Channel investors, Channel partners, Content, MSSP

MSSP Appalachia Technologies Buys NIST Compliance Consultant Stronghold

Credit: Getty Images

Appalachia Technologies, a Top 250 MSSP, has acquired National Institute of Standards and Technology (NIST) compliance specialist Stronghold Cyber Security (SCS), according to a prepared statement.

This is M&A deal number 396 that ChannelE2E and MSSP Alert have covered so far in 2020. See the full M&A deal list here.

With SCS, Appalachia will provide an end-to-end security compliance offering, the company stated. Appalachia will initially deliver a compliance readiness assessment and eventually provide remediation, IT management and security monitoring.

A Closer Look at Appalachia and SCS

Appalachia offers a variety of cybersecurity services, including:

  • Security assessments
  • Vulnerability scanning
  • Penetration testing
  • Managed threat detection and response
  • Firewall, virtual private network (VPN) and perimeter security

Appalachia helps organizations build a cybersecurity roadmap and find ways to improve their security posture, the company noted. It also offers a security operations center (SOC) that monitors, manages and responds to security events across customer environments.

SCS is a cybersecurity consultant that specializes in NIST 800, Cybersecurity Framework (CSF) and Cybersecurity Maturity Model Certification (CMMC). It offers regulatory compliance, penetration testing and cyber risk management services and custom cybersecurity programs.

VMware, BPM Acquire Compliance Specialists

M&A involving compliance specialists has been steady. For instance, VMware in May 2020 purchased Octarine, which specializes in Kubernetes security and compliance, while BPM acquired security, compliance and incident response services provider Adhere Inc in 2019.

Compliance is a priority for global organizations, and cybersecurity companies may increasingly acquire compliance specialists, so they can support these organizations. Meanwhile, tools also are available to help organizations comply with cybersecurity requirements.

For example, security testing and risk rating provider ImmuniWeb offers a free website security test. Organizations can use this test to verify Payment Card Industry Data Security Standard (PCI DSS) requirements and content management systems security and run a privacy check.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.