“IBM’s acquisition of Guardium brings a major player into the data security market. However, in the long run, Big Blue will find that their purchase will not fully meet market needs. Today’s enterprises are shifting away from siloed security products in favor of an integrated approach that protects more than just databases,” says Shlomo Kramer, CEO at Imperva. “IBM may have just added a new product to their extensive catalog, but they’ve also created a major integration headache if they wish to fully meet customer demands.”
Just as we’ve seen in the network security space where the vast number of disparate solutions required SIEM to be effectively managed, a similar transformation is occurring in the data security space. No longer can data security be viewed through the myopic lens of databases, or Web applications, or other data points. Data security must be viewed holistically to be effective from an incident prevention, detection, response, and auditing perspective. Effective data security requires integration across the data stack, not just the database.
In short: database protection without considering Web applications and other data security variables is like locking your car but leaving the windows rolled down.