Innovations in MSSP: Tying Together Tools and Processes

on May 4, 2018 |

I’ve been following the Managed Security Service Provider (MSSP) market for some time. I’m always looking for innovators and those who understand how to harness ‘big data’ to their advantage. MSSPs have two advantages that most stand-alone organizations will never have:

1) They securely collect a lot of threat, attack, exploit, and vulnerability data. The more clients, the more patterns become visible to the MSSP;

2) They become well-honed InfoSec teams willing to take on a very serious and real burden for their clients – usually across multiple vertical markets and regulatory compliance pressures;

Therefore, for those organizations who are under constant threat or just don’t have the resources to find the very best of breed talent and build their own secure operations center (SOC), an innovative growing MSSP is the way to go. So, in my research, I found Proficio. They began their MSSP business in 2010 with a lot of experience from running silicon valley hardware and software companies.

In fact, their Chairman of the Board and President, Tim McElwee told me that he and John Humphreys started doing Business Process Outsourcing (BPO) way before it was widely popular, hence the evolution into a great MSSP. In their journey to help well recognized players into Asia and the EU by leveraging outsourced sales, marketing and operations support, they found a lot of smart customers who owned a variety of new technology tools, but lacked resources and expertise in the delivery and integration of solutions for best practices in information security.

Leadership quickly seized the opportunity and partnered with long-time associate Brad Taylor who had a pedigree in the security information and event management (SIEM) technology. The SIEM and surrounding processes were the centerpiece of the new service offering where innovation was required to revolutionize the MSSP business. As a result, this visionary team grown over the years with a strong client-base, a 98% retention rate and well over 200 clients.

Proficio has grown from a humble one thousand square foot office and SOC to over 35,000 square feet of prime space in San Diego, Singapore, and Barcelona. They have a growing team of threat hunters, SIEM management experts and continue to focus on customer-driven growth across Asia, Europe and the US. They’ve launched a GDPR compliance initiative for the EU, added Splunk Services, while transforming their core offering to managed detection and response (MDR) all while maintaining an active streak of 28 quarters of growth.

What really caught my eye with Proficio is Tim’s passion for innovation. His sister-company effort CyberSight (http://www.cybersight.com) offers an incredibly innovative and easy to use endpoint security solution that actually stops next generation ransomware in its tracks. It’s designed to complement existing antivirus solutions and is an integral extension to Proficio’s MSSP offering, giving them a leg up on the competition by helping clients worry less about the latest ransomware threats.

As Tim said, “You can’t slow down the number of attacks, but you can predict what the next attacks might look like – from attack vector to vulnerable device and credentialed user. We share this in near real-time with our clients so they can begin to more proactively block tomorrow’s threat, today.” To me, this is a very exciting step towards breach prevention. If you are an organization from 500 employees up to 100,000, Proficio is ready to offer you a complete and compelling MSSP offering. Check them out at http://www.proficio.com.

About the Author

Gary S. Miliefsky is the Publisher of Cyber Defense Magazine (CDM). Gary is a globally recognized cybersecurity expert, inventor and founder of numerous cybersecurity companies, is a frequent invited guest on national and international media commenting on mobile privacy, cyber security, cyber-crime and cyber terrorism, also covered in Forbes, Fortune and Inc Magazines.

Miliefsky is a Founding Member of the US Department of Homeland Security (http://www.DHS.gov), the National Information Security Group (http://www.NAISG.org) and the OVAL advisory board of MITRE responsible for the CVE Program (http://CVE.mitre.org). Gary is a member of ISC2.org and is a CISSP®.

He’s frequently writing thought provoking articles at CDM and on LinkedIn as a Top 1% of all INFOSEC LinkedIn profiles and a Top 3% Globally on LinkedIn. Learn more about Gary on our website.

Show Buttons
Hide Buttons