Is your telco taking security seriously? It should be

It wasn't too long ago that vendors still made a lot of their money through equipment markups. Telcos were the same, with comfortable profit on ISDN, STD calls, calls to mobiles and other heavily used services padding out financial reports.

Yet broadband prices are gradually coming down, traditional revenue sources such as PSTN services are drying up, and ageing and expensive wide area network (WAN) technologies like ISDN and Frame Relay have had their day.

As well, incessant conflict over network investment has defined the local market and put a chokehold on progress in Australia's telecoms sector. That's why Verizon's recent purchase of high-profile security consulting giant CyberTrust -- estimated at US$445 million -- is so interesting. It both reflects a growing trend towards security services and suggests serious coming problems for Australia's telcos.

Verizon, which sidestepped into Australia over a year ago after its purchase of US carrier MCI, knows this all too well. Back in 2005, MCI shelled out US$105 million for specialist managed security services provider NetSec, which strengthened its US footprint. CyberTrust, which has more than 230 highly qualified security professionals across the Asia-Pacific region, expands Verizon's consulting presence across Australia and beyond.

What does this mean for the company? Darren Day, Verizon Business' director of market for Asia, said: "On day one, this acquisition brings us a global managed security service spanning all of our geographies."

"Even though we already do MPLS networking, application management and managed IP telephony, bringing security, applications and forensics into that gives us a global story ... Security becomes more seamless and comes with single points of accountability. In 18 months time I won't be talking about AT&T and others as competitors; I will be talking about IBM [which paid US$1.3 billion for security giant Internet Security Services last August]."

Verizon competitors AT&T and SBC have both also bought security companies in recent years, and BT bought Counterpane Internet Security last October.

Australian carriers, however, seem to be well behind their international counterparts when it comes to security services. Telstra bought consulting group KAZ several years ago, but its security capabilities -- described on its managed ICT page as "a suite of security services including managed antivirus, e-mail and Web content filtering" -- seem positively anaemic compared to CyberTrust's extensive security consulting, auditing and other capabilities.

Optus' response to the KAZ acquisition -- to buy consulting firm AlphaWest for just AU$26 million -- reflects the importance of services, but also says a lot about the relative size of AlphaWest's operations. Optus declined the opportunity to share more information about AlphaWest's security consulting business, but a look at the company's own managed services Web page doesn't even mention security.

Businesses are increasingly looking to their suppliers to provide integrated services, and the combination of network and security services is a no-brainer.

By failing to take a more proactive stance with respect to security services, Australia's two largest business carriers are missing out on the chance to measure up in this increasingly important area.

Everyone knows that government and business customers drive the telecommunications market. If the failure by Telstra and Optus to get their services stories straight is any indication, those customers will increasingly distance themselves from local carriers, whose ability to innovate seems to have been swallowed by inertia and the whole broadband debate.

Businesses know what they want, and if local carriers can't provide it, Verizon, BT and the other global carriers may end up kicking the stool out from under the local telco market.