Managed Security Services Provider (MSSP) News: 05 November 2021
Each business day, MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
- The Content: Written for MSSPs, SOC as a Service (SOCaaS), Managed Detection and Response (MDR), eXtended Detection and Response (XDR) and MSP security providers — and those who need to partner up with such companies.
- Frequency and Format: Every business morning. Typically one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to Joe.Panettieri@CyberRiskAlliance.com.
A. Today’s MSSP, MDR, XDR and Cybersecurity News Alerts
1. United States vs. Ransomware Groups: U.S. Cyber Command head and director of the National Security Agency Gen. Paul Nakasone said that the U,S, had “conducted a surge” over the past three months to address the problem of ransomware attacks on US interests, Reuters reported. In a related move, The Department of State announced a $10 million reward for information leading to the “identification or location” of leaders of the DarkSide ransomware group, SC Media reported. Also, U.S. Central Intelligence Agency Director William Burns raised the issue of Russian cyberattacks during a rare visit to Moscow, where he met high-ranking security officials, Reuters noted.
2. CMMC Regulations and MSPs: A pair of new federal regulations that were posted — and then withdrawn — from the Federal Register could bring significant changes to the Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) program, SC Media reported. Meanwhile, a consulting firm called Prescott is assisting MSPs with CMMC compliance training and expertise.
3. MSP Software – Security: N-able has added more cybersecurity expertise to its board of directors, and formed a cybersecurity committee within the board. The latest addition is Microsoft security executive Ann Johnson, ChannelE2E reported.
4. Data Leak: An Australia-based marketing firm called Acquirely misconfigured an Amazon Web Services S3 bucket, and exposed data involving 200,000 people, according to VPNmentor.
5. Data Security and Compliance: TrustLogix, a Norwest Venture Partners portfolio company, has announced a Data Security Governance Platform. The platform unifies data security, privacy and compliance without sacrificing performance, the company asserted.
6. Fortinet Quarterly Results: Fortinet, which works closely with MSSPs and security-centric MSPs, announced Q3 2021 financial results. Key metrics to note include:
- Total revenue of $867.2 million for Q3 of 2021, up 33.2% compared to $651.1 million in the corresponding quarter of 2020.
- Net income of $163.1 million for Q3 of 2021, compared to $123.4 million in the corresponding quarter of 2020.
7. CyberArk Quarterly Results: CyberArk announced Q3 financial results. Key metrics included:
- Total revenue of $121.6 million, up 14% from $106.6 million in Q3 last year.
- A net loss of $29.1 million, compared to a net loss of $15.9 million in Q3 last year.
8. Research – Ransomware Security Training Gaps: Fewer than 40 percent of organizations offer their employees ransomware-focused security training, according to research from Entrust. SC Media summarizes the findings here.
B. MSSP, MDR and Cybersecurity Virtual Events and Conference Calendar
- Black Hat Europe 2021 (November 8-11, London)
- InfoSec World (November 9-10, Virtual)
- Qualys Security Conference (QSC) 2021 (November 15-18, Las Vegas and Virtual)
- @Hack (November 28-30, Saudi Arabia)
- SecurityWeekly Unlocked (December 5-8, Orlando, Florida)
- Bonus: MSSP Alert’s complete event calendar