Understanding Lumen Technologies’ managed security services in APAC

Craig D’Abreo, Senior Director of Product - Managed Security Services (MSS) at Lumen Technologies believes its offering can help organizations in APAC deal with increasing AI-based threats and skills shortage in cybersecurity, given its strong partnership with cybersecurity vendors.

As businesses continue to invest in new technologies, managing them is becoming increasingly challenging, especially with the lack of skills and understanding of how to use the technology. This has led to an increased demand for managed services globally with more vendors and even partners pivoting their business strategies to provide these services.

For Lumen Technologies, the managed services opportunity allows them to strengthen their presence around the world. As the technology and networking company has evolved its offerings over the years, it is now also focused on ensuring its managed services offering, especially cybersecurity, is capable of supporting customers in their tech journey.

According to Craig D’Abreo in an interview with CRN Asia, apart from the skills shortage in managing new technologies, most of the organizations are also specializing in a specific vertical which is their core business driver. For example, a manufacturing or a retail company that understands its business path. This is why there is an increasing need for managed security services today.

“For most of these organizations, when it comes to managing their security solutions, it’s a challenge. That's where they're starting to look at other organizations like Lumen Technologies with its managed security services provider offering (MSSP) to help them with it. They understand other aspects of the technology they have invested in, but struggle to secure the entire infrastructure. That seems to be the biggest challenge,” D’Abreo said.

D’Abreo also pointed out that with the increase of AI-based attacks, the amplification of the attacks is much faster and more sophisticated. Faster responses to these types of attacks help organizations defend against threats, detect risk, and put mitigation measures in place - this is what businesses need, which is why they are increasingly turning to managed security service providers.

“The other trend we're seeing is that a lot of our technology partners are very focused on selling the technology but are also seeing more of a need for managed security services. So that's why technology companies are partnering with Lumen to achieve better outcomes together,” he said.

Increasing costs in cybersecurity tools is already seeing vendors consolidating their security tools and opting for a platformized approach to cybersecurity. D’Abreo pointed out that the customers are seeing 35% to 45% cost savings based on the different solutions and licensing models they have to manage.

Lumen Technologies’ strategy

For D’Abreo, one of Lumen's strategies is to work with technology partners that have more of a platform play like Palo Alto Networks. The cybersecurity vendor not only has a very close relationship with Lumen in the US, but in Asia Pacific as a select partner.

“We like the Palo Alto story because they’ve made a series of acquisitions, such as CyberArk, bringing in the identity layer,” D’Abreo explained. “They also have tech services management and have built a Cortex solution, creating a platform play where multiple technologies feed into a single, data-sharing ecosystem. On top of that, you’re seeing AI and agentic capabilities built in, providing a correlation and machine learning perspective that gives our SOC teams and analysts a more comprehensive view. Customers are gravitating towards this approach across firewalls, EDR and XDR, attack surface management, and SASE-type capabilities—all within a single platform,” D’Abreo explained.

Going back to reducing costs, D’Abreo added that an advantage of working with an MSP is the select partnerships Lumen has with technology providers, which allows them to get a pretty deep discount.

“And so customers are able to access a service that combines discounted technology with managed services on top of it, alongside Lumen’s own differentiators, all packaged together,” he said. “Essentially, you’re looking at something close to list price, but with significantly more value that we can bring to the table. Let me give you an example of one of those values adds. Lumen’s global network is one of the largest peered networks in the world, with 99% of IPv4 space flowing through the Lumen peer network.” he said.

Black Lotus Labs is a threat intelligence feed where Lumen can determine when new threat infrastructures are being stood up across the world for crimeware, malware, and pieces.

That intelligence feeds a significant amount of information into Lumen’s security solutions as they’re doing the monitoring, creating a differentiator for Lumen managed services versus somebody else.

“So going back to the point on cost savings, you're getting technology, you're getting threat intelligence from a Black Lotus perspective that is very unique to us, and you're getting expert SOC services across various regions. That's the value where customers are seeing a lower cost reduction, essentially, from what they had before if they had to manage the technology themselves,” he said.

Talent in Managed Services

When asked how Lumen is ensuring it has sufficient skills in the MSP business, D’Abreo shared that it is important to attract talent and keep talent.

“It's a very competitive market as we know cybersecurity is much higher, so you have to keep up with the market demands. But secondly, investing in our analysts and team players, certifications, and ensuring that we're kind of driving their careers, working with our technology partners to make sure that they're certified in certain areas to kind of grow their skill sets and also upward momentum. We move people from tier ones to tier twos to threat hunting teams to pen testing teams. That's how we retain the culture,” he said.

While this is the global strategy, regionally D’Abreo shared that with operation centers in India, Singapore and Australia, ensuring the right talent is brought in and investing in their careers is key.

“One thing cool about Lumen is that you kind of get to work on different things within the SOC as well. That's something we see quite often in Asia Pacific, giving them new projects to work on and AI type capabilities. And so, it keeps the interest and it keeps them grounded within the Lumen culture and attrition rates are typically lower,” he added.

Looking ahead, D’Abreo believes that the industry is going to see the biggest boost when it comes to detection timeframe, which is why upscaling employees is key.

“So, all the mean time to detect and mean time to respond will be driven lower by AI and agentic capabilities,” he said. “This also allows us to upskill our employees. For example, Tier 1 and Tier 2 teams are no longer just working through routine tasks; they can focus on more specific, higher-value work. The agentic automation layer is a key driver here. We’re also implementing automation technologies to build playbooks that can queue up specific alerts and events for different types of analysts,” he said.

What businesses need to do

Given the need for demand for MSPs, D’Abreo also believes that customers that are still unsure of how to approach the topic should start off with an assessment.

“We don't know what you don't know, you don't know what you don't know pretty much. So, the assessments really help understand where the priorities really should be and where the focus should be based on compliance and the risk profile that the customers need to adhere to. So, get the assessment done, have a good understanding of what's needed, and then start investing in those specific services where the gaps are. That's the best way to utilize a managed security service provider,” D’Abreo said.

At the same time, he advises businesses to measure the amount of infrastructure, cloud-based security, endpoint, on-prem type infrastructure investments to the capabilities and the skill sets that they may have internally.

“If there's a big gap where your team is not able to handle the incidents and so forth, absolutely start thinking about leveraging a managed security service provider to help you on a 24 by 7 basis.”

Cyber resiliency is another reason to consider. Businesses are going to get compromises, but can they recover fast enough? D’Abreo shared that those types of backup services that are powered by part of Lumen’s network, as well as some of its core partners, will help businesses recover much quicker.

“Security shouldn't be an afterthought. I think what we see here in Asia, a lot of customers treat security as an afterthought after the breach has happened. So, I think they need to change that mindset and engage a qualified service provider like us,” D’Abreo concluded.