated. Guardium also helps organizations strengthen their security controls and reduce the risk of insider threats.

The new offerings surface amid challenging times for IBM’s overall security business. Indeed, IBM Security revenues are shrinking while most rivals are growing across the MSSP, MDR and Security Operations Center (SOC) markets. Still, there are multiple signs that IBM is making renewed investments in its security business.

CSPM and CIEM for Proper Cloud Security

Meanwhile, MSPs and MSSPs are increasingly embracing cloud infrastructure entitlement management (CIEM) and cloud security posture management (CSPM) tools to safeguard customers' cloud workloads.

Demand for CIEM- and CSPM-type solutions is surging. Among the reasons: 90 percent of organizations are susceptible to security breaches due to cloud misconfigurations, according to the “2021 Cloud Security Report: Cloud Configuration Risks Exposed” from application lifecycle security company Aqua Security.

With those risks in mind, annual CSPM spending will reach $9 billion by 2026, up from $4 billion in 2020, according to Markets and Markets. That’s a 14.4 percent compound annual growth rate.

On a related note, 41 percent of our Top 250 MSSP survey participants already offer CSPM to their end customers, MSSP Alert research found in September 2021.

Additional insights from Joe Panettieri.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.