Key Takeaways:

• Deutsche Telekom is deploying IBM Concert to automate patch management and security orchestration across its hybrid cloud infrastructure.
• The AI-powered platform reduced patch time from 80 to 8 hours during pilot rollout, a 10x improvement.
• IBM Concert integrates vulnerability data, business rules, and automation workflows to cut manual effort and response delays.
• The collaboration addresses critical risk management challenges in a fast-scaling, AI-driven enterprise IT environment.
• IBM developed and validated the solution internally before launching it with customers like Deutsche Telekom.

---

Deutsche Telekom has selected IBM Concert to accelerate and automate its patching and vulnerability response processes, marking a significant move toward AI-powered security and operations at scale. The agreement, announced jointly by both companies, brings together one of the world’s largest telecom infrastructure providers and a leading enterprise AI and cloud software developer.

With cybersecurity threats growing in both frequency and complexity, telecom infrastructure providers are under pressure to secure vast, distributed systems without slowing operations. Deutsche Telekom turned to IBM Concert to help solve that challenge.

“Secure operating systems form the foundation for all applications, databases, and services that we offer our customers,” said Dr. Peter Leukert, Group CIO of Deutsche Telekom. “When it comes to patching, the time factor has taken on a critical role in the AI era. We were looking for a standalone solution that combines all the complex aspects of patch management and reliably automates everything.”

Faster Patch Cycles, Less Manual Coordination

According to the companies, IBM Concert enables Deutsche Telekom to reduce patching time from 90 minutes per instance to just 20 minutes. During the pilot, it helped the telecom provider cut its median time to patch critical vulnerabilities from 80 hours to 8—a tenfold reduction.

This acceleration matters. According to IDC, enterprises are on pace to deploy one billion additional applications globally by 2028, driven in part by AI. Each app brings new operational requirements and vulnerabilities. Traditional patching processes—heavily reliant on manual coordination between app owners, security teams, and operations—struggle to keep up.

IBM Concert automates many of those steps. It pulls data from security scans, system topologies, and CVE databases to generate a prioritized patching plan. It also creates change requests in systems like ServiceNow, initiates patch rollouts using tools like Ansible, and documents outcomes automatically in the ITSM system for compliance and auditability.

Concert’s AI Engine: Built for Complexity

At its core, IBM Concert is powered by watsonx and applies generative AI to streamline planning, approvals, and implementation. The system understands infrastructure dependencies, maintenance windows, and business impact, enabling Deutsche Telekom to coordinate updates across hybrid environments—including Microsoft Windows Server and multiple Linux distributions.

The solution was originally developed within IBM’s internal IT organization, which acted as its first customer (“Client Zero”) in tackling similar challenges at enterprise scale. After proving successful, the product was refined for broader deployment.

Steve Canepa, Global Managing Director at IBM, noted, “Security and trust are the cornerstones of success for all telecommunications companies. IBM Concert incorporates modern AI and automation technologies so that Deutsche Telekom can stay ahead of the dramatically escalating number and complexity of critical vulnerabilities.”

Foundation for Future AI-Driven IT Operations

As enterprise IT evolves, patching and threat response have become baseline requirements in a broader transformation. Deutsche Telekom’s deployment of IBM Concert reflects the industry’s move toward predictive and autonomous operations.

Dinesh Nirmal, SVP of IBM Software, described the shift: “By intelligently orchestrating and automating security-critical processes, clients like Deutsche Telekom can not only respond faster to new threats, but also use resources more efficiently. In doing so, they are creating a solid foundation for a future-proof, scalable and highly secure IT operating model with the help of AI.”

With AI adoption expected to drive up both application volume and system interdependence, Deutsche Telekom’s investment in proactive security automation may serve as a reference point for other telecom and infrastructure providers seeking speed and assurance without sacrificing visibility or compliance.

Learn how AI Agents can supercharge your company’s profits and productivity at TMC’s AI Agent Event, Sept 29-30, 2025 in DC.

If you liked this post, you’ll love one of the the leading global business communications and technology events since 1999, the ITEXPO #TECHSUPERSHOW, Feb 10-12, 2026 Fort Lauderdale, Florida.

Don’t forget the collocated MSP Expo – just for managed service providers!

Aside from his role as CEO of TMC and chairman of ITEXPO #TECHSUPERSHOW Feb 10-12, 2026, Rich Tehrani is CEO of RT Advisors and a Registered Representative (investment banker) with and offering securities through Four Points Capital Partners LLC (Four Points) (Member FINRA/SIPC). He handles capital/debt raises as well as M&A. RT Advisors is not owned by Four Points.

The above is not an endorsement or recommendation to buy/sell any security or sector mentioned. No companies mentioned above are current or past clients of RT Advisors.

The views and opinions expressed above are those of the participants. While believed to be reliable, the information has not been independently verified for accuracy. Any broad, general statements made herein are provided for context only and should not be construed as exhaustive or universally applicable.

Portions of this article may have been developed with the assistance of artificial intelligence, which may have contributed to ideation, content generation, factual review, or editing