The enemy of my enemy is my friend, so the saying goes.
As the WannaCry ransomware attacks lit up the globe earlier this month, the security research teams at Cisco and IBM set up an open line of communication with one another as they scrambled, along with the rest of the world, to ascertain the digital worm's damage and to prevent others from falling victim. Now the pair of companies is consummating the partnership.
Cisco (CSCO, +0.92%) and IBM (IBM, +0.03%) have decided to join forces to swap threat intelligence between their internal research groups when investigating major hacks moving forward. The two companies are also planning to add product integrations that connect their portfolios over the course of the year.
Security companies issue press releases to this effect all the time, striking up relationships among smaller upstarts. What makes this partnership notable is that it involves some of the biggest players in cybersecurity coming together.
The two titans, whose security businesses amount to more than $2 billion apiece in revenues, plan to have their respective security research teams—Cisco's Talos and IBM's X-Force—coordinate as they dig into big security incidents, just as they did during the WannaCry onslaught. They believe that doing so will help them better respond to attacks and protect customers.
The teams are similar in size. Talos has about 300 people, and X-Force has "well over one hundred folks," according to Marc van Zadelhoff, general manager of IBM Security.
In addition, the companies are making their security tools more interoperable. Though the two companies are rivals, they have rather complimentary security portfolios; Cisco dominates the cloud and networking side, while IBM reins over services, intelligence collection, and analytics.
The two companies believe that by linking their products, they will help alleviate stress faced by customers often overwhelmed by a plethora of options from smaller security vendors.
"There's a dog's breakfast of different tools they're trying to throw at the security problem," David Ulevitch, vice president of Cisco Security, said on a call. IBM and Cisco "work well together, so you don't have that friction between capabilities."
As part of the deal, Cisco said it would be build apps on IBM's QRadar threat intelligence platform, a software tool used to manage the flow of information for analysts in security operations centers. Cisco plans to develop an app for Firepower, its network firewall product, and another for Threat Grid, a sandboxing tool that analyzes malware.
The apps will becoming available in coming weeks, Ulevitch told Fortune. The company plans to demo them at the end of June.
On the other side, IBM plans to better incorporate Cisco's products into its IT service support offerings beginning in the next few months. Cisco's products are slated to gain additional capability from tie-ins with IBM's Resilient software, an incident response tool, and Watson for Cybersecurity, IBM's bet on artificial intelligence, a intelligence analysis product that has been coming online slowly but surely in recent months.
Marc van Zadelhoff, the general manager of IBM Security, has long discussed his desire for more collaboration and intelligence sharing between cybersecurity companies. He told Fortune last year that defenders could learn a thing or two from cybercriminals, who swap tools and tactics all the time.
"You can't hoard stuff close," van Zadelhoff told Fortune on a the recent joint call with Ulevitch. "You have to open up and collaborate to get ahead of the hackers."
The move matches what Ulevitch has been saying as well. At the RSA security conference earlier this year, Ulevitch raised a point in his keynote talk, which he previewed exclusively with Fortune, that security vendors needed to have better out-of-the-box integrations between their products to make life easier on customers.
Ulevitch and van Zadelhoff apparently began chatting about the possibility of a Cisco-IBM partnership at that very same conference, the pair told Fortune. The talks accelerated after both sides were pleased with their responses during the trial run presented by WannaCry.
This partnership between Cisco and IBM represents a move to strengthen and consolidate their holds on the market for outsourced cybersecurity services. Consulting and IT outsourcing are the largest and fastest growing areas for spending in information, a Gartner report found last year."Putting IBM and Cisco together, they become almost like the two-headed monster in security," said Steve Morgan, founder and CEO of Cybersecurity Ventures, a market research firm based in Menlo Park, Calif. "The size and scale of what they would have together would be unrivaled."