Last month, Ed and I spent a couple days in Paris with Orange's management team for their annual analyst event. Overall I was impressed with Orange’s innovation in business service offerings as well as their extensive global reach. Many of the large telecoms (Verizon, AT&T, Sprint, etc.) have had to and very much want to expand their business offerings. The telecoms clearly see platform-as-a-service as the natural extension of their core telecom business. Just selling bandwidth is no longer sufficient for these companies, which is in fact now a commodity business. Orange is no exception. This evolution in the telecom business model has been successful due to the industry’s ability to:
Offer endpoint and network security optimization solutions coherent with their existing bandwidth business. With their unique vantage point over the network, the telecoms are ideally placed to deliver “clean pipe” Internet service by stopping outside network threats before they reach their customers’ endpoints. For instance, Orange’s DDoS protection service can leverage their large global footprint and control over the infrastructure to gather intelligence and exercise defensive measures farther up the stack than most of their non-telecom competitors.
Through this process, we uncovered a market that we believe is currently ripe for a major disruption: market demand for managed security services (MSS) remains extremely strong, customer satisfaction is higher than we’ve seen in the past, and current MSSPs tend to compete on delivery, customer service, and cost.
This isn’t to say MSSPs all currently offer the same services with the same level of quality – not by a long shot. Selecting the right provider still means that you must understand your needs and the areas you feel they can enhance your security program the most. Each MSSP we evaluated has solid overall security capabilities, but has unique strengths in certain security areas and use different deployment methods to bring their offerings to bear.
At the same time, however, we hear more decisions today come down to cost and execution, and as this becomes more commonplace, we begin to prepare ourselves for a shift in the market. In fact, we believe we’ll see significant changes over the next couple of years for three primary reasons:
Dell announced Tuesday its intent to acquire managed security services provider (MSSP) SecureWorks for an undisclosed amount. SecureWorks, which acquired VeriSign's Managed Security Services in July 2009, has been growing their business significantly over recent years. Dell on the other hand, has been strengthening its services arm and moving towards a more solutions-centric approach. SecureWorks will continue to act as a separate business unit and will maintain its offerings, keeping its consulting and services intact. This deal was surprising but not shocking. As information security becomes an integral part of the infrastructure, large system vendors strive to build or buy security capabilities into their products and services. Here are our initial thoughts on the acquisition:
Dell builds a security foundation through SecureWorks capabilities. Dell doesn’t have a strong security presence - And similar to the RSA/EMC acquisition, SecureWorks will become the security division of Dell. This acquisition will enrich Dell’s portfolio with a well-respected managed security services company with expertise in threat intelligence, infrastructure security, and strong customer service.
SecureWorks and Dell find new revenue streams through security offerings. Infrastructure security is becoming ever more important as organizations embrace data center consolidation and the cloud. SecureWorks offerings will strengthen the business case for Dell while keeping customers secure. On the other hand, SecureWorks will find new industries and geographies beyond government, utilities, and retail services.