Tech giant IBM ( IBM ) outplayed the cybersecurity industry in 2015, with its security sales ramping 12% to $2 billion, outpacing pure players Symantec ( SYMC ) and Check Point Software Technology ( CHKP ), and topping Palo Alto Networks ( PANW ), Proofpoint ( PFPT ), Fortinet ( FTNT ) and FireEye ( FEYE ). Fellow broad-based tech giant Cisco Systems ( CSCO ) also posted 12% growth in its security business in 2015, as the sector becomes more crucial to some of tech’s biggest companies. IBM’s overall sales fell 12% in 2015 to $81.5 billion, so the five-year-old security business still accounts for only 2.4% of total sales. In Q1, the pace quickened. IBM Security sales, on a constant currency basis, jumped 20% year over year to $400 million, where the company’s overall revenue slipped 2% on a constant currency basis. Wall Street sees the beginning of a battle pitting IBM, Cisco and other giants salivating over the ripe cybersecurity market against the younger pure players, many of which aren’t yet 10 years separated from their IPOs. After 100 days on the job — which included acquiring incident response company Resilient Systems — General Manager Marc van Zadelhoff says that IBM Security is ready for the donnybrook. In 2015, IBM Security hired 1,000 employees, bringing its staff to more than 7,000. This year, van Zadelhoff told IBD, he hopes to match that as IBM delves further into the red-hot cybersecurity game, backed by the company’s Big Data, analytics and cognition expertise. He recently spoke with IBD. IBD : What key takeaways do you have after 100 days with IBM Security? Van Zadelhoff: I think we’re in the sweet spot. I think when you move into a general manager chair managing 7,000 people, you get the vibe. And the vibe I get after 100 days is the team is really excited. Our customers are jazzed. We put an idea together five years ago. It’s never been more clear than on my 100th day in this job that the idea is resonating with customers. IBD : Where is IBM Security excelling? Van Zadelhoff: What’s working well is the unique combination of software, SaaS (software as a service) and services that we’ve built over the last five years. The core of the strategy was people needed something beyond the moats and castles, firewalls and antivirus. They needed analytics and intelligence in their software and in their managed service, and they needed not just technology, they needed people to help them transform. Over in Europe, we have so many customers where we have been in the midst of building their new security teams, their new security operations centers (SOCs). To handle modern security issues, you need a high-tech chief information security officer and office to deal with this, and that’s what we’ve been building with our customers. IBD : How does security fit in with IBM’s overall strategy? Van Zadelhoff: It’s become a sizable unit within IBM that handles all the issues customers have in security. But it’s also an integral part of some of these other businesses. We are incredibly active in securing customers’ migration to IBM cloud. IBM cloud is growing very rapidly, and we are the security layer that people can use to move through the cloud. We are increasingly collaborating with (IBM supercomputer) Watson in the cognitive area. We have always been very important in helping to secure analytics and our Big Data business. And if you look at our global technology service and our outsourcing customers, we have a lot of partnerships including our products and services to help our outsourcing customers stay secure. Each part of IBM provides us the opportunity to talk about the security you need to go to as you’re innovating. You cannot say no to innovation as a security team. The net (result) is security, is an integrated unit and (is) sprinkled across everything IBM is doing. IBD : How does IBM Security differentiate from pure players in the market? Van Zadelhoff: The average large customer has something like 100-150 security tools from 30-40 vendors. That’s the history we saw five years ago when we put our strategy together. Fundamentally, our strategy is very simple. It is to put a different option on the table for customers, ones where they can adopt a system of capabilities that spans multiple areas. The part we’ve been doing in addition to being in 14 different segments of the market is we’re meeting best in class. If you look at Forrester, Gartner, IDC, they would have us as an A leader or a B leader in virtually every one of those segments. Big is great, but you have to be best in class. And the third piece is integration. But we know we also have to integrate and be open. So we’re integrated across our entire portfolio. We also have over 400 separate vendors who have integrated with the IBM Security stack. IBD : What cybersecurity trends do you see highlighting 2016? Van Zadelhoff: Customers are placing controls in place of security, but they’re missing the big picture of a Big Data security platform and a team, a SOC (system on a chip) that leverages Big Data analytics — our QRadar platform — and has the ability to hunt for the attacker as opposed to looking at historical data. We’re enabling them to transform their security operations with forward and predictive analytics around attacks, compliance and insiders. I think this year will be the year of the SOC transformation that’s going to be driven by the increase in ransomware, the increase in high-value data theft like health care data. It’s ransomware, it’s the theft of high-value data, it’s the emergence of IoT (Internet of Things) and cloud — all these things mean you have to have a highly-analytical SOC in place, and that’s what we’re helping customers to do. IBD : Obama is dedicating $3.1 billion to modernizing government cybersecurity infrastructures. How do you see the industry benefiting? Van Zadelhoff: I think what Obama and every CISO (chief information security officer) is realizing is that there are more intelligence systems available to do analytics but also to do identity and access management (IAM) — where we have a leading portfolio — patch management, mobile security or data security. We’re too slow to adopt that. We’re hanging on to 1980s versions of doing patch management, where you can’t patch something for a month or two after finding a vulnerability in your system. Well, the technology in my portfolio can do that in an hour, so why are you using yesterday’s technology to do that? We’re seeing governments trying to catch up to the innovation in the private sector, and the money you mentioned will help the government to modernize. IBD : Will 2016 be a year of M&A in the cybersecurity industry, and how does IBM’s recent acquisition of Resilient Systems fit into its strategy? Van Zadelhoff: I think you’re going to continue to see acquisitions in the industry. We always weigh off buying capability, building it or partnering, and you’ve seen us do all flavors of that for the last 18 months. Where the industry has invested too little is in technology that does incident response. In those modern SOCs, because you’re gathering so much data, by definition you’re developing incidents. Those incidents, once you discover them, need to be resolved. You need the next step in the process; that’s what Resilient does. Take 20,000 records leaked, for example, half in the U.K. and half in California. You detect that in your SOC, you bump that up into the Resilient app, and then Resilient will walk you through. “The 10,000 records that were in the U.K.: Here’s the regulator, here’s the process, here’s a lawyer, and here’s what you have to do to inform the customers. For the ones in California, different regulatory regime, different process, different lawyer, here’s how you get the resolution on that half of the incident.” Image provided by Shutterstock .