CYDERES’s First Code-a-Thon: Collaboration and Competition

Last November, CYDERES hosted its first-ever internal code-a-thon and the response was overwhelmingly positive — almost the entire Engineering team participated and had a great time doing it. Don’t know what a code-a-thon is? In its simplest form, a code-a-thon (or hackathon) is friends and colleagues collaborating toward a defined goal. You probably are familiar with at least one famous outcome of an internal hackathon: Facebook’s like button.

Our talented developers and engineers enjoyed getting to stretch their skills and hang out together and, for that, they can thank CYDERES Director of Engineering Cassandra Varvel. We recently asked Cassandra a few questions about the event she organized with help from others in the organization.

Keep reading to learn more about the 2021 CYDERES Code-a-Thon and plans for the next one.

Q: What is a code-a-thon?

A: A code-a-thon is a two-day team-building event that brings individuals together to work collaboratively on an idea and/or build something in 24 hours without interruption that benefits the org. It can be an idea they’ve always wanted to work on or maybe something that interests them but hasn’t yet been prioritized for the company.

Q: Why did you host one here at CYDERES?

A: First, to build team unity – it gives the team an opportunity to spend time together and build relationships while flexing collaboration skills. Second, it allows the team to come up with an idea and then spend an entire day focused on that idea with no distractions or other initiatives to get in the way. The work produced is exceptional. Third, it allows the team to be recognized for their hard work and creativity, to showcase their incredible ideas and skills, and to be rewarded for it.

Q: Have you participated in a code-a-thon before?

A: I had not, however many of our Engineering team members had, so they had lots of great ideas and do’s and don’ts to provide. Researching how other organizations have had success in their code-a-thons helped as well.

Q: What are the benefits of working collaboratively this way?

A: Day-to-day, team members’ roles are already defined and work is chosen by priority for the organization. A code-a-thon allows individuals to be innovative and work on something that motivates and excites them. A lot of these ideas end up bringing great value to the organization. One of the awesome parts about it is that groups are often formed between individuals who don’t work together daily. This allows for fresh perspective and new ideas and discussion, as well as the opportunity to build relationships with members from other teams.

Q: What were the parameters and timeline?

A: Our code-a-thon was a two-day event. Leading up to the event, teams were asked to submit their ideas and member names. The first day was the “24-hour” coding portion where teams were able to discuss their ideas or build them out. During that day, we had snacks, meals delivered, a happy hour, and repetitive 90’s music (we eventually switched the Pandora station but it made for good laughs). The second day, the teams spent time presenting their ideas to the CYDERES executive leadership team who voted in the following categories: Business Value, Innovation, and Delivery and Enthusiasm. The top three winning teams picked from an awesome pool of prizes, graciously purchased by our organization.

Q: What were the winning projects?

A: All three winners are in the works for the organization. SaaSy is on our product roadmap, Action Figures is almost ready to be deployed, and Jira Jenie is in the works too. All three initiatives have had attention since the code-a-thon, and we’re super excited to work on them.

  • SaaSy – Ryan Williams, Jesse Reichel, John Irle
    Allows for self-service deployments of our custom data integrations.
  • Action Figures – Alex Harder, Blake Kobel, Troy Robertson
    A client-facing dashboard for displaying event and escalated case data to our clients.
  • Jira Jenie – Michelle Artist
    Templating and automated responses within our issue tracking platform.

Q: Any plans for another code-a-thon?

A: We wanted to test drive our first code-a-thon by keeping it within the Engineering group, but, after seeing its success, I would love to extend it out to our entire organization. It would be a great opportunity for even further cross-team relationship building and collaboration. There were lots of laughs throughout the event and tons of great memories made. Everyone would like to have another code-a-thon.

If you would like to learn more about CYDERES, fill out our form to be connected with one of our experts.

Shark Tank Star Joins Forces with Cybersecurity Visionary to Form New Industry Powerhouse


Contacts: Jennie Hanna, and Aaron Jamieson,

Shark Tank Star Joins Forces with Cybersecurity Visionary to Form New Industry Powerhouse

Kansas City / Toronto / London (December 30, 2021) — Award-winning cybersecurity solutions providers Fishtech Group (“Fishtech”) and Herjavec Group (“Herjavec”) are pleased to announce their merger, backed by funds advised by Apax Partners LLP (the “Apax Funds”). The two innovative companies will operate as a single entity under a new brand to be announced in early 2022. The Apax Funds will hold a majority stake in the new company while Robert Herjavec, Founder & CEO of Herjavec Group and star of ABC’s Emmy award winning ratings giant “Shark Tank,” and Gary Fish, Founder and CEO of Fishtech Group, will each maintain significant equity in the new business.

