AT&T and WillJam Ventures, a private equity (PE) investor, announced today the creation of LevelBlue, a joint venture to form a new, standalone managed and professional cybersecurity services business. This is a long-awaited outcome, as mentioned in my recent blog, and one I believe is largely positive. As with any major shifts, there are some pitfalls to avoid.
Staying true to the legacy AT&T Cybersecurity offerings, LevelBlue will continue to offer managed security services (MSS), cybersecurity consulting, threat intelligence and security operations center (SOC) support. LevelBlue brings more than 1,000 employees globally to the venture, with AT&T retaining minority ownership and board representation in the new entity.
So, really, what’s different? AT&T retains some ownership and AT&T leadership continues to be involved. All of the MSS and cybersecurity consulting business move to LevelBlue. The AT&T IP backbone is still very much a part of the MSS and SOC capabilities. AlienLab threat intelligence remains core to the new company’s services but is renamed LevelBlue Lab. My take is that with this arrangement, AT&T frees up much-needed capital to continue innovation in its network, cloud infrastructure, artificial intelligence (AI), Edge and digital transformation services while investing in and recognizing that its cybersecurity business requires the greater care and feeding that a PE firm can offer. AT&T invested millions of dollars in building out its data lake, threat intelligence, the well-subscribed open threat exchange (OTX), and the acquisition of AlienVault which became an awarded platform for AT&T’s threat lab, USM sensor network and MSS offerings. To meet future challenges, new investment is needed. Ideally the joint venture will enable innovation and acquisitions to secure future technologies like AI, quantum computing, the internet of things (IoT), critical infrastructure and industrial technologies.
Net net: AT&T has been looking to sell or divest its cyber business for several years. This is a positive outcome for both AT&T and the cybersecurity tranche it built, acquired for, and invested in. But the proof – as always – is in the pudding. Management by a PE firm doesn’t necessitate greater investment or financial freedom. New partnerships and revenue streams will be necessary as LevelBlue separates its day-to-day business from AT&T. Some questions to consider with this event: what will the channel relationship be between AT&T and LevelBlue? Will AT&T sales receive compensation to sell services for the new entity? What is the long-term arrangement for use of the AT&T backbone and data lake? Are these perpetually embedded in LevelBlue?
I believe that current and future customers can be assured by the continuation of the global AT&T cybersecurity services underpinned by AT&T’s network and deep threat expertise now named LevelBlue. At the same time, AT&T must strive to migrate LevelBlue’s operations seamlessly to reduce customer attrition. Any bump in the road can cause customer concern. Hopefully, there is an arrangement for AT&T sales to still make money upselling LevelBlue at least in the near-term. This will ease the urgency of finding new revenue streams. I hope and expect to see some bold moves in the first year of business where security of and for the above-mentioned future technologies are top of mind. With these Investments I would love to see LevelBlue attract seasoned cybersecurity luminaries to drive its future forward. Short of these signposts the venture risks becoming a divestiture and not an investment into the cybersecurity industry AT&T has served so well for so long.
I will be tracking this event in the coming months. Briefings from LevelBLue, glowing testimonials from clients and evident investment will perpetuate my optimism about this next era for AT&T’s cybersecurity business.
Very insightful, thank. you for sharing