AT&T is spinning off its cybersecurity business to form LevelBlue

Wireless communications giant AT&T has spun off its managed cybersecurity business to create a standalone company called LevelBlue, which will enter the highly competitive market with more than 1,300 employees and seven operations centers around the world.

The announcement on the first day of the RSA conference in San Francisco comes six months after AT&T announced its intentions for a joint venture with Chicago-based investment firm WillJam Ventures. The telecommunications company will retain a minority stake in the new company, which will be headquartered in Dallas and have offices in Ireland, Spain and Australia.

Bob McCullen, the former CEO of Trustwave, a provider of cybersecurity and managed security services, is the chairman and CEO of LevelBlue, while Sundhar Annamalai – a longtime AT&T executive who was most recently vice president of transformation and strategy at health insurer Humana – served as president. .

When announcing the plan in November 2023, AT&T executives noted that the company is integrating more security capabilities into networking and edge products and that building out the AT&T Cybersecurity managed services business will give the company a managed services partner to rely on. can lean. They reiterated this point again at RSA, with Rick Welday, executive vice president of AT&T’s Enterprise Markets business unit, saying in a statement that “as we continue to embed more security capabilities into our core network, this venture simultaneously allows us to step further to stay ahead of evolving cyber threats and promote innovation in cybersecurity.”

AI and the cloud

In a blog post, McCullen pointed to the rapidly evolving enterprise computing landscape and the need for managed cybersecurity services to keep up with the changes.

“As organizations continue to innovate, technologies such as artificial intelligence (AI) and cloud computing are creating a more dynamic, expansive threat landscape,” he wrote. “With LevelBlue, organizations no longer have to sacrifice innovation for security – they achieve both with confidence.”

McCullen added that “cyber resilience is not easy to define, nor is it easily achievable without the necessary support. LevelBlue’s strategic cybersecurity services will help solve this challenge at a time when it is needed most.”

The new company will bring with it the capabilities it had when it was part of AT&T, including managed security services to implement plans that focus on security while addressing issues of cost and complexity. It also provides consulting services to help organizations assess their needs, plan and design their operations, identify top security priorities, and launch proactive and preventive techniques.

LevelBlue also comes with four global Security Operations Networks (SOCs) and three Network Operations Centers (NOCs) running 24 hours a day. The threat intelligence group operates a platform that uses machine learning techniques and its support from the Open Threat Exchange (OTX), which the company says has more than 235,000 security experts submitting more than 20 million threat indicators every day.

Cancel debts

Reports of AT&T’s decision to let go of its security business began circulating in early 2023, with Reuters reporting that it was part of a larger effort to divest businesses to reduce debt resulting from the Time Warner acquisition worth $108.7 billion in 2018, a deal that Carrier reversed course three years later by expanding with Discovery to create a new company.

The same year it bought Time Warner, AT&T also acquired Alienvault to form the foundation for its new cybersecurity business, which it hoped would attract more business. According to Reuters, AT&T has reduced its net debt by about $24 billion in 2022 and plans to save another $100 billion next year. At the end of December, the carrier’s debt stood at $132.2 billion.

Synopsys to sell software security unit

AT&T isn’t the only tech company to announce it’s divesting the security portion of its business. Silicon design and verification company Synopsys announced the same day a deal with two private equity firms, Clearlake Capital Group and Franciso Partners, to sell its Software Integrity Group business for up to $2.1 billion with the aim of building a new, privately held company to target application security testing software.

Once again, the driving force behind this decision was the rapidly growing AI landscape.

“For Synopsys, this move sharpens our focus on the unprecedented, high-growth opportunities we have in our core businesses – where silicon and systems engineering converge as technology R&D teams seek to capitalize on this AI-driven era of ubiquitous intelligence. Synopsys President and CEO Sassine Ghazi said in a statement.

The company’s Software Integrity Group offers a range of software and services intended to give developers tools to ensure the security of the software they build. It includes the Polaris Software Integrity Platform, software risk analysis tools such as composition analysis, fuzz and security testing, and penetration testing.

Additionally, services range from insider threat detection and red teaming to threat modeling and security testing.

The deal is expected to be completed in the second half of the year. The new company is expected to be led by the Software Integrity Group management team. A new name will be announced later.