The deal brings together the complementary strengths of both organizations, resulting in an industry powerhouse with a broad, holistic suite of best-in-class managed detection and response capabilities (MDR), professional services, and identity offerings with a global perspective to address enterprise customers’ increasingly complex information security needs. Joining the forces of Herjavec, a market leader in cloud and tech-enabled co-managed SIEM, with Fishtech, a market leader in enterprise MDR, will allow the new company to provide customers with unparalleled security and cloud expertise, driving security maturity as a competitive differentiator via advanced technology and services across the industry landscape.

At the time of the merger, the new organization brings together more than 600 security professionals operating out of 6 security operations centers (SOCs): Kansas City, Toronto, London, Ottawa, Arkansas, and Bangalore. The combined company will have one of the largest managed security engineering teams under one roof – entirely dedicated to delivering innovative solutions to enterprise clients.

Robert Herjavec, founder of Herjavec Group, will serve as Chief Executive Officer of the combined entity. Gary Fish, founder of Fishtech Group, will serve as Chairman of the Board. They will actively work to continue their track record of customer-focused success. The financial terms of the transaction are not disclosed.

Founded in 2003 and acquired by the Apax Funds in February 2021, Herjavec has been recognized as one of the world’s most innovative cybersecurity firms and is currently ranked as the #1 MSSP in the world (Cyber Defense Magazine 2021 Top 100 MSSPs List). Fishtech was founded in 2016 to bring security to the cloud while identifying vulnerabilities and introducing next-generation solutions to help organizations minimize risk.

“We’re exceptionally proud of our results to date and even more excited about the growth to come,” said Gary Fish, CEO of Fishtech. “We’re honored that so many organizations trust Fishtech to be their managed solutions provider. With complementary offerings from Herjavec, we will transform the security industry globally.”

“We could not be more thrilled to join forces with industry pioneer Gary Fish, whom I have known for decades,” said Robert Herjavec, CEO of Herjavec Group. “We are very impressed by Fishtech’s MDR offerings and its proprietary platform built on Google Chronicle, which we consider highly differentiated. Jointly, we want to double down on the investment behind this market-leading solution and strengthen what are already deep partnerships. Having built one of the strongest tech teams in the industry and a leading portfolio of services, our customers will benefit from enhanced operations, getting stronger as we help accelerate their digital transformation.”

“We are truly excited by the combination of Herjavec and Fishtech,” said Rohan Haldea, Partner at Apax. “By putting together two best-in-class organizations, we are confident that the combined platform will become an undisputed leader in cybersecurity services in the enterprise segment and have an opportunity to redefine the market category.”

The Apax Funds, in partnership with the newly formed company’s management team, will help build on the companies’ impressive growth rates to date by enhancing international expansion efforts, continuing to invest behind differentiated technology and augmenting the talented team with additional threat intelligence and identity resources.

Polsinelli serves Fishtech Group as legal counsel and Kirkland & Ellis LLP is serving as legal counsel to Herjavec Group and Apax Funds. Momentum Cyber is serving as financial advisor to Fishtech Group and BKD, LLP as tax advisor in connection with the transaction.

About Fishtech Group­­­­
Fishtech Group is a leading current-generation service provider enabling secure business transformation. Fishtech’s experienced cybersecurity professionals plan, produce, and implement innovative solutions that ensure security and success. Fishtech focuses on threats so you can focus on your business. Founded and led by CEO Gary Fish, Fishtech Group includes the Security-as-a-Service division CYDERES (Cyber Defense and Response). Visit Fishtech.Group or contact us at
About Herjavec Group
Robert Herjavec founded Herjavec Group in 2003 to provide cybersecurity products and services to enterprise organizations. Herjavec Group has been recognized as one of the world’s most innovative cybersecurity operations leaders, and excel in complex, multi-technology environments. Herjavec Group has expertise in comprehensive security services, including Advisory Services, Technology Architecture & Implementation, Identity & Access Management, Managed Security Services, Threat Hunting & Management, Digital Forensics and Incident Response. Herjavec Group has offices and Security Operations Centers across the United States, United Kingdom, Canada and India. For more information, visit or contact at
About Apax
Apax Partners LLP (“Apax”) is a leading global private equity advisory firm. For nearly 50 years, Apax has worked to inspire growth and ideas that transform businesses. The firm has raised and advised funds with aggregate commitments of more than $60 billion. The Apax Funds invest in companies across four global sectors of Tech, Services, Healthcare and Internet/Consumer. These funds provide long-term equity financing to build and strengthen world-class companies. For further information about Apax, please visit


