Explaining SOCSoter’s business focus, Eric Pinto, senior director of Channel, said:
“We realized early on that the most effective way to reach business groups in need of advanced cybersecurity was through managed services and the MSP community. We saw the opportunity to provide enterprise-level security operations and SIEM services to business groups affected by emerging compliance requirements.”
Pinto noted that the federal NIST 800-171 compliance specifically impacted U.S. Department of Defense (DoD) contractors. Thus, as an MSSP headquartered in Maryland, the volume of small manufacturers serving the DOD community in the region alone was “staggering.” At that point, says Pinto, there were very few groups serving advanced cybersecurity tools to meet those requirements.
Like most companies, navigating the Covid-19 pandemic was difficult for SOCSoter. As Pinto recalled:
“Not only were the mechanics of operating a security operations business difficult during a time when everyone was dispersed, but also understanding the impact of a fairly immediate global workforce. As a team we made some serious pivots, and a few bets, in preparation for what was to come.”
SOCSoter further refined its platform to embrace M365, Azure, Google, AWS, and other cloud-based business productivity suites. They continued this effort into 2022 through expansion of its API infrastructure and doubled down on its bet on cloud services. Explaining this business evolution, Pinto said:
“Our partners have spent a lot of time, effort, money and manpower to build a portfolio of tools that best sync with their overall strategy — endpoint protection, managed access, authentication, network filtering, etc. Most security groups are largely dismissive of tools outside their stack, and at minimum they may not ‘play well’ together. This forces partners to rip and replace tools that are otherwise deployed across their fleet to satisfy the needs of a handful of clients that require advanced services.”
SOCSoter has made the commitment to support these third party efforts. As such, the MSSP has strengthened partnerships with a wide range of best-of-breed technologies and are allowing its partners to continue to bring them to the table. The result, says Pinto, has been a better understanding of the tools available and deeper insight into the networks they are securing.
“From a SOC perspective, more data equals more information about the concerns that impact our end clients,” he said.
SOCSoter’s Focus on Education and Partnerships
Pinto notes another “smart move” in 2022 was in education — building an entire business group around compliance. As he explained:
“Our services include a level of depth and understanding in complex compliance challenges that we don't generally see as a focus in the MSP space. Most MSP partners might argue that HIPAA is the biggest challenge, but in the last year there are several state and federal level requirements that affect business groups of all size and across a number of verticals.”
One of SOCSoter’s focus areas is in helping business groups understand the vast array of concerns that may impact them, and helping service provider partners understand the role that they play.
“Most customers have built trust in their service providers and the subject matter experts when it comes to technology,” Pinto said. “Unfortunately, what you knew in terms of requirements yesterday may not be the correct strategy to move forward. Education and outreach have become an integral part of our strategy in engaging the community.”
All organizations face challenges and certainly some may be self-inflicted, and SOCSoter is no different. SOCSoter may have misfired when it launched a platform of capabilities, network, cloud, endpoint, vulnerability, says Pinto, “without really helping partners to understand the ‘why’ of it all.”
“Our focus was on the tech bits and bytes and not in helping translate the message downstream,” Pinto said. “Our pivot towards better educating the partner and efforts to help engage the customer directly is a big step in the right direction.”
For example, SOCSoter’s Multi-Signal platform is designed to incorporate threat intelligence gained through external sources. A key piece of this strategy is built upon strong partnerships with industry leading solutions.
“It was important to think about the tools that are widely adopted in the (small and medium-sized business) SMB space,” Pinto said. “We recognized the value that we could bring to the table in monitoring relevant security information, access controls, and log details. Partners can bridge security operations with the systems most valued at the customer level.”
He noted that SOCSoter API connects to the entire Cisco stack (including DUO, Umbrella, and Meraki), Microsoft 365, Defender, Azure, Google Workspace, AWS, SentinelOne, Sophos, Cylance, Huntress and others.
The Road Ahead
There is an inherent responsibility for any business group that manages or maintains sensitive material to not only secure it but to be aware of who has access to it and when, Pinto asserts. And this cuts a direct path for 24/7 security operations, compliance management and incidence response.
“We look forward to the opportunity to continue to provide these services in partnership with the MSP community for a fair price point,” he said. “If we can empower a new crop of thought leaders in the MSP community, we will all benefit from it.”