Managed Security Services, Vulnerability Management, Threat Intelligence, Security Operations, Phishing, XDR

Managed Security Services Provider (MSSP) Market News: 18 December 2023

Each business day, MSSP Alert delivers a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.

  • The Content: Written for MSSPs and MSPs; threat hunters; security operations center as a service (SOCaaS), managed detection and response (MDR) and eXtended detection and response (XDR) providers; and those who partner with such companies.
  • Frequency and Format: Every business morning. Typically, one or two sentences for each item below.
  • Reaching Our Inbox: Send news, tips and rumors to Managing Editor Jim Masters: [email protected].

Today’s MSSP, MSP, MDR, XDR and Cybersecurity Market News

  1. SEC Breach Reporting Rule Now in Effect: The new SEC cybersecurity breach rule goes into effect today, requiring publicly held companies to report cybersecurity incidents that have a material impact on a company. The new regulation codifies the fact that cybersecurity risk is business risk. MSSP Alert covered the implications for MSSPs, MSPs and their end-user client companies in this story last week.
  2. Stellar Cyber, BlackBerry’s CylanceENDPOINT Partnership: OpenXDR provider Stellar Cyber is partnering with BlackBerry to deliver a comprehensive threat detection and response solution that enables managed security service providers (MSSPs) and enterprises to simplify their security stacks, increase productivity, and reduce the time it takes to detect and respond to cyber threats. As part of the agreement, the Stellar Cyber Open XDR platform leverages rich telemetry data from CylanceENDPOINT to swiftly identify potential threats, backed with built-in response capabilities that enable security analysts to streamline their threat detection and response process by taking remediation actions directly from the Stellar Cyber UI.
  3. NSA Guidance Recommends Cybersecurity Services: In response to an increase in cyberattacks to supply chains over the past five years, including targeted attacks of software supply chains, the National Security Agency (NSA) is releasing the Cybersecurity Information Sheet (CSI), Recommendations for Software Bill of Materials (SBOM) Management. This CSI says SBOM management should proceed in three steps. First, examine and manage risk before acquiring software. Second, analyze vulnerabilities after deploying new software. Third, implement incident management to detect and respond to new software vulnerabilities during vital operations. Sounds like an opportunity for MSSPs.
  4. AI Red Team Service: Cybersecurity service provider NRI SecureTechnologies, Ltd. has launched a new security assessment service, "AI Red Team," targeting systems and services using generative AI. In this service NRI Secure's experts conduct simulated attacks on actual systems to evaluate, from a security perspective, AI-specific vulnerabilities in LLM-based services and problems in the overall system, including peripheral functions linked to the AI.
  5. Cyber 60: Fortune Magazine released its “Cyber 60” list of the most important venture-backed startups that offer enterprise-grade cybersecurity solutions and that have not had an IPO, acquisition or other significant exit event. The list includes some names that are likely familiar to our MSSP audience including Arctic Wolf, Claroty, Exabeam, Huntress, Netskope, 1Password, Rubrik, Snyk, ThreatLocker, and Wiz.
  6. Acquisition: Global cybersecurity provider Exclusive Networks has acquired Consigas, another global cybersecurity services provider that specializes in Palo Alto Networks training and consulting. The acquisition marks an additional milestone in Exclusive Networks’ strategy to enrich its global services capabilities and enhance its global leadership in value added services to vendors, partners, and customers. Exclusive Networks’ service offerings provide vendors and partners with design, implementation, training, support, and management services for cybersecurity.
  7. The Return of QakBot: Months after an international law enforcement operation dismantled the notorious QakBot botnet, Microsoft’s Threat Intelligence team says they’ve identified a new QakBot phishing campaign distributing the same malicious payload. The report says the campaign began on December 11 and targeted the hospitality industry. Read the full story at SCmagazine.
Jessica C. Davis

Jessica C. Davis has spent a career as a journalist and editor covering the business of technology including chips, software, the cloud, AI, and cybersecurity. She previously served as editor in chief of Channel Insider and later of MSP Mentor (now part of Channel Futures). She was a key editor in the original MSP 501 list. She now serves as editorial director for CyberRisk Alliance’s channel brands, MSSP Alert and ChannelE2E.