LevelBlue leverages AI to threaten Intel after AT&T split

A cybersecurity managed services powerhouse led by Trustwave’s longtime CEO plans to capitalize on AI for threat intelligence after splitting from AT&T.

See also: The Ultimate Guide to Threat Investigations

Dallas-based LevelBlue plans to lead organic growth through talent acquisition and pursue acquisitions to expand its intellectual property and global reach, according to Chairman and CEO Bob McCullen. The company was known as AT&T Cybersecurity before the telecommunications giant sold a majority stake to Chicago-based investor WillJam Ventures, necessitating a name change.

“We’re going to provide predictive security through analytics and understanding where threats are going,” McCullen told Information Security Media Group. “What we have in our portfolio is primarily companies as well as federal, state and local governments.”

WillJam Ventures was founded and led by Bob McCullen, who was chairman and CEO of Trustwave from March 2005 until August 2015, when the company was acquired by telecommunications conglomerate Singtel for $770 million. Under McCullen as president of LevelBlue, AT&T veteran Sundhar Annamalai has served as president and CTO of AT&T Cybersecurity since August 2022 after 18 months as a Humana executive (see: AT&T forms joint venture for cybersecurity management activities).

“When this opportunity presented itself, it was like a dream,” McCullen said. “It will be one of the largest startups in the security industry. It’s critical mass. It has global customers and over 1,000 employees, and we have eight SOCs around the world. This allows us to have a great platform to build on and invest in.”

How LevelBlue plans to boost its business with AI

AT&T will retain minority ownership and representation on LevelBlue’s board of directors, according to McCullen. He said LevelBlue plans to continue leveraging AT&T’s sales channels to bridge security solutions and network services and support joint customers primarily in the North America region, while simultaneously building customer relationships more direct and international.

McCullen said LevelBlue will improve response times and efficiency in threat detection and remediation by further integrating AI into its operations. LevelBlue is focused on meeting enterprise security needs and includes threat intelligence capabilities acquired from AlienVault in August 2018 as well as native security consulting and managed services capabilities.

Now that LevelBlue is no longer in AT&T’s shadow, McCullen said, the company will establish its authority and visibility in the cybersecurity market by publishing its own threat intelligence reports. LevelBlue currently generates 90% of its turnover in the United States thanks to the AT&T partnership and wishes to increase its international activity to 30% within a few years by investing in direct customer relationships (see: Why is AT&T Cybersecurity such a good acquisition target?).

LevelBlue’s investments in AI and machine learning will enhance the company’s service offerings in real-time threat detection and predictive analytics, McCullen said. The company plans to hire more data scientists and AI specialists to deepen its expertise in adapting AI to cybersecurity applications, which McCullen says should help automate and improve the process threat detection.

The integration of AI and machine learning into LevelBlue’s existing stack is expected to improve the company’s ability to quickly scan huge volumes of data for potential threats, thereby reducing false positives and increasing the accuracy of threat detection. By leveraging AI, he said, LevelBlue hopes to provide threat intelligence that can preemptively identify potential security breaches or quickly mitigate them if they occur.

Will there be any acquisitions in LevelBlue’s future?

LevelBlue will also pursue acquisitions to strengthen its technology stack, support and enhance its cloud platform offerings and expand its geographic presence, according to McCullen. Additionally, he said, LevelBlue will pursue companies that have developed innovative AI technology that can be easily integrated to accelerate the development timeline of the company’s own AI-based features.

The company will also focus on integrating data from web gateways, email gateways and firewalls into a unified system to enable more sophisticated analysis and faster response to threats. Integration enables a holistic view of security threats across different vectors, while the use of advanced data processing and management ensures that data from disparate sources can be standardized and analyzed consistently.

Machine learning algorithms can predict and identify potential threats before they cause damage, which McCullen says improves the operational efficiency of security teams by focusing their efforts on verified threats. Data collection and advanced analytics also provide detailed insights into potential security vulnerabilities and emerging threat patterns, which it says enables more informed decision-making.

LevelBlue plans to strengthen its position in existing markets in Europe and Asia Pacific while entering new markets, while McCullen said this would allow the company to support a more diverse customer base globally. LevelBlue is already one of the five largest managed security services providers in the United States, and it plans to capitalize on the company’s independence to be more accessible and responsive to its customers.

“We’ll be the easiest partner you’ll ever do business with,” McCullen said. “That’s our goal: to make business transactions easier and to provide more cost-effective and secure solutions. We will be aggressive in the market and we will be aggressive to make that customer happy.”