“We realized early on that the most effective way to reach business groups in need of advanced cybersecurity was through managed services and the MSP community. We saw the opportunity to provide enterprise-level security operations and SIEM services to business groups affected by emerging compliance requirements.”
Overcoming Obstacles
Like most companies, navigating the Covid-19 pandemic was difficult for SOCSoter. As Pinto recalled:“Not only were the mechanics of operating a security operations business difficult during a time when everyone was dispersed, but also understanding the impact of a fairly immediate global workforce. As a team we made some serious pivots, and a few bets, in preparation for what was to come.”
“Our partners have spent a lot of time, effort, money and manpower to build a portfolio of tools that best sync with their overall strategy — endpoint protection, managed access, authentication, network filtering, etc. Most security groups are largely dismissive of tools outside their stack, and at minimum they may not ‘play well’ together. This forces partners to rip and replace tools that are otherwise deployed across their fleet to satisfy the needs of a handful of clients that require advanced services.”
SOCSoter’s Focus on Education and Partnerships
Pinto notes another “smart move” in 2022 was in education — building an entire business group around compliance. As he explained:“Our services include a level of depth and understanding in complex compliance challenges that we don't generally see as a focus in the MSP space. Most MSP partners might argue that HIPAA is the biggest challenge, but in the last year there are several state and federal level requirements that affect business groups of all size and across a number of verticals.”
“Most customers have built trust in their service providers and the subject matter experts when it comes to technology,” Pinto said. “Unfortunately, what you knew in terms of requirements yesterday may not be the correct strategy to move forward. Education and outreach have become an integral part of our strategy in engaging the community.”
“Our focus was on the tech bits and bytes and not in helping translate the message downstream,” Pinto said. “Our pivot towards better educating the partner and efforts to help engage the customer directly is a big step in the right direction.”
“It was important to think about the tools that are widely adopted in the (small and medium-sized business) SMB space,” Pinto said. “We recognized the value that we could bring to the table in monitoring relevant security information, access controls, and log details. Partners can bridge security operations with the systems most valued at the customer level.”
The Road Ahead
There is an inherent responsibility for any business group that manages or maintains sensitive material to not only secure it but to be aware of who has access to it and when, Pinto asserts. And this cuts a direct path for 24/7 security operations, compliance management and incidence response.“We look forward to the opportunity to continue to provide these services in partnership with the MSP community for a fair price point,” he said. “If we can empower a new crop of thought leaders in the MSP community, we will all benefit from it.”