AT&T announced a new standalone security division, AT&T Cybersecurity, at this week’s RSA Conference. It combines technology and threat intelligence from Alien Vault, which the operator acquired last year, and AT&T’s security consulting and managed services.
Also this week, AT&T became the first North American operator to join the Global Telco Security Alliance. The group, which was launched last year by Etisalat, Singtel, SoftBank, and Telefónica, shares threat intelligence and security best practices in an effort to help telcos protect their customers from cyberattacks. AT&T joined as a founding member.
“Threat intelligence will continue to be a core of what we do,” said Sanjay Ramnath, assistant vice president of product marketing for AT&T Cybersecurity, in an interview at RSA. “We already have a really strong history of collaborating with the community and making our intelligence data available to our customers and sharing with the larger community.”
When asked if he expects AT&T’s move to spur other North American carriers to join the Global Telco Security Alliance, he said “I hope so. If we can be an inspiration for the others to participate then we’re doing a good job.”
Ramnath joined AT&T through the AlienVault purchase. Merging the two companies into a new AT&T division “has a very unique value proposition that can be articulated from three pillars,” he said. “The first pillar is phenomenal threat intelligence.”
Alien Labs Threat Intel
Even before joining AT&T, AlienVault was perhaps best known for creating the Open Threat Exchange. Today, the open community has more than 100,000 participants across the globe. These researchers and security experts collaborate and deliver community-generated threat data that helps companies keep on top of the latest security threats.
“Now with AT&T in the fold we bring that visibility that AT&T Chief Security Organization has — that massive scale of network traffic and data — added to what we’ve been doing through Open Threat Exchange,” Ramnath said.
In addition to the Open Threat Exchange, AlienVault brought its software platform to AT&T. It detects threats, responds to security breaches, and ensures compliance across on-premises environments and clouds. The platform also integrates with other security products and data sources. Now that it’s part of AT&T, it also uses those technical capabilities and the operator’s cloud to core to edge visibility and intelligence, and it will be able to customize services to customers.
Looking ahead, the platform will integrate, automate, and orchestrate an even wider spectrum of point products and intelligence, Ramnath said.
The Cybersecurity division combines this threat intelligence and network visibility under a single team called Alien Labs. And it will integrate and automate Alien Lab’s threat intelligence into a security management platform, which is the new business unit’s second pillar.
“The second pillar is collaborative defense,” Ramnath explained. “Cybersecurity and cybercrime is at a stage where no single vendor or organization can fight crime on their own. Our approach is rather than build another point solution, let’s bring existing solutions together and make them work in a way that the whole becomes greater than its parts.”
The third pillar is “security without seams,” Ramnath said. Most breaches happen because of gaps in companies’ security posture caused by disparate products, an explosion of data, and complex security management and operations.
“Our approach is integrating and orchestrating people, processes, and technology to bridge those gaps and seams,” he said. This joins threat intelligence and security technology with AT&T consulting and managed security services.
“The foundation is threat intelligence, and if you go up one level you have the SaaS platform that allows us to abstract, integrate, and automate,” Ramnath said. “Up one level you have a very broad set of services. And the icing on the cake is our cybersecurity consulting process.”―SDx Central