AT&T will separate its managed cybersecurity services practice from its core connectivity business by standing up a joint venture with Chicago-based investor WillJam Ventures.

See Also: Risky Business: When Third-Party Troubles Become Your Own

The Dallas-Texas-based telecommunication carrier will shift its security software, managed security operations and security consulting resources into an entity owned by WillJam and AT&T, and AT&T will retain board representation. WillJam will make a capital investment of an undisclosed amount into the stand-alone cybersecurity services unit, and the deal will close in the first quarter of next year.

“Our direct focus remains on unlocking the power of our best-in-class connectivity with embedded security features that will allow our network to intelligently protect customers end-to-end,” Rick Welday, head of AT&T enterprise markets, said in a statement. “We’re energized about this new business model and the opportunities and capabilities these network enhancements will bring to the market.”

Reports of Deal Talks Began Swirling in February

The joint venture announcement comes nine months after Reuters reported AT&T had been working with British banking giant Barclays to solicit bids for its security business. Much of AT&T’s cybersecurity know-how comes from its $600 million purchase of threat intelligent vendor AlienVault in August 2018. AT&T has pursued several divestitures in recent years to pay down debt after its 2018 Time Warner buy (see: Why Is AT&T Cybersecurity Such a Good Acquisition Target?).

“We’re energized about this new business model.”


– Rick Welday, head of AT&T enterprise markets

WillJam Ventures was founded and led by Bob McCullen, who was chairman and CEO of Trustwave from March 2005 to August 2015, when it was acquired by telecom conglomerate Singtel for $770 million. The firm also owns PCI security services vendor VikingCloud and MDR provider GoSecure. AT&T declined to comment on a question about whether WillJam plans to combine its services business with GoSecure.

“Rapidly expanding attack surfaces combined with an intensifying cybersecurity skills gap are driving businesses to adopt managed security services to safeguard their digital assets,” McCullen said in a statement. “Working together, we’ll be uniquely positioned to protect organizations globally.”

AT&T said the joint venture will enable the company to keep offering managed security services while simultaneously focusing on enhanced network-based security capabilities. The carrier plans to build cyber services into its connectivity products, creating a new category of network-embedded security for small and medium-sized business customers. AT&T said it is undergoing controlled introductions for these new products.

AT&T Cybersecurity’s Headcount Keeps Climbing Slowly

Bringing together network-embedded security and global MSSP capabilities will provide business clients with stronger protections and security posture, the firm said. AT&T Cybersecurity President Sundhar Annamalai said the new joint venture will help customers secure their business intelligence, predict their security investments, drive efficiency into security operations, mitigate risk and focus on innovation.

“To help tame complexity, many organizations are engaging with managed security services,” Annamalai said in a statement. “This is exactly the venture’s mission – to help simplify security. It will help manage the risk while our clients reap the rewards.”

Annamalai has served as AT&T Cybersecurity’s president and chief technology officer since August 2022. He is responsible for accelerating revenue growth and profitability as well as developing the threat detection platform. Prior to that, he spent a little over a year leading transformation and strategy at Humana and held leadership roles at AT&T in mobility, strategy and cybersecurity for over 17 years.

After acquiring AlienVault, AT&T’s cybersecurity business unit was led by Barmak Meftah, who served as AlienVault’s president and CEO for nearly seven years leading to up the AT&T deal and helped the firm raise nearly $115 million in eight rounds of outside funding. Meftah left AT&T Cybersecurity in July 2020 and 18 months later co-founded venture capital firm Ballistic Ventures (see: The Hottest Security Technologies for Early-Stage Startups).

Headcount at AT&T Cybersecurity has grown marginally to 852 employees, up 2% from a year ago and 13% from two years ago, according to LinkedIn. The biggest growth areas have been engineering and business development – both of which have boosted staff size by double digits over the past year – while headcount in AT&T Cybersecurity’s sales and IT divisions has fallen by 8% and 3%, respectively, over the past year.