As enterprise IT gets more complex figuring out exactly where the latest security flashpoint is has become increasingly more difficult.
To try and address that specific issue Hewlett-Packard at RSA Conference 2012 launched the HP Security Intelligence and Risk Management (SIRM) platform.
What make this interesting is that SIRM is actually correlating information from HP security products such as ArcSight, Fortify, and TippingPoint and its traditional systems management tools to identify particular security hotspots. That not only allows IT organizations to identify related issues, it also helps prioritize security remediation efforts. HP this week also unveiled HP Mobile Application Security, which identifies potential vulnerabilities on applications developed for Apple iOS and Google Android devices.
According to Michael Callahan, director of worldwide security product and solution marketing in the HP Networking group, HP is starting to leverage investments in a number of security and systems management technologies to bring about a long overdue convergence that should make security a core part of the systems management process. Historically, Callahan notes that security has pretty much been bolted on to IT management, resulting in an additional management framework that is often both more costly to implement and manage. SIRM is actually designed to be a component of the HP IT Performance Suite.
The convergence of systems and security management has been a long time in coming. As progress continues to be made, however, it’s not clear that IT organizations are today thinking about shifting roles and responsibilities within their organization. As IT managers gain more access to the tools they need to manage security effectively; security professionals should have more time to concentrate on policy issues. The degree to which that will happen will vary from one organization to another. But it’s clear that both IT management and security professionals would agree that it’s a level of convergence that’s been long overdue.