IBM is acquiring Spanugo, a California-based provider of cloud cyber-security posture management to meet the security demands of its clients in highly regulated industries. IBM will integrate Spanugo software into its public cloud.
 
Late last year, IBM announced it designed the world’s first financial services public cloud to help address the requirements of financial services institutions for regulatory compliance, security and resiliency. Once available, it will provide preventative and compensatory controls for financial services regulatory workloads, multi-architecture support and proactive and automated security, leveraging high levels of encryption certification.
 
The addition of Spanugo software will help accelerate the availability of a security control centre that will enable IBM clients to define compliance profiles, manage controls and, in continuous real time, monitor compliance across their organisation.
 
“IBM is committed to building the industry’s most secure and open public cloud for business,” said Howard Boville, senior vice president at IBM. “With the acquisition of Spanugo, we have taken another major step in advancing IBM’s differentiated capabilities in security and compliance for our enterprise clients, including those in highly regulated industries. Bringing Spanugo’s technology into our financial services public cloud will help provide our clients with evidence of their on-going compliance, in real time.”
 
As companies move increasingly significant and sensitive workloads to the cloud, management of security and compliance becomes more complex. For businesses in highly regulated industries, including financial services, healthcare, insurance, telco and more, cloud environments are most useful when they are approved for sensitive information and run workloads subject to strict regulatory and compliance guidelines.
 
When an organisation is audited, for example, Spanugo’s technology can efficiently and transparently demonstrate cyber-security compliance in real time. Additionally, it delivers a continuous process of cloud security improvement and adaptation to reduce the likelihood of a successful attack. Spanugo software will be incorporated into a suite of capabilities within IBM public cloud services.
 
“Spanugo’s strong domain knowledge and experience in security posture management is a natural complement to IBM’s public cloud offerings,” said Doc Vaidhyanathan, cofounder and chief product officer at Spanugo. “By joining IBM on its mission to be the most secure public cloud for the enterprise, we’re able to deeply serve businesses across industries that require verifiable, audit-ready, real-time cyber-security posturing.”
 
IBM continues to invest in the security capabilities of its public cloud having previously announced services that further its focus as a secure and open public cloud for business. As part of this, it introduced cryptographic technology for the cloud called Keep Your Own Key. This gives enterprises the ability to retain control of their own encryption keys and the hardware security modules that protect them so users are the only ones who can control access to their data.