News, news analysis, and commentary on the latest trends in cybersecurity technology.

Kyndryl Expands Managed Security Services With More SOC Options

The 'SOC as a platform' offers organizations integrated security and IT operations management.

Source: Ton Snoei via Alamy

Kyndryl, the managed IT services business that was spun out of IBM nearly two years ago, has announced an ambitious expansion of its Security & Resiliency practice that involves providing a broader array of managed security operations center services.

Kyndryl calls its managed security service “SOC as a platform” because it provides a centralized management platform where organizations can use their existing security tools and integrate them with Kyndryl's services. Organizations can opt to have Kyndryl manage some or all their monitoring and security operations via Kyndryl's global network of SOCs, says Bryan Sartin, Kyndryl's VP of security and resiliency.

"Some of our customers have already made significant investments in a SOC, and we can enrich what they're doing today to make it more potent and impactful,” Sartin says.

In April, Kyndryl went live with its fourth SOC in Italy. The others are located in Canada, Spain, and Hungary. Kyndryl is building out two more SOCs in Japan and India that are slated to go live by the end of 2024.

Expanding Security Services Portfolio

Since Big Blue spun out its one-time profitable services business, Kyndryl officials say they have been transitioning from a heritage tied to IBM-focused technology and providing a broader mix of advisory, implementation, and modern security operations services. Kyndryl's managed security services are now available with a wider variety of technology options focused on security information and event management (SIEM), managed detection and response (MDR), endpoint detection and response (EDR), and vulnerability management. For example, organizations have a choice of SIEMs that include Microsoft Sentinel, Splunk, and IBM's QRadar, while for EDR Kyndryl offers Carbon Black, CrowdStrike, Microsoft Defender, and Trend Micro.

"Instead of bringing one to a customer and expecting the customer to meet us where we are, we want to have the flexibility to support what our customers are most in-demand of," Sartin says.

As part of the effort to expand security services, Kyndryl's consultants and Kyndryl Consult partners will perform assessments and work with CISOs on how to make organizations more resilient.

The managed security services and SOC as a platform are now available. Ultimately, Sartin says Kyndryl plans to integrate the SOC platform with Kyndryl Bridge, the company’s new IT operations and orchestration management platform. Announced last year, Kyndryl Bridge integrates with third-party hardware, software, and services, and uses artificial intelligence and machine learning to manage workflows.

Earlier this month, Kyndryl said it would add cybersecurity and resilience management to Kyndryl Bridge, providing visibility to security incident workflows and local and global compliance requirements. IDC research vice president Craig Robinson describes that as aspirational, a sentiment Enterprise Strategy Group analyst Dave Gruber shares.

“They aspire to perform these capabilities, plugging into existing security tech infrastructure, which should enable people to leverage what they already have, while filling in gaps in tech, skills, and processes,” Gruber says. Also, he noted that the planned enhancement to the Kyndryl Bridge console will ultimately provide a common UX for IT and security.

Kyndryl competes with top-tier players with formidable security practices, including Accenture, Deloitte, EY, and PwC. But Kyndryl is facing more challenges than its rivals.

"Kyndryl was able to rock it out of this former mothership of IBM with some nice revenue growth from the get-go," says IDC's Robinson. "Kyndryl's problem is they're not making money. So the proof will be in the pudding regarding whether or not they can show profitability — that's their short- and longer-term obstacle."

About the Author(s)

Jeffrey Schwartz, Contributing Writer

Jeffrey Schwartz is a journalist who has covered information security and all forms of business and enterprise IT, including client computing, data center and cloud infrastructure, and application development for more than 30 years. Jeff is a regular contributor to Channel Futures. Previously, he was editor-in-chief of Redmond magazine and contributed to its sister titles Redmond Channel Partner, Application Development Trends, and Virtualization Review. Earlier, he held editorial roles with CommunicationsWeek, InternetWeek, and VARBusiness. Jeff is based in the New York City suburb of Long Island.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights