Gartner Says: AT&T is a global telecommunications and IT services provider that offers a range of security device management and monitoring services for large enterprises, midsize businesses and governments. Headquartered in the U.S. (Dallas), and with regional offices in the U.K. (London) and Hong Kong, AT&T delivers services from five 24/7 SOCs (one Europe-based, one Asia/Pacific-based and three U.S.-based) and three SOCs operating local business hours (one in the Asia/Pacific region, one in Brazil and another in Europe). Customers served by an SOC operating local business hours and seeking after-hours support are routed to a 24/7 location with local language support. AT&T Threat Manager is its security event monitoring and management service, which is priced by events per day (EPD). Threat correlation and analysis is performed via the AT&T Threat Intellect platform, which leverages both commercial SIEM technologies and big data technologies and analytics, and is delivered to customers as part of AT&T’s Threat Management and Intelligence solutions. Device management is available through discrete managed security offerings for network security, data and application security, and mobile and endpoint security. Device management and workflow is handled through the AT&T Business Center portal, which also provides access to the Threat Manager view. The vendor offers threat intelligence via the AT&T Internet Protect service. AT&T supports in- country/customer premises data management in all regions, and can use local partners for device management to meet data residency requirements. AT&T should be considered by organizations with a preference for services to be sourced from a single supplier, particularly managed network services and IT infrastructure security controls that need to be deployed, managed and monitored across the customer’s environment (both on-premises and cloud services) and the provider’s environment.
Gartner Says: BT is headquartered in London with key offices globally, including London, Hong Kong and Dallas. BT has six European SOCs and four Asia/Pacific region SOCs providing 24/7 service, with an additional four non-24/7 SOCs worldwide. BT provides a range of telecommunications, cloud-enabled hosting, cloud brokering and integration, and collaboration services, in addition to managed security services. BT’s MSS offerings have been under the BT Security brand name since 1Q17. BT Security’s MSS portfolio includes a range of offerings primarily within the Managed Security Services and Security Intelligence portfolios. Security Intelligence includes services such as Security Log Management (SLM), Security Threat Monitoring (STM), Cyber Security and Security Threat Intelligence. Technology management is under Managed Security Services and includes managed firewalls, DDoS, web, email, PKI and cloud security. Additional offerings include Security Vulnerability Scanning (SVS) for managed vulnerability scanning and Managed SIEM for McAfee ESM, LogRhythm and IBM QRadar customers. BT’s strategy for managed security services is evolving to emphasize its Managed SIEM and Cyber Security Platform offerings for existing BT customers and global enterprise buyers that require more one-to-one-oriented services, as opposed to delivery using a shared analytics platform that this research primarily assesses. BT has two separate portals for security technology management (Security Hub) and monitoring services (Security Threat Monitoring), which BT has been revamping over the last 12 months. Consulting services are available to meet a variety of customer demands. Incident response support, available as a retainer, is delivered in partnership with FireEye-Mandiant and other firms. BT can meet requirements for data residency with in-region/in-country service provision and citizenship requirements for SOC staff. Global enterprises seeking global MSS capabilities to satisfy complex security requirements should consider BT.
MSSP Alert Says: As we pointed out last year, for U.S.-based MSPs seeking to navigate Brexit, GDPR and security issues across Europe, BT could be worth an exploratory call.
Gartner Says: DXC Technology, a newly formed entity as the result of the merger of CSC and Hewlett Packard Enterprise’s (HPE’s) Enterprise Services business, is headquartered in Tysons, Virginia. The merger formally concluded in March 2017. The vendor has 16 SOCs across the Americas, EMEA and the Asia/Pacific region. DXC offers a range of security implementation and consulting services other than MSSs for enterprise and government customers. In addition to security monitoring and device management, DXC does offer additional standard managed services like managed SIEM, managed EDR, vulnerability assessment and DDoS protection, among others. The vendor differs from many other MSSPs in that it offers a range of managed services around identity and access management, such as Identity Management as a Service and Privileged Account Management. As an MSS provider, DXC is currently in a state of consolidation and change, in terms of both the technology platforms used for MSS delivery and new services that the provider is planning to introduce. Customers requiring globally delivered MSS, especially those looking for a partner that also offers additional IT and security services, should consider DXC for MSSs.
MSSP Alert Says: DXC has plenty of MSSP expertise, but the broader company suffered an embarrassing security episode in late 2017. Indeed, the company inadvertently uploaded its private Amazon Web Services (AWS) keys to an unsecured Github repository. The private keys were used to launch 244 AWS virtual machines (VMs) over the course of four days, and DXC paid approximately $64,000 to rectify the issue.
Gartner Says: NTT brings together the MSS-specific resources and delivery platforms of NTT Com Security, Solutionary, Dimension Data, NTT Communications, NTT DATA and technology from the NTT Innovation Institute. NTT Security has been established as the specialized security company of the NTT Group. NTT is headquartered in Tokyo, with regional headquarters for North America, Europe and the Asia/Pacific region. NTT offers a broad range of security professional services and integration and incident response services. NTT Security has 17 24/7 MSS SOCs globally: six in the Asia/Pacific region, five in Europe and six in North America. In 2017, NTT progressed toward integrating its three separate platforms used for delivering MSS. Its new operating model is similar in nature to a channel-based approach in that NTT Security doesn’t directly sell services, instead relying on its group companies, which have varying levels of coverage and support in the different geographies. NTT is actively migrating North American and Japan customers to its new Global Managed Security Services Platform (GMSSP), while EMEA and remaining Asia/Pacific region customers continue to use the existing WideAngle and ArcSight ESM-based platforms. NTT Security MSSs are sold via the NTT Group companies of Dimension Data, NTT Communications and NTT DATA. Customers of NTT operating companies, and enterprises seeking a large global provider, should consider NTT for MSSs.
MSSP Alert Says: NTT is active on multiple partner and M&A fronts. The company acquired Secure-24 Intermediate Holdings, a U.S.-based managed services provider (MSP) focused on hosted Oracle, SAP and Microsoft solutions in November 2017. And in early 2018, NTT said it plans to leverage ThreatQuotient for a new threat intelligence services offering.