Last week Deloitte announced the acquisition of Vigilant. This is important news for several reasons. With over 14,000 consultants that specialize in information security Deloitte is the largest and broadest of any security consultancy globally. Deloitte provides customized security solutions across a broad number of vertical industries, including financial services, aerospace, defense, retail, manufacturing, technology, communications, energy and pharmaceuticals.
The acquisition of Vigilant now broadens Deloitte’s capabilities even further by adding continuous monitoring and threat intelligence to its service offerings. Vigilant is an interesting acquisition for Deloitte because Deloitte has not actively participated in the continuous monitoring services market prior to this event. This is a bold move and shows Deloitte’s interest to provide a more complete security portfolio – that will now span from security advisory to security operations. The new brand for the combined company will be Vigilant by Deloitte®.
Vigilant is an interesting company and was one of the companies we covered in our February 2013 emerging managed security services wave. Vigilant’s suite of cyber threat management services complements Deloitte’s security consulting practice. Vigilant's Fusion Service for SIEM offers modules for SIEM systems management. The modules include event / threat use case development, threat intelligence, and incident response. The Vigilant combines these into customized services for SIEM program management.
Vigilant's business model prior to Deloitte’s acquisition is to provide support for Fortune 500 clients and their on-premises-based SIEMs. This co-sourcing model leaves the equipment, security software, and data in the customer's data center. Vigilant manages the client technologies from its SOC, leaving the equipment, security software, and data in the customer's data center. The company also has very good threat intelligence capabilities, and as noted in other research, this is a significant differentiator for MSSPs. Forrester does not see this changing, as the continuous monitoring and threat intelligence capabilities the Vigilant provides brings another important capability to Deloitte’s already substantial client base. Additionally, Vigilant’s service model uses the client’s premise based SIEM as opposed to investing in its own SIEM infrastructure. This provides Vigilant’s clients more control of their SIEM environment. Continuing this model in the new combined company represents strong adjacency to Deloitte’s current consulting service delivery model.
This is the beginning of trend where traditional advisory service consultancies will drive into the managed security services business. The MSSP business is attractive to these companies for a variety of reasons, including broader client footprint, annuity based contracts, more consistent and predictable cash flow and improved service margins that quality MSSPs typically enjoy.