Navigating the Future of Managed Cybersecurity Services: A Closer Look at Eviden’s Successes and Leadership

Eviden’s security services practice consists of 6,500 cybersecurity experts across Eviden’s 16 Security Operations Centers, eight research and development centers, and two manufacturing sites earning over $1 billion in revenues (in 2022). The cybersecurity services business has three main areas: Managed Security Services, Cybersecurity Consulting, and Solution Integration. Eviden has relationships with more than 40 cybersecurity technology partners, including Amazon Web Services (AWS) and CyberArk. A Cybersecurity Academy provides training across a range of cybersecurity skills and certifications. TBR will include Eviden in the November 2023 publishing of the Security Services Market Landscape. Start your free trial of TBR Insight Center to gain access to this research as soon as it is available.

More Than a Project, More Than a Service: Usable, IP-enabled Security

In early May, TBR met with leaders from Eviden’s cybersecurity services team, including Vinod Vasudevan, global CTO for Managed Detection & Response and global deputy CTO for Cybersecurity Services; Allen Moffett, global head of Identity Access Management; and Wolfgang Baumgartner, director of Global Digital Consulting. Over the course of 75 minutes, the Eviden team walked through the company’s current security services offerings and discussed their outlook for Eviden once the company has fully separated from Atos.


This special report reflects that discussion, TBR’s previous research into Atos’ cybersecurity capabilities, and related analysis. TBR will include elements of this report in our November 2023 Cybersecurity Services Market Landscape.


“In the absence of usable security, there is no effective security.” With that simple phrase, Vasudevan summed up Eviden’s philosophy and approach to providing cybersecurity services, reflecting decades of company culture centered on providing useful, reliable and proven solutions.


Throughout the discussion, Eviden’s leaders kept returning to the idea that security services — across the full range of Eviden’s offerings — could be beneficial to clients only if properly deployed and managed. They also emphasized that having a full range of cybersecurity services creates flexibility for Eviden and its clients while avoiding lock-in or over-reliance on any specific technology solution or provider.


According to Vasudevan, “Our top priority is meeting the unique needs of our customers. That’s why we strive to offer comprehensive programs that exceed their expectations by delivering not just a single project or service but an entire program they can rely on. We’re focused on building long-term relationships with our customers by providing quality solutions tailored to their needs.”


In addition, Eviden’s cybersecurity leaders indicated that following a complete split from Atos, Eviden would look for acquisitions to help accelerate growth in cybersecurity services, complementing the investment already made in R&D. TBR expects Eviden will focus on expanding its capabilities in cloud security, an area where the company can combine current cloud-native offerings with the hyperscalers’ security tools and add acquired capabilities and scale, bolstered by Eviden’s existing — and expanding — IP.

Delivering Managed Services Today to Prevent and Respond to Problems of Tomorrow

Differentiation across security services remains challenging, particularly as the ecosystem of security software vendors and security services providers expands rapidly, including value-added resellers increasingly adding consulting and IT services to their portfolio mixes. Within all this noise, finding true differentiation frequently comes down to two elements, one external and the other internal.


First, what do clients say that makes any one vendor stand out? Second, where does the vendor see evolution in cybersecurity services — what is next, and what is the vendor doing about it? On this, Eviden’s Vasudevan noted that “as we go forward, now the cyber recovery aspect is also a big focus area.” Eviden will be tasked with not only response and containment but also figuring out how to make a quick recovery.


A large part of recovery, of course, depends on planning and testing, ensuring adequate capacity, and, ideally, detecting problems before a critical response is needed. Addressing that, Eviden has built capabilities and offerings around multivector detection and investigation, verification, containment and mitigation, all delivered through an AI-enabled platform supported by Eviden’s professional staff.


In diving deeper into Eviden’s response capabilities and offerings, Vasudevan returned to what, for TBR, differentiates Eviden: approach. The first priority, according to Vasudevan, is “to get the IT running again.” Next is to learn from the security incident and take the necessary measures to increase security. Then, critically, Eviden must lean into the trusted partner relationship with the client and “develop a road map together, a to-do list, and then begin executing all the recovery steps, planning for the next incident.”


Relentlessly thinking about the next step, reinforcing that usable security is the only effective security, and seeing the “response” as moving beyond just the cleanup to actually preparing for the next mess — this approach and mindset, in TBR’s view, distinguish Eviden in a very crowded field.

IP-enabled and Business-oriented Cloud Security Makes Hyperscalers Happy

Eviden’s leaders also touched on the company’s cloud security capabilities and offerings, starting with the ability, as described by Vasudevan, to “leverage the security tool set of hyperscalers to deliver services on top of what we also have … combining the native tool sets of the hyperscalers” with Eviden’s IP.