Interview with Tim MalcomVetter, CYDERES Chief Technology Officer

There have been a lot of exciting developments on our CYDERES team over the past year, most notably with our 2.0 release of the CYDERES Cloud Native Analytics Platform. With so much going on, it can be hard to keep up. To help give visibility into what our CYDERES teams have been up to, and to help pass along information to organizations looking to start or improve their security programs, we sat down with CYDERES Chief Technology Officer Tim MalcomVetter to cover a lot of ground of what we accomplished in 2021, and to provide insight for priorities moving forward in 2022. Let’s get started!

No SIEM, No SOC? No Problem!

Many organizations that are just starting to develop their security programs may be tentative to engage outside organizations for vulnerability assessments or penetration testing without a proper SIEM or SOC in place. We can assist with out either of these so that you can move forward with important information on your vulnerabilities to get your program started on the right foot.

Why Unlimited Ingestion Changes Everything

Unlimited ingestion has not been the norm in the past for organizations looking to analyze their data for threats. With our partnership with Google Cloud Chronicle, we’re making unlimited ingestion a reality. Here from Tim why this new approach changes everything.

Bring All Your Data! (And How We Normalize It)

We’re not only expanding data ingestion from a raw storage standpoint. We have also developed our solutions to allow for our customers to bring in data from all of their disparate sources, and create an easy-to-use platform to allow an incredible amount of visibility, enabling our customers to have full insight over their digital domain.

Why Should Organizations Trust MSSPs?

Some organizations don’t have the resources to fully bake out a security program internally. MSSPs can be a much needed boost in people, process, and technology where an organization may otherwise be lacking.

Critical Questions When Securing Endpoints

Traditionally, endpoint security has been focused mainly on ingress security controls, or what’s coming into the network. A more modern approach may need to focus more on egress security controls, or what’s leaving. Tim talks about this, and other critical questions when security endpoints.

How to Get the Most Out of MITRE?

At CYDERES, we’re really big fans of the MITRE ATT&CK framework. Hear Tim talk more about how to get the most out of MITRE.

CNAP 2.0 – What’s the Point?

CYDERES CNAP, or our Cloud Native Analytics Platform, has recently received a 2.0 update, bringing with it new features that are create immense value for our customers. Tim talks about the origins of CNAP, and some of the new features that have been brought on board with 2.0.

What Limits the Best Blue Teams in the World?

Tim comes from the Red Team world and offers up some of his past experiences to highlight what limits the best blue teams in the world, which may not be what you think!

How Adversary Tactics are Evolving

Adversary tactics have been changing from early days of credit card breaches, which may require an immense amount of work and learning your environment, to newer tactics which allow financially-motivated actors to reach their end goal of getting paid faster. Tim explains some of these tactics in detail.

Priorities for 2022 and Beyond!

As the year begins to come to a close, you may be thinking about what your security priorities will be for 2022. Tim dives into a few areas that he has seen gaining steam with our customers.

Check Out Our Job Openings

Interested in joining our team? Check out our job openings on our Careers page!

Do you have any questions about CYDERES and our managed security solutions? Fill out the form below to be connected with one of our experts.

Black Friday / Cyber Monday Safety Tips

Black Friday and Cyber Monday have both continued to grow over the years and have really cemented themselves as staples of the holiday season. Not only that, but their influence is felt far beyond their respective days.

Case in point: try counting the number of Black Friday commercials on any given evening throughout the month of November. The promotions are starting earlier, the discount codes are being given away like candy… We’re even starting to see officially named “PRE-Black Friday Deals”, allegedly unrelated to the discounts to come.

Companies have also refined how they operate their sales, especially given the events of last year. Black Friday has taken cues from its illustrious younger sibling and offered better and more robust options for online shopping, as opposed to the in-person doorbuster deals of years past.

