Socura CEO Andrew Kays describes his company as a born-in-the-cloud, remote, managed security services business:
“Being cloud-first and remote allows us to find and employ the best talent without the constraints of proximity to a physical location, while also reducing overheads, resulting in cost efficiencies that we can pass on to our clients.”
Recalling the company’s evolution, Kays said:
“Marc Chang, owner of the Block Technology Group, saw a gap for SOC services in Block’s core market, the UK National Health Service. Jamie, our CTO, who had worked for Marc previously, joined him from Palo Alto Networks at the end of 2019 to begin exploring what a modern SOC business could look like. I joined the team in March 2020, from Redscan/Kroll, the week before the U.K. went into lockdown due to Covid-19.
“We spent our first phase working out our operating model, technology choices, and hiring our initial analyst team. Part of our strategy was to have experienced SOC analysts be part of our SOC build, so it could be designed in a way that truly supported and enhanced their way of working.”
Building the Business
Key for Socura in its early days was making sure that what the team built was scalable and could deliver the quality outcomes we desired, Kays said. As such, the Socura aligned to CREST’s SOC Accreditation scheme, achieving their accreditation in August 2021.
Kays noted that Socura developed a specific managed detection and response (MDR)/managed SOC service to help the U.K. National Health Service (NHS) improve its cyber defenses during the Covid-19 pandemic, and gain access to a service that would have previously been outside their budget.
“The service was designed to integrate deeply and seamlessly with the local NHS teams, as well as their central ‘NHS Digital’ CSOC team,” Kays said. “We’ve built a unique offering around this concept, and it’s gained a lot of attention.”
Socura became the first managed services partner in the U.K. for Google Cloud’s Chronicle Security Analytics (SIEM) platform, a key UK partner for Palo Alto Networks’ Cortex Extended Detection & Response (XDR) and Security Orchestration, Automation & Response (SOAR) technologies, and added support for Microsoft’s Defender and Sentinel products.
These partnerships, Kays said, “demonstrated our commitment to the new generation of SaaS-delivered SOC technologies — the only way to deliver a scalable, modern MDR service. Since then, it’s been a whirlwind and we’re proud to be serving UK FTSE 250 companies, the U.K. National Health Service, U.K. government agencies, and a mixture of private clients in a variety of industry verticals, including insurance, manufacturing, construction, fintech, recruitment and marketing.”
Looking back at 2022
What were Socura’s smartest business moves of 2022? Kays offers his take:
“We made further investment into both our sales and customer service teams. This has made a huge difference to the business in terms of diversity of clients and opportunities and has supported continual service improvement around client onboarding and service reviews, all while freeing up time within the team to focus on developing our value propositions and eco-system of partners.”
One of those offerings is Managed SASE, which Socura brought in alongside its MDR offering. MDR and MSASE combined delivers a more comprehensive approach to protecting our client’s staff and systems, Kays noted. Now, the company is anticipating much of the MDR market will move in this direction and it’s a big growth area for Socura.
Kays said that Socura has stayed true to its original strategy of picking a few specialist technologies and partners to provide clients with a highly specialized service:
“That’s true even when that has meant turning down opportunities that would require us taking more of a jack-of-all-trades approach."
His only regret is that he would have expanded the sales team earlier.
As for key customer wins or alliances, Kays said:
“There are two key wins from the last year that really stand out. One was a large FTSE 250 company and the other a U.K. government department. We competed against some of the biggest MDR players in the market and managed to win both contracts using our partnership approach and demonstrating we could flex to meet their needs.”
What’s in Socura’s Future?
Looking ahead to 2023, Socura’s key priority is growth. Kays emphasized “sustainable growth, ensuring that we maintain the excellent cyber outcomes and service that we deliver for our clients today, whilst onboarding new customers in the future.”
He cautioned that security leaders face immense pressures that can impact SOC performance, information overload, burnout and talent retention. As he explained:
“We'll always look for ways to keep our analysts involved and engaged as we develop our technology and services. In cases where tuning is not possible, we'll continue to look to automation to remove as much manual work as possible."
Socura was “Highly Commended” in the Best Managed Security Service category of the SC Awards Europe 2022.
“As a young company for Socura to achieve this prestigious award amongst our well-established industry peers was a real honor,” Kays said. “We’re also considering further geographies outside the U.K."