In Vasudevan’s view, this combination of hyperscalers’ tools and Eviden’s IP is complemented by and even accelerated by Eviden’s ability to bring a wide set of offerings through either limited deliveries or ongoing managed services arrangements. Baumgartner stressed that Eviden’s approach includes assessing clients’ cloud security strategy and current risks.


He added that “customers start more on the business side, not always thinking about technology first” and “afterwards they realize that they will face security issues,” which has led Eviden to building “quite good cooperation with Microsoft and Amazon” in order to try to better collaborate with these vendors in an earlier stage. In short, partnering smartly with the hyperscalers allows Eviden to bring IP-enabled value more quickly to clients while also proving to the hyperscalers that Eviden is a highly capable — and business-driving — partner.


In TBR’s detailed analysis of the key components of leading partnerships between IT services vendors and hyperscalers, delivering value-added IP, and bringing business know-how to the cloud technology stack consistently separate leading IT services vendors from lagging ones. In TBR’s view, Eviden has demonstrated its capabilities across both of these components.

Building Talent Prepared Specifically for Eviden

Touching on the need for local talent, Eviden’s leaders explained that global delivery centers in Poland, Romania, increasingly Croatia, and India would provide the majority of services for Eviden’s clients, bolstered by local, in-country teams and talent for restricted workloads, clients with specific demands, or situations in which Eviden wants to provide an extra level of customer intimacy.


In Vasudevan’s telling, Eviden “wants to optimize the cost without sacrificing the best combination and the best formula for success.” Reflecting, to some degree, the delivery center staffing, Eviden’s leaders said Central Europe, including Germany, generates the largest revenue share, with the highest growth potential coming from North America and the U.K.


In TBR’s view, Eviden has an opportunity to build on the small but substantial U.S. client base built by Atos over the last decade, but its greatest opportunities likely remain increasing its market share in the region already deeply familiar with Eviden’s strengths and capabilities.


Further on talent, Eviden stressed the company’s commitment to reducing the overall cybersecurity talent shortage, reflected by investments in professional development for experienced employees and a recently launched Cybersecurity Academy. Eviden puts candidates through classroom cybersecurity training before a round of practical training with Eviden’s security consulting teams, essentially building a pipeline of security talent already deeply familiar with Eviden’s approach, culture and offerings.

EY’s Cybersecurity Practice: Global, Local and Trusted

In TBR’s view, EY continues to operate through a global effort, complicated by regulatory and compliance requirements that vary by country as well as member firms’ different partnership structures. However, at multiple times during the discussion, EY leaders said the firm knew that cybersecurity services required being “local to be there with clients.”

TBR Takeaways: Culture and Competence Matter Most in Cybersecurity

Eviden unquestionably benefits from many of its parent company’s strongest attributes, including a technology and engineering legacy and mindset, a belief in steady improvements over a break-it-till-you-make-it approach, and a rich set of intellectual properties ideally suited for a technology era that puts a premium value on partnering well across a broad ecosystem.


Where TBR sees the Eviden team building on their Atos beginnings is in applying a relentlessly forward-looking approach to security services to build an expansive set of offerings that does not compromise on depth of technical expertise or quality in delivery. While no easy task, TBR believes the essential first component is the right corporate culture. While “usable” is not as exciting-sounding as “disruptive” or “paradigm shifting,” for security services, Vasudevan and his team make a compelling case that it is the most important characteristic — and that their understanding sets their approach for delivering “usable” to their clients.


Competence, in TBR’s view, can only be measured through two lenses, and neither of them depends on 40-slide presentations detailing a vendor’s vast array of offerings and capabilities. Very simply, the only opinions about competence that matter are clients’ and partners’ — and in today’s technology space, specifically cloud partners’ opinions. In the discussions with TBR, Eviden’s leadership shared client stories reflecting credible and tangible value spanning both cybersecurity-specific metrics and business value outcomes.


As for cloud, Eviden shared a highly detailed assessment of their cloud security capabilities, starting with AWS-, Microsoft Azure- and Google Cloud Platform (GCP)-native security and adding Eviden’s IP to create broad and deep offerings. Perhaps more critically, Eviden also shared where the vendor has been and will be investing in the future of cybersecurity, including around open innovation, cyber agility, automation and security by design.


In every area, Eviden sees itself relying on a partner ecosystem, which ensures a continued emphasis on nurturing alliances with the hyperscalers and others. While TBR cannot definitely say how AWS, Microsoft and Google Cloud (Nasdaq: GOOGL) view Eviden, we believe the investments and the approach align with those hyperscalers’ priorities in cloud security.


Eviden’s proven competence aligned with a deeply ingrained culture stressing usefulness, business value and scale should position the vendor exceptionally well for its coming tests as a new security services brand.