With all of these cyber deals taking the forefront from in-person shopping, it’s important to review best practices for shopping online. Cybercriminals continually take advantage of this time of year, using the increased activity to their benefit. Should you choose to do your deal hunting online, take a moment before the rush to brush up on some easy ways to keep yourself safer before you push “purchase”.

In today’s blog post, we have put together a few tips to help you protect yourself as you shop from the comfort of your couch. Here are a few Black Friday / Cyber Monday Safety Tips:


Using a debit card allows cyber criminals direct access to your bank accounts. Using payment options with added layers of protection is key to reduce your risk while you shop. Try using a credit card or a third party like PayPal or Venmo.


Many cyber criminals are using the flood of Black Friday emails from retailers to send their own copycat versions with malicious links. Beware of links and attachments in the emails you receive. Hovering over links can help show you where exactly each link is sending you to.


Make sure you are only shopping on a secure connection. Shopping online requires you divulge sensitive information, like credit card numbers, addresses, and more. You don’t want this information visible to outside eyes. When you are shopping online, make sure you are on a private network, or are using your cellular data plan to stay secure.


Many online retailers require you to create an account to purchase items, which includes creating a password. It may be easier to use the same password everywhere, but should that retailer be breached in the future, many of your other accounts are now susceptible. Use a variety of passwords to mitigate your overall risk.


Before shopping til you drop, make sure your device’s software is up to date. From your operating system to your web browser to your password manager and beyond, take some time to ensure you have the latest versions for security’s sake. Outdated systems are often littered with vulnerabilities, so you’ll want to fully update to block cyber criminals from gaining access.


We’ve recently covered how to achieve better security for your organization through 2-step or multi-factor authentication, but many online retailers give individuals the option to ensure all logins (and even final order submissions) are secured through confirmation via a secondary device. Sending an authorization code to your phone or email may be a momentary inconvenience but compared to dealing with stolen credentials is a very worthwhile use of time.

With so much excitement surrounding Black Friday, Cyber Monday, and the holiday season in general, it can become easy to overlook the basic tenants of cyber safety. Follow these tips, and use common sense to stay safe as you shop. Have a happy Thanksgiving, and stay safe this weekend!

Talking Security Operations with CYDERES Chief Operating Officer Mike Wyatt

Modern threats require modern security operations. This is a topic we have covered a number of times over the past year. In fact, we presented at the Google Cloud Security Summit on this very subject. In that presentation, our CYDERES Chief Technology Officer Tim MalcomVetter, and CYDERES Chief Operating Officer Mike Wyatt spoke broadly about the top security challenges modern organizations are facing, and how we’re developing and implementing proven, modern solutions for our customers.

For today’s blog post, we put together a few videos from our interview with CYDERES COO Mike Wyatt, including items that were outside of the scope of the original presentation, in order to give you an even fuller insight on what modern security operations look like, and how you can utilize our expertise to help you combat the modern threats of today. If you have any questions, fill out the form at the bottom of the page to be connected with one of our CYDERES experts. Let’s get started!

What are the Top Security Challenges of the Modern Risk Landscape?

Many organizations are hearing a lot of noise surrounding modern cyber threats, and can get lost trying to make heads or tails of where to prioritize their efforts. CYDERES Chief Operating Officer Mike Wyatt discusses some of the top security challenges of the modern risk landscape to help illuminate a few priorities to keep in mind.

Why Does As-A-Service Make Sense in Today’s Environment?

Once priorities have been established for organizations in the modern risk landscape, many are left wondering how to proceed with how to adequately protect themselves. Partnering with an MSSP can open up so many possibilities as you tap into the expertise and resources found within managed security that may be difficult to leverage in-house.

Unlocking 24/7 Response Capabilities

One of the key components that MSSPs can unlock for your organization is 24/7 response capabilities. It’s one thing to be able to detect threats, but are you able to respond to them in pivotal moments, even in off-business hours? Mike expands on the benefits of 24/7 response capabilities, and on the value our EMDR offering brings.

Learn More, Act Faster with CNAP 2.0

Mike dives into our CNAP 2.0 offering and all of the recent additions that have helped make our Cloud Native Analytics Platform a powerful tool for organizations looking to modernize their security operations.

