It’s no great revelation that large multi-nationals and enterprises are struggling with the cost and complexity of security in ways that just seem to get worse with every technology or market development. Historically, organisations have used expensive consultancies, systems integrators and vendors to bolt together answers to such complex issues but might this model now be ready for a dose of beneficial market disruption?
BT’s 500-strong Security Consulting division thinks it is at least asking the right questions in the form of Cyber Roadmap, a new framework it has started promoting to large enterprises from after 18 months of development inside its existing customer base.
UK and global enterprises going anywhere near BT for cybersecurity consulting will be confronted with this methodology pretty quickly so what exactly is it and does it stand up to scrutiny?
On the surface at least, it reads like any other conceptualisation calling itself a methodology from a big IT consultancy, tracing a path from business strategy through risk assessment to security design. Every firm in the market will pull out such documents to back up the sales pitch. It's a way of packaging what the firm already does with a more emphasis on security as a theme.
“The difference is we created a standardised approach across our consulting capabilities,” insists BT’s general manager for Security Consulting, Guus van Es when pushed to explain what the firm is selling here. That‘s a point. Unlike the consultancies and vendors it’s up against BT does many different things. It’s a global network provider, it sells numerous services including managed security, it does integration and, latterly, it offers grown-up IT and security consultancy.
However, Cyber Roadmap Consulting bigger innovation could turn out to be not what it is so much as who is doing it, BT.
“Customers see benefit in the global scale we have,” argues van Es, using BT’s size as a major attraction. “We also offer bespoke, vendor-agnostic capabilities and substantial R&D power.”
There is nothing new or unusual about vendor-agnostic consultancies, but BT might have an important advantage in that it can also offer integration with the underlying network. This casts BT’s Cyber Roadmap as a bit of everything which customers can take or leave as they please.
According to van Es, “knowing what we can do in Singapore we can do in Barcelona,” is a fundamental promise none of its established consulting rivals can make. On top of that “we don’t have a pre-defined agenda on what we’re going to sell to you.”
If Cyber Roadmap Consulting can deliver on vendor agnosticism this will be another market attraction although the company still has Cisco and Microsoft as Global Certified Partners to think about.
BT, then, will work out what enterprises need, design and specify that in whatever form seems comfortable, and if necessary carry out the difficult implementation bit, a sort of one-stop shop. Some of these services and infrastructure could come from BT – that is implicit - although they don’t have to, van Es stresses.
BT’s van Es would not be drawn on the Roadmap’s current customers but it has already been tested on clients, he confirmed.
That BT sees it worthwhile pitching security-oriented services that would once have been left to pure consultancies suggests that the market is entering a period of greater competition. Some of this is just about expanding brands reinventing how they sell their services and underlying network to large organisations and governments with major security problems to sort out.
There is plenty of hype and over-explaining going on here. But if there are more security dollars out there floating around, the firm now looks like an increasingly plausible place to spend some of them.