Appalachia Technologies, a Top 250 MSSP, has acquired National Institute of Standards and Technology (NIST) compliance specialist Stronghold Cyber Security (SCS), according to a prepared statement.
This is M&A deal number 396 that ChannelE2E and MSSP Alert have covered so far in 2020. See the full M&A deal list here.
With SCS, Appalachia will provide an end-to-end security compliance offering, the company stated. Appalachia will initially deliver a compliance readiness assessment and eventually provide remediation, IT management and security monitoring.
A Closer Look at Appalachia and SCS
Appalachia offers a variety of cybersecurity services, including:
- Security assessments
- Vulnerability scanning
- Penetration testing
- Managed threat detection and response
- Firewall, virtual private network (VPN) and perimeter security
Appalachia helps organizations build a cybersecurity roadmap and find ways to improve their security posture, the company noted. It also offers a security operations center (SOC) that monitors, manages and responds to security events across customer environments.
SCS is a cybersecurity consultant that specializes in NIST 800, Cybersecurity Framework (CSF) and Cybersecurity Maturity Model Certification (CMMC). It offers regulatory compliance, penetration testing and cyber risk management services and custom cybersecurity programs.
VMware, BPM Acquire Compliance Specialists
M&A involving compliance specialists has been steady. For instance, VMware in May 2020 purchased Octarine, which specializes in Kubernetes security and compliance, while BPM acquired security, compliance and incident response services provider Adhere Inc in 2019.
Compliance is a priority for global organizations, and cybersecurity companies may increasingly acquire compliance specialists, so they can support these organizations. Meanwhile, tools also are available to help organizations comply with cybersecurity requirements.
For example, security testing and risk rating provider ImmuniWeb offers a free website security test. Organizations can use this test to verify Payment Card Industry Data Security Standard (PCI DSS) requirements and content management systems security and run a privacy check.