Content, Breach, Channel partners, Content, Security Program Controls/Technologies, Security Staff Acquisition & Development, Channel investors

Managed Security Services Provider (MSSP) Market News: 22 March 2023

Alert icon isolated on Abstract design bright red banner background

Each business day, MSSP Alert delivers this quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.

  • The Content: Written for MSSPs and MSPs; threat hunters; security operations center as a service (SOCaaS), managed detection and response (MDR), and eXtended detection and response (XDR) providers — and those who partner with such companies.
  • Frequency and Format: Every business morning. Typically, one or two sentences for each item below.
  • Reaching Our Inbox: Send news, tips and rumors to Managing Editor Jim Masters: [email protected].

A. Today’s MSSP, MSP, MDR, XDR and Cybersecurity Market News

1. CISA News: The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) has released Identity and Access Management Recommended Best Practices Guide for Administrators. In addition, CISA held its sixth Cybersecurity Advisory Committee meeting on March 21, where Director Jen Easterly swore in new members and highlighted how their expertise will provide insight into how CISA can protect the nation’s critical infrastructure from increasing cyber threats.

2. Leadership Move: GreenPages has promoted Josh Dinneen to president, who will remain chief revenue officer while reporting to CEO Ron Dupler. Dineen joined GreenPages as president of Strategic Services in 2018 following its acquisition of Norwell Technology Group, where he served as president and CEO.

3. Thought Leadership: Kaspersky has released new survey results showing that one third of crypto owners in the U.S. have experienced theft of their currency or other assets, at an average cost of $97,583. The findings are part of a new report, “Crypto Threats 2023,” based on a survey of 2,000 American adults in October 2022.

4. Funding Boost: dope.security, a secure web gateway provider (SWG), has closed a $16 million series A funding round led by Google Ventures. dope.security will use the funding to accelerate the adoption of the "industry’s first fly-direct SWG, introducing improved performance, privacy and reliability to the cybersecurity space all at the click of a button," the company said. The funding brings dope’s total amount raised to $20 million.

5. RSA Conference Names Contest Finalist: RSA Conference has announced the 10 finalists for its 18th annual RSAC Innovation Sandbox contest. The competition calls on the most promising young companies in cybersecurity to demonstrate their technologies to a panel of judges and live audience at RSA Conference 2023 in San Francisco on April 24.

6. Industry Recognition: StrikeReady, an AI-driven security company, has been named a winner in multiple categories at the 2023 Cybersecurity Excellence Awards. StrikeReady was honored in the Case Management, Risk-Based Vulnerability Management, and Security Management and Operations categories for North America, as well as the Security Virtual Assistant and Threat Intelligence Platform categories. The company also took home an award for Best Cybersecurity Startup.

7. Product Launch: Vumetric Cybersecurity, a penetration testing services provider, has launched its Penetration Testing as-a-Service (PTaaS) platform. Designed to simplify and modernize cybersecurity assessments for organizations of all sizes, the PTaaS platform provides self-service capabilities that allow organizations to schedule and manage assessments on-demand.

8. Google Suspends China's Pinduoduo: Google has suspended the Play version of PDD Holdings' Pinduoduo app for security concerns after malware issues were found on versions of the Chinese e-commerce app outside Google's app store, a company spokesperson said. (Source: Reuters)

9. Cybersecurity Research: New research from CybSafe found just one in 10 employees remember all their workplace security training. CybSafe said that the data demonstrates that employees are forgetting infrequent training. Also, 20% of respondents who received daily and weekly training remembered all of it. However, only 9% of people who received training annually, quarterly and monthly said the same.

10. Cyberattack Thwarted: Abnormal Security reports that it recently observed an attempted vendor email compromise attack that sought to steal $36 million from the target. The company describes how it detected and stopped the attack.

B. Annual In-Person MSSP and Cybersecurity Conferences

Jim Masters

Jim Masters is Managing Editor of MSSP Alert, and holds a B.A. degree in Journalism from Northern Illinois University. His career has spanned governmental and investigative reporting for daily newspapers in the Northwest Indiana Region and 16 years in a global internal communications role for a Fortune 500 professional services company. Additionally, he is co-owner of the Lake County Corn Dogs minor league baseball franchise, located in Crown Point, Indiana. In his spare time, he enjoys writing and recording his own music, oil painting, biking, volleyball, golf and cheering on the Corn Dogs.