I recently announced that I had accepted the role of VP of Sales for CyberMaxx, an exciting player in the MSSP/MDR space. I've been involved with cybersecurity for over 15 years and networking before that for almost as long. During that time, I have met and worked with many great people and wanted to share my thoughts about why I made the decision.
First, Why MSSP/MDR?
It's not new news that today's malicious actors are increasingly insidious, more technically proficient, better funded, and more dangerous than ever! Further complicating matters, organizations face increasing challenges due to difficulty hiring and maintaining skilled security professionals, managing the avalanche of data and white noise, adapting to changes driven by WFH employees, and the security vendor community's failure to solve these issues effectively.
An increasing number of security organizations turn to MSSP/MDR services providers to extend their capabilities, offload time-consuming operational activities, provide consistent security knowledge and skills, and partner to help defend against attacks and maintain compliance. An MSSP/MDR solely focuses on extending an organization's security capabilities and monitoring, managing and analyzing threat-related systems and data.
Knowledge, skillsets and best practices can be spread across multiple customers making MSSP/MDRs a reliable, cost-effective and highly effective partner to help overcome today's challenging threat landscape.
Today's MSSP/MDR landscape contains many players that fit into one of two camps: very large legacy players or new small entrants. The very large players tend to be heavy on marketing hype and branding but short on the flexibility required to truly help organizations. They have broad offers, but customers must adjust to fit what they have or entirely replace versus augmenting what customers have to help them be successful.
The newer players have opted for the 'quick' business model and adopted multiple end-user vendor products. The only integration/synergy is what they depict on a brochure. They do not design these products to be used as a service; they serve as just another security silo, albeit a services silo.
CyberMaxx is different!
Over the last 15 years, we grew in response to customer needs and have developed most of our capabilities internally to be used by us to provide optimum managed services to our customers.
Our network monitoring and security probes (includes IDS/IPS), our SIEM and log analytics, 3rd party vendor risk management, and our threat detection are all integrated and self-developed to provide optimal services. We have adopted and manage best-of-breed EDR (Crowdstrike) and Vulnerability Assessment (Tenable) and have combined their output and alerts with our overall capabilities. We have a stable, highly trained monitoring, IR, and threat detection organization staffing our SOC, some of which have been with us since the beginning.
The result is the most effective, flexible, and cost-effective capabilities in the industry.
We can assume the management of specific functional areas of need and/or augment our customers current capabilites, removing the tedious work and providing high fidelity, operational security monitoring, alerting, SOC operation, and incident response.
The stated goal of CyberMaxx is to "Make every customer a Hero within their organization." The CyberMaxx logo is a dog, our most loyal friend, for a reason. It signifies the CyberMaxx commitment to help our customers extend their capabilities, make their people, systems, and resources more effective, while helping customers meet their security and compliance goals. In other words, "Make Every Customer a Hero!"
And this is the answer to the first question I posed, why I joined CyberMaxx!