Each business day, MSSP Alert delivers a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
- The Content: Written for MSSPs and MSPs; threat hunters; security operations center as a service (SOCaaS); managed detection and response (MDR) and eXtended detection and response (XDR) providers; and those who partner with such companies.
- Frequency and Format: Every business morning. Typically, one or two sentences for each item below.
- Reaching Our Inbox: Send news, tips and rumors to Managing Editor Jim Masters: [email protected].
Today’s MSSP, MSP, MDR, XDR and Cybersecurity Market News
1. Leadership Move: Concertium, a managed cybersecurity and IT services provider, has appointed Robert Atherton as CEO. Concertium has also recently expanded its portfolio of security and compliance services, created a new security operations team, and is also expanding its customer success, sales and marketing teams to provide additional support, the company said.
2. Free Access to Source Code Offered: Coalfire, a FedRAMP (Federal Risk and Authorization Management Program) advisory and assessment organization, has granted the open-source community free access to its source code, architecture and documentation. By reducing barriers to entry to the dominant security framework for federal contractors, Coalfire's RAMP/pak open-source package creates new opportunities for thousands of cloud service providers who previously couldn't afford to enter or expand into government markets, the company said.
3. Leadership Appointments: FTI Consulting has made two leadership appointments to its cybersecurity practice, Hans-Peter Fischer as a senior managing director and Frank Damm as a managing director. The hires mark an expansion of FTI Consulting’s cybersecurity capabilities in Germany and further develop its offering in Europe, the Middle East and Africa, the company said.
4: Guidance for CISOs: The Aspen Institute’s US Cybersecurity Group has released new guidelines for how organizations can equip their information security teams to handle both the evolving threat landscape and their broader corporate responsibilities. The Evolving Role of the CISO: More Than Just Security charts the expanding nature of this C-Suite position, following its trajectory from back of office to front of house, with a particular focus on strategic institutional risk.
5. Industry Recognition: AMATAS, a cybersecurity managed services provider, has received CREST Penetration Service Provider certification. CREST certification is the hallmark of excellence in the world of penetration testing and signifies that AMATAS has met stringent standards for conducting comprehensive and effective penetration tests, the company said.
6. Funding Round: Cyviation, a cybersecurity company focusing on aircraft security, has announced an additional $4 million in funding as part of a larger round and is expected to enter Series A in 2024.
7. Company Expansion: Rapid7, an extended risk and threat detection specialist, has announced the opening of its Prague, Czech Republic office. The new location will serve as a hub for technical talent and innovation and the future home of a new security operations center. Rapid7 also plans to partner with local universities to recruit the next generation of security professionals and contribute to pushing the city forward as a hub of tech growth.
8. Malware Alert: The Lazarus Group, a cybercrime gang linked to the North Korean government, has been named as the perpetrator of an attack against an unnamed Spanish aerospace firm, using a dangerous new piece of malware. Suspected Lazarus hackers used LinkedIn to contact employees at the unnamed Spanish firm. Posing as recruiters from Meta, the Lazarus operatives suggested downloading a pair of coding challenges. Those files were bundled with attack code that, when printed, triggered a payload and installed malware. (Source: The Register)