SolCyber has emerged from stealth with $20 million in Series A funding from ForgePoint Capital, claiming to be the first modern MSSP for the mid-market. Venture funding for an MSSP is not unknown, but not common. It indicates that VC has confidence that the MSSP can grow into a sizeable firm.
This is certainly SolCyber’s intention. Scott McCrady, CEO at SolCyber, told SecurityWeek that he has global intentions, starting with the U.S., expanding into Europe, and then other areas of the globe. The money raised, said SolCyber in a statement announcing the investment, “will be used to extend its technology offerings, build market awareness, drive customer growth and support an aggressive hiring strategy.”
Central to the firm’s strategy is its use of a ready-made curated technology stack, including endpoint with EDR capabilities, lateral movement detection, advanced email security and active directory and admin exploitation prevention, wrapped in an MSSP Offering. This enables mid-market firms with inadequate security to move straight to a secure posture.
“We’re coming in with what we call a curated tech stack,” McCrady explained. “We’ve looked at the kill chain and examined how attacks are happening, and we’re bringing in five or six pieces of technology that cut across the kill chain to secure an organization in an efficient manner. We package that into an approachable way of buying it.”
So, considering a hypothetical firm with 300 employees, McCrady and SolCyber believe, “You need to get your employees trained a little bit (so, we include some phishing and security awareness training); you must have protection against advanced email threats because it is still the primary threat vector (so we include that); you need some really strong endpoint protection because that’s where the bad guy lands (and that is included); and then you need some basics around defending your Active Directory to protect privileged accounts and prevent lateral movement.
Our belief,” he continued, “is that if we can come in and provide this entire packet of technologies and wrap a good managed service around that, and price it in an easy and approachable manner, then we will make a big difference in the MSSP market.”
McCrady told SecurityWeek that SolCyber is not wedded to its own choice of security solutions. “If a firm already has a license to use a particular solution, we can absorb and manage that product,” he said.
The attraction of an MSSP provider for mid-market organizations has never been greater. Cyber threats are increasing. Ransomware is ubiquitous, and mid-range firms are attracting sophisticated gangs and even state-sponsored attackers trying to break into large enterprise supply chains. Cyber solutions are becoming more complex, more costly, and more difficult to manage; and finding and hiring qualified security professionals to run an in-house SOC is difficult. An MSSP can solve all these problems by providing both the technology and the expertise to use it.
“We know it is hard for mid-sized organizations to stay secure,” said McCrady. “There are thousands of security technologies and hundreds of providers. Trying to figure out how to build the right security stack is tough and time consuming. With attacks being ever more sophisticated we want to help simplify the challenge of securing an organization.”
What we provide, he told SecurityWeek, is a foundational security platform. “It is the basis for a good security posture. But clients can layer in additional security, and we offer a takeover service for those products.”
The basic premise for SolCyber is the immediate provision of a good security posture, which clients can expand over time as and when and if required.
Related: Goldman Sachs Leads $53 Million Investment in MSSP deepwatch
Related: The Symbiosis Between Public Cloud and MSSPs
Related: Reinventing Managed Security Services’ Detection and Response