Staying Ahead of Cybercriminals

CF: Is it a challenge helping partners stay ahead of cybercriminals?

ROrsi: They are great at what they do. This is what I love about working in my daily life with some of the best and brightest minds in cybersecurity. In the MSSP community, where they’re monitoring and managing multiple customer environments, and each one of those is the crown jewels, what the bad actors will always try to find are different avenues to get to those crown jewels. The partners we work with truly understand that, though. There’s no question in my mind in every conversation we’ve had is they take their own security posture very seriously. We add another layer, and my team specifically adds another layer of education and awareness on their own security practices when they join one of our partner programs. They get a dedicated team and it’s not just a business development team. They get an engineering team as well, and they go through a very detailed qualification and validation process so that there should be no keys stored anywhere, for example. We do a thorough audit and checking of all their procedures and how that works.

And there’s a reason why we’re checking for these kinds of things in their overall procedure. The weakest link in multilayered security posture is typically the human element. And so we definitely go through that process together. It is a journey, and we do stay in contact throughout the month with all these partners sharing best practices. In some cases, we get down to the tactics, techniques and procedures (TTP) level with these folks and we do say, “Hey, we are seeing something here, make sure you’re aware of this, and here’s what it looks like, the common patterns of how that kill chain typically looks and acts in the wild.