Leading provider of cloud-based managed security services LevelBlue has committed to the acquisition of managed detection and response (MDR) provider Trustwave from The Chertoff Group’s MC2 Security Fund. This step comes in the wake of LevelBlue’s recent move to acquire the cybersecurity consulting business formerly known as Stroz Friedberg from Aon. Part of a larger trend in the cybersecurity industry of mergers, acquisitions, and consolidation, this latest deal makes LevelBlue the largest independent pure-play managed security service provider (MSSP) in the world.
Strategic and Technical Synergies
The acquisition of Trustwave is strategically advantageous for both organizations, allowing the combination of their separate capabilities and functionalities to create a synergy that is greater than the sum of its parts. LevelBlue will benefit from the integration of Trustwave’s Fusion Platform, a cloud-native MDR service, with round-the-clock protection for organizations across the globe.
Trustwave’s SpiderLabs threat research and intelligence functions also offer a significant benefit to LevelBlue’s operations. This acquisition will help LevelBlue in pursuit of expanding AI-driven threat detection and response capabilities to stay on the leading edge of cybersecurity. It will also offer advantages to customers, including improved visibility, control, and cyber resilience.
Federal and Public Sector Expansion
Institutions in the public sector require cybersecurity services and solutions, and many government organizations are extremely strict when it comes to certifying and authorizing security firms, with high standards of confidentiality and resilience. Trustwave was the first pure-play MDR provider to achieve full authorization according to the Federal Risk and Authorization Management Program (FedRAMP). They have also obtained the analogous authorization for the state government level (StateRAMP).
Integrating Trustwave with its FedRAMP and StateRAMP authorization puts LevelBlue in a prime position to fulfill the Department of Defense’s strict “US eyes only” requirement to receive the Defense Industrial Base and Cybersecurity Maturity Model Certification (CMMC). Achieving this compliance could advance LevelBlue’s positioning in federal, state, and local government markets.
Market Implications and Analyst Perspectives
Acquiring Trustwave has implications not only for LevelBlue and their customers, but for trends in the cybersecurity industry at large. Analysis from Christina Richmond, Principal Analyst at Richmond Advisory Group, highlights the fact that this acquisition demonstrates “market maturation and industry consolidation,” as well as innovation in cloud-based threat detection and response “and the potential for a full-service global cybersecurity and risk management firm.”
The industry has shown a growing demand for unified cybersecurity services in hybrid and cloud environments, partly in response to tool and vendor sprawl creating an overly complex cybersecurity landscape. This acquisition is one step in that direction, with significant implications for simplifying security services for clients navigating a chaotic threat landscape.
Leadership Perspectives
Leaders of both organizations and connected institutions stress the advantages of this acquisition. LevelBlue is “not just expanding our portfolio – we're redefining what it means to deliver measurable cyber outcomes at scale,” according to CEO Robert McCullen. Similarly, Trustwave CEO Eric Harmon notes that the acquisition “positions us to further strengthen our combined leadership position, bolster our offensive and defensive security portfolio, and drive additional innovation to further safeguard and fortify our clients against disruptive and damaging cyber threats.”
Chad Sweet, Chairman of Trustwave and Co-Founder of The Chertoff Group / MC2, states that combining the capabilities of LevelBlue and Trustwave “enables leading-edge cybersecurity protection for enterprises and government clients.” Shawn Hakl, Head of AT&T Business Products, further highlights this point: “This business combination positions LevelBlue as a strategic provider of cybersecurity services in AT&T’s portfolio, especially to our valued federal customers.”
Future Outlook
This acquisition is part of a larger trend of portfolio expansion and global growth that will continue to develop over time. There has been a growing demand for more consolidated and simplified cybersecurity in response to threat and cybersecurity landscapes growing increasingly complex. LevelBlue’s acquisition of Trustwave demonstrates a shift toward AI-first MSS and MDR as core enterprise security strategies, and positions LevelBlue as a leader in next-gen cybersecurity services.
