IBM‘s Acquisition of Polar Security and the Emerging Market of Data Security Posture Management
IBM‘s recent acquisition of Polar Security has brought attention to a rapidly growing market space for cybersecurity, referred to as Data Security Posture Management (DSPM). The acquisition is IBM‘s fifth this year, and it reflects the company’s focus on expanding its data security products portfolio. Polar Security is one of the many startups based in Israel that offer a new class of tools specializing in discovering, monitoring, and securing sensitive data across hybrid and multi-cloud environments.
Data Classification in the Cloud
The primary selling point of products from Polar and other companies like it is their ability to classify discovered data automatically. These technologies are agentless and have the claimed ability to identify sensitive data within minutes, classify them into categories such as PII (personally identifiable information), PHI (Protected Health Information), and PCI (Payment Card Industry), and monitor user access to them while discovering threats. Gartner, which named the category DSPM in 2020, describes it as enabling organizations to discover shadow data that are both structured and unstructured in various cloud service providers, data lakes, and SaaS environments. The analyst firm has predicted that more than 20% of organizations will deploy a DSPM capability by 2026 due to urgent requirements to identify and locate unknown data repositories and mitigate associated security and privacy risks.
The Vibrant DSPM Market
Richard Stiennon, chief research analyst at IT-Harvest, says his firm currently tracks over a dozen vendors in the DSPM market, with at least 16 players. Polar, which launched in 2021 and had 30 employees at the time of purchase, was in the middle of the pack. Among the larger vendors are Wiz, Laminar, and Cyera, with a headcount of around 75 and 95 employees, respectively. The proliferation of DSPM vendors indicates the growing concern among enterprises regarding data exposure in cloud and SaaS environments.
IBM‘s Cloud Security Investment and a Potential Land Grab
IBM‘s acquisition of Polar is expected to push other technology heavyweights into the DSPM space. Rik Turner, an analyst with Omdia, compares this move to similar land grabs that have occurred in the past when new technologies emerged. Currently, many DSPM vendors are startups, but this could change as bigger players move into the market. IBM‘s purchase of Polar has raised the profile of DSPM as a technology and could potentially trigger a land grab, with other cyber industry majors buying one of Polar‘s competitors. Rumors suggest Laminar is in talks with a potential buyer or two. Already, CSP vendors like Orca and Wiz added DSPM capabilities to their portfolio, signaling a growing interest in this emerging technology.
Editorial and Advice
The DSPM market’s rapid growth reflects the increasing concern among enterprises regarding data exposure in cloud and SaaS environments. The ability to classify data automatically and monitor access and threats has become a top priority for organizations. IBM‘s acquisition of Polar Security and subsequent integration of Polar‘s technology with its Guardium portfolio shows the company’s commitment to expanding its data security products portfolio.
As the DSPM market continues to mature and grow, it is essential for organizations to prioritize classifying and protecting their data. This requires having a clear understanding of the data they have, where it resides, and how to secure it. DSPM platforms, like those offered by Polar and other vendors, can help organizations effectively discover, classify, and secure their data.
It is also crucial for organizations to keep an eye on the emergence of this technology and stay informed of the latest developments, as this market is expected to grow significantly over the next five years. Adopting DSPM capabilities can help organizations mitigate the risks associated with data exposure and ensure compliance with data privacy regulations.
Lastly, with the potential for a land grab in the DSPM market, it is crucial for organizations to choose a vendor that aligns with their data security goals, offers reliable and effective data classification, monitoring, and protection capabilities, and is committed to meeting their evolving security needs.
<< photo by George Becker >>
You might want to read !
- “Improving Incident Response: Leveraging Security Testing to Enhance Your Defenses”
- ChatGPT CEO advocates for new AI regulatory agency in congressional hearing
- Unfixable Buffer Overflow Found in Belkin Wemo Smart Plug V2
- “IBM Bolsters Cybersecurity Offerings with Acquisition of Polar Security”
- Why Cloud-Native Enablement is Causing Catch-Up Cycles for AppSec Teams
- Breaking Down Data Siloes: The Key to Effective SecOps
- The Future of Cybersecurity: Investors Place $6M Bet on Manifest’s SBOM Management Technology
- “Federal Agencies Urged by GAO to Fully Implement Essential Cloud Security Practices”
- “Exploring the Growing Dependence on Multicloud Security for Enterprise Cloud Workloads Protection”
- The State of Cloud Security: Microsoft Azure VMs Among the Targets of Recent Cyberattack
