Procter & Gamble Taps IBM ISS For Cybersecurity Contract

IBM on Friday plans to announce that Procter & Gamble has chosen IBM's Internet Security Systems (ISS) unit to enhance the consumer goods giant's cybersecurity worldwide.

The five-year deal, the largest to date for ISS, centers on the creation of a Virtual Security Operations Center (VSOC), managed by ISS. The VSOC will serve as a single point of control for a mix of P&G security products and associated data.

"By teaming with IBM ISS our objective is to both strengthen our security systems and improve the efficiency and effectiveness of our security operations," said Willie Alvarado, P&G's director of enterprise infrastructure services, said in a statement. "Working with IBM we believe we can deliver substantial cost savings and offer the business a security solution that is both strong and sustainable."

P&G expects that VSOC, a Web portal that combines vulnerability assessment, data correlation, and data analysis, will make managing its security systems easier and will lead to cost savings. The VSOC will allow ISS to more easily monitor and maintain P&G's four existing IBM ISS Proventia SiteProtector management consoles used in Asia, Europe, and North America.

The deal helps validate IBM's series of security-related acquisitions over the past two years. IBM bought ISS for $1.3 billion in October 2006, Watchfire in June 2007, and Encentuate in March 2008. Sale prices for the latter two companies, both privately held, were not disclosed.

Charles King, principal analyst for IT consulting firm Pund-IT, estimates the value of the deal to IBM to be in the low tens of millions of dollars over its five-year term. He says that P&G's decision to contract with ISS represents a significant vote of confidence. He sees the deal as a sign that large companies don't want to deal with point solutions for security.

"Traditionally businesses have tended to deploy multiple small point security solutions, sometimes provided by multiple vendors," said King. "While that model worked pretty well for a long time, I think business infrastructures are getting complicated enough that approaching security from a single vendor point of view makes a lot of sense for many enterprises."

In a move consistent with that assessment, IBM last November launched a $1.5 billion security initiative focused on a unified strategic approach to risk management.

To help understand the security landscape better, InformationWeek has published its 2008 Security Survey. Download the report here (registration required).