There’s a $9.5 billion market opportunity in automated security services, according to Appledore Research’s latest report. And communications services providers are the logical winner — if they don’t blow it.

“They at least see the opportunity and are moving,” said analyst and report author Grant Lenahan. “Whether that is seizing it or letting it slip into their hands when convenient is hard to say. Telcos just don’t move fast.”

Still, almost every large regional or global network operators has started incorporating security as an essential piece of its enterprise transport offerings, he added.

“Is it fast enough for them to maximize their market share? Time will tell,” Lenahan said. “And to some degree, we’re trying to sound the alarm.”

Appledore forecasts that by 2026, communications services providers stand to make $17.9 billion by delivering managed services to enterprise customers. Of that almost $18 billion, $9.5 billion will come from automated security services. “Security automation is thus a large and high-growth opportunity for telcos and suppliers of innovative automated security solutions,” according to the report.

The benefits of automating security aren’t new. Human error remains the No. 1 cause of cloud misconfigurations and other flaws that lead to data breaches. Automating these processes can eliminate potential vulnerabilities.

Additionally, automating threat detection and response capabilities can help security analysts get ahead of the attackers instead of trying to limit the scope after a breach has already occurred.

Despite these and other benefits, however, automated security has been slow to take off. Appledore’s research suggests that this may be a turning point. “That’s the question we’re asking: Is it the time? Is it really going to happen? We believe there’s evidence that it is,” Lenahan said, pointing to a few significant changes in the security landscape.

First, the scope and frequency of cyberattacks has increased. “Ransomware has become a huge issue,” and traditional security approaches aren’t solving the problem, Lenahan said.

Additionally, as companies increasingly move to the cloud and adopt cloud-delivered services, the telco industry “is being dragged, kicking and screaming, to confront and adopt automation,” because manual security processes can’t keep up with the speed of cloud, he said.

And finally, there’s the cybersecurity skills gap. The United States alone has nearly a half-million unfilled cybersecurity jobs.

“Even if you wanted to spend the money, and we could get 1,000 monkeys on 1,000 typewriters, there aren’t enough trained security professionals to meet the growing need,” Lenahan said. “And that's unlikely to change.”

While this doesn’t bode well for the growing cybersecurity landscape, it does help push IT professionals and network operators toward automated security.

Security automation isn’t one thing, as the Appledore research points out. It happens across the IT landscape via auto configuring tunnels and firewalls as well as orchestrating security tools. And it also occurs at different points in the threat lifecycle, from automating identification and discovery to containing and remediating threats.

Appledore expects enterprises to consume a greater portion of their WAN and value-added services from communications services providers as managed services. This provides the opportunity to build security in, delivered as a service, at every function, Lenahan writes in the report. The opportunity to provide end-to-end managed security spans SD-WAN edge, security edge, SD-WAN overlay routes, WAN underlay capacity, and platform-as-a-service, and software-as-a-service.

And there are a few places where telcos can easily jump into the automated security market, Lenahan said in an interview with SDxCentral. “Start with three things that they’re already doing, and just make sure that they’re done well, and that they’re linked together,” he said.

First up: encrypt transmission paths within the enterprise VPN or the WAN services. Lenahan points to Nokia’s FP5 routing chip as a good example. Nokia claims the new chip can process encrypted traffic at up to 1.6 Tb/s line rates across multiple traffic flows without compromising on latency.

“The second thing is SD-WAN itself,” Lenahan said. Service providers can and should use SD-WAN to automate security at edge sites. Additionally, enterprise customers are increasingly looking for SD-WAN integrated with leading firewalls and other security functions.

“And the third is SASE, which could be delivered via SD-WAN,” he said.

There’s one more, Lenahan added — “the truly obvious one.” Push security and configuration settings automatically, via orchestration, as part of the operations process to eliminate back doors for attackers to exploit.

“The good news is that most of the major suppliers — the Cienas, the Ericssons, the Nokias, the Ciscos — do that,” he said. “It’s not exciting, it’s not sexy, and yet it’s foundation. It’s a necessary step forward.”