Managed Security Services (MSS) are changing to meet the challenges of security and risk professionals. Earlier requirements for monitoring logs and security events are being surpassed by a growing requirement for a partner that can deliver proactive services supported by threat intelligence, advanced threat hunting and a response capability. Although the managed security services market is mature, changing requirements and an increasing reliance on specialist skills means that security expenditure on services continues to increase. This is true even during the likely global recession as regulation and governance policy require organisations to maintain their security posture even during times of financial hardship. Westlands Advisory believes that demand for MSS will grow annually at a CAGR of 5.7% from 2019-2023.
T-Systems (Telekom Security) is an organisation that has been outpacing the industry growth rate, evolving to meet customer requirements without embarking on an acquisition strategy. The large base of customers, technical experience and scale of Telekom Security enables the organisation to deliver a high value and personalised service.
The Telekom Security capability has been developed internally and in collaboration with customers, resulting in a global operation (24/7 SOC’s in 6 global locations and multiple 8/5 SOC’s), providing real-time local support to globally dispersed enterprises. To ensure high quality service delivery, the strategy is heavily based on delivering market access, industry vertical know-how, availability of specialist skills and delivery of best-in-breed technology through partnership networks. This includes working with Global partners, technology vendors and through strategic alliances.
Strategic alliances broadly fall into two categories: sharing of information and development of expertise. Whilst several alliances are not strictly one category or the other, information sharing initiatives includes relationships with the German Army and CSSA (Cyber Security Sharing and Analytics), whilst the development of technical expertise, particularly related to Machine Intelligence, includes University networks (Ben Gurion, Munich and Karlruhe), and the Hasso Plattner Institute. Alliances with technology vendors, including the recently announced strategic partnership with Palo Alto Networks to build services to secure the end-to-end security journey across networks, endpoints and the cloud, are also an important part of Telekom Security’s capability development plan.
Differentiating services and adding unique value is essential in a highly competitive market where customers have a wide choice of partners. The organisations role as a telecom operator, and the trust it has built with customers over a sustained period of time, has enabled Telekom Security to collect, anonymise and analyse network and threat data to deliver deep threat intelligence. Threat Intelligence services are segmented according to core cyber disciplines, including strategic, tactical, operational and technical. At a technical level T-Systems has developed unique expertise around passive DNS and black hole monitoring (identification of IP addresses that should not be receiving any traffic).
Beyond a global SOC network, deep threat intelligence, and the use of best-in-breed technology, Telekom Systems also focuses on the critical but often forgotten part of cyber security – people. Services include running education programs to help improve cyber awareness throughout customer organisations.
Telekom Security’s commitment to delivering high quality managed security services through evolving its offer with key customers and partners positions the organisation well in today’s MSS market. The next chapter in the organisation’s growth – an independent security operation with more autonomy – will allow Telekom Security greater flexibility to build a world class security operation.