CenturyLink's latest enhancement to its security services would seem to be an easy sell to its enterprise customers. Security Log Monitoring 2.0 lets enterprises outsource the complex task of assembling all the various activity logs from firewalls, VPNs, servers and more into one place for the purpose of detecting potential threats or breaches. What's more, the first 10 gigabytes of ingested data is actually free.
But as Chris Richter, vice president of global security services for CenturyLink Inc. (NYSE: CTL), admits, nothing is an easy sell these days, even a service that offers better security with less complexity at lower cost.
"It makes sense to our customers -- it's straightforward," Richter says in an interview. But there's this tricky matter of timing.
"Customers have a lot of different operating methodologies, personnel, they've already made investments in SOC [security operations center] and SIEM [security information and event management] tools in some cases," he says. "It is a matter of speaking to customers and basically taking them through our ecosystem at the time they are ready to transform."
In other words, enterprises want to get the maximum value out of the capex they have already spent on new firewall hardware or other gear before investing further in a new service, even one that improves the level of security.
As a result, Richter says, what CenturyLink tries to do is adapt its sales strategy to meet the customers where they are and do what can be done to plug them into newer ways of identifying and dealing with network threats.
"We have a network-based next-gen firewall platform called Adaptive Network Security, for example," he explains. "But customers in some cases have already purchased new firewall hardware and are three to five years out before they are ready to cycle through that hardware. What we can do is provide threat intelligence data to them and pull data from those new firewalls they purchased, even though they are not cloud-based, and pull that into our Security Log Monitoring."
Similarly, if customers prefer to provide their own security specialists, versus using CenturyLink's, the company can "stream this data or provide a portal for integration with the customer's own SIEM tools and their own SOCs," Richter says. That helps automate more mundane tasks so the human experts can focus on higher level decision-making. "It basically removes a lot of the background noise, the false positives and interesting but not actionable so our teams and the customer's teams can focus on what matters."
So while CenturyLink is assembling a broader managed security service portfolio that it hopes to sell, the sales reality is something a bit different.
"We believe that if customers use our entire [security] ecosystem, they will maximize their efficiency and their cost controls," Richter concludes. "All of our services are designed to work together. But it's important to note that no two organizations are alike -- we are seeing digital transformation and security transformation happen everywhere but everyone seems to be at a different place in that journey. We have to have services that adapt to where the customers are."
For a closer look at Security Log Monitoring 2.0, check out this story on our sister site, SecurityNow.
— Carol Wilson, Editor-at-Large, Light Reading