Artificial Intelligence & Machine Learning , Next-Generation Technologies & Secure Development

LevelBlue Leverages AI for Threat Intel Following AT&T Split

AI Investments and Global Expansion Set to Propel Growth After Separating From AT&T
LevelBlue Leverages AI for Threat Intel Following AT&T Split

A managed cybersecurity services powerhouse led by the longtime CEO of Trustwave plans to capitalize on AI for threat intelligence following its separation from AT&T.

See Also: Top 10 DSPM Requirements: Data Security Challenges in the Cloud Era

Dallas-based LevelBlue plans to spearhead organic growth through talent acquisition as well as pursue acquisitions to expand its intellectual property and global reach, according to chairman and CEO Bob McCullen. The business had been known as AT&T Cybersecurity prior to the telecommunications giant selling a majority stake to Chicago-based investor WillJam Ventures, which necessitated a name change.

"We're going to provide predictive security through analytics and understanding where the threats are getting to," McCullen told Information Security Media Group. "What we've got in our portfolio is mostly enterprise along with federal, state and local government."

WillJam Ventures was founded and led Bob McCullen, who was chairman and CEO of Trustwave from March 2005 to August 2015, when it was acquired by telecom conglomerate Singtel for $770 million. Serving under McCullen as LevelBlue's president is AT&T veteran Sundhar Annamalai, who has served as AT&T Cybersecurity's president and CTO since August 2022 following 18 months as a Humana executive (see: AT&T Forms Joint Venture for Managed Cybersecurity Business).

"When this opportunity came up, it was like a dream," McCullen said. "It'll be one of the biggest startups in the security industry. It's a critical mass. It's got global customers and over 1,000 employees, and we have eight SOCs around the world. It allows us to have a great platform to build on top of and invest in."

How LevelBlue Plans to Turbocharge Its Business With AI

AT&T will retain minority ownership and board representation in LevelBlue, according to McCullen. He said LevelBlue plans to continue leveraging AT&T's sales channels to link security solutions and network services and assist joint customers primarily in the North America region while simultaneously building out more direct and international customer relationships.

McCullen said LevelBlue will improve response times and effectiveness around threat detection and resolution by further integrating AI into its operations. LevelBlue is focused on addressing the security needs of enterprise-sized organizations and includes the threat intelligence capabilities acquired from AlienVault in August 2018 as well as native security consulting and managed services capabilities.

Now that LevelBlue is no longer in AT&T's shadow, McCullen said, the company will establish its authority and visibility in the cybersecurity market by publishing its own threat intelligence reports. LevelBlue today derives 90% of its revenue from the United States thanks to the AT&T partnership, and it wants to grow its international business to 30% within a couple of years by investing in direct client relationships (see: Why Is AT&T Cybersecurity Such a Good Acquisition Target?).

LevelBlue's investments in AI and machine learning will enhance the company's service offerings around real-time threat detection and predictive analytics, McCullen said. The company plans to hire more data scientists and AI specialists to deepen its expertise in tailoring AI to cybersecurity applications, which McCullen said should help with automating and enhancing the threat detection process.

Integrating AI and machine learning into LevelBlue's existing stack should enhance the company's ability to quickly analyze massive volumes of data for potential threats, reducing false positives and increasing the accuracy of threat detection. By leveraging AI, he said, LevelBlue hopes to provide threat intelligence that can preemptively identify potential security breaches or swiftly mitigate them if they occur.

Will There Be Acquisitions in LevelBlue's Future?

LevelBlue will also pursue acquisitions to strengthen its technology stack, support and enhance its cloud platform offerings and expand its geographical footprint, according to McCullen. In addition, he said, LevelBlue will pursue companies that have developed innovative AI technology that can be easily integrated to accelerate the development timeline of the company's own AI-driven features.

The company will also focus on integrating data from web gateways, email gateways and firewalls into a unified system to enable more sophisticated analysis and faster threat response. The integration allows for a holistic view of security threats across different vectors, while the use of advanced data processing and management ensures data from disparate sources can be normalized and analyzed cohesively.

Machine learning algorithms can predict and identify potential threats before they cause harm, which McCullen said improves the operational efficiency of security teams by focusing their efforts on verified threats. The data collection and advanced analytics also provide detailed insights into potential security vulnerabilities and emerging threat patterns, which he said allows for more informed decision-making.

LevelBlue plans to strengthen its position in existing European and Asia-Pacific markets while entering new ones, while McCullen said will allow the company to support a more globally diverse client base. LevelBlue is already one of the five largest managed security service providers in the U.S., and he plans to capitalize on the company's independence to be more accessible and responsive to customers.

"We will be the easiest partner that you've ever done business with," McCullen said. "That is our goal: easy to do business with - and provide more cost-effective and security-effective solutions. We will be aggressive in the market, and we'll be aggressive to make that customer happy."

About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.