Winning Solutions that Leading Organizations are Adopting

We get a lot of questions regarding our partnership with Google Chronicle and how that is being leveraged to create winning solutions for leading organizations. Mike expands on the capabilities of Chronicle and how that leads to better results for faster identification of threats to your environment.

We’re Growing!

Interested in joining our team? We’re growing quickly and would love to have you on board. Visit our Careers page to see our current job opportunities.

If you have any questions, or would like to know more about CYDERES, fill out the form below to be connected with one of our experts.

Cybersecurity Awareness Month 2021 Recap

As October comes to an end, so too does another Cybersecurity Awareness Month. All month long we have been aiming to produce helpful and fun content to help our community and clients #BeCyberSmart.

We hope you were able to catch a couple of the items we released over the last 30 days, and that it empowered you to own your role in protecting your part of cyberspace. If you missed anything, we have you covered.

In today’s blog post, we’re looking back on each of the four weekly themes from Cybersecurity Awareness Month and highlighting a few of the pieces we released along the way. If you have any further questions about how you can do your part to #BeCyberSmart, reach out to us using the form at the bottom of this blog post. Let’s get started!

Week 1 – Be Cyber Smart

We set the table for the month to come during the first week of Cybersecurity Awareness Month, with the week one theme matching the overall theme for this pivotal month. We began to solicit questions from the community to prep for our end-of-month #AskFishtech webcast (more on that below).

We wanted to keep things fun while we helped our community learn more about cybersecurity. With this in mind, we put together a quick crossword puzzle. Let us know if you solved it!

Finally, for week one, we put together a Cybersecurity Quick Refresh Guide on our blog to highlight some basic, but important tips on how you can bolster your personal security to protect your information and access to your online assets.

Week 2 – Phight the Phish

For week two, we turned our focus to phishing and ways to combat this growing threat. For context, phishing incidents more than doubled in frequency in 2020 from 114,702 in 2019 to 241,324 in 2020.

We took the theme of “Phight the Phish” quite literally, and put together a comic strip with some helpful tips to combat phishing. Check it out!

Lastly, we sat down with CYDERES Chief Technology Officer Tim MalcomVetter to get his tips for CISOs tackling phishing in 2021 and beyond.

Week 3 – Explore. Experience. Share. (Cybersecurity Career Awareness Week)

For week three, we got to focus on something near and dear to our hearts – promoting cybersecurity careers! We have long been big proponents of school age children starting to look into all of the possibilities that the cybersecurity industry offers. In fact, the global cybersecurity market size is projected to grow from USD 217.9 billion in 2021 to USD 345.4 billion by 2026. That means a lot of job opportunities on the horizon!

To get a deeper insight on what some of the careers look like at our organization currently, we talked with CYDERES Chief Operating Officer Mike Wyatt to hear about the various roles found in our organization.

To highlight even more careers at Fishtech Group, we put together a quick collage from a recent employee appreciation night at a Royals game to show some of the faces of the real people that are working every day to protect organizations around the country from cyberattacks. This includes people from our engineering, legal, account, HR, and Marketing teams. See? It takes all kinds in the cybersecurity industry. Interested in joining us? Check out our Careers page.

Lastly, we put together a blog post to highlight many of our careers initiatives, from the grade school level, all the way to the seasoned professional, to shed more light on how anyone can get involved in the field. Learn more here.

Week 4 – Cybersecurity First

Finally, we touched on our final weekly theme, “Cybersecurity First”. On average, companies take about 197 days to identify and 69 days to contain a breach. The idea of “Cybersecurity First” is to help guide people to put more priority on cybersecurity practices continue to lower the chance for hard to detect breaches to take place. This proactive approach to cybersecurity will continue to be important as the modern business landscape continues to develop.

We again sat down with CYDERES Chief Technology Officer Tim MalcomVetter to get his thoughts on what a “Cybersecurity First” approach looks like.


To wrap Cybersecurity Awareness Month up, we brought in experts from all across Fishtech Group to answer all of the questions we received throughout the month to help bring like to the thoughts and concerns from across our community. Here is a link to check out this wonderful discussion.

Thanks for joining us for a recap of this amazing month. We hope you learned a lot, and found some practical ways you can #BeCyberSmart in the year to come. Join us again next year, same time same place.

In the meantime, if you have any further questions on cybersecurity for us, fill out the form below to be connected with one of our experts. See you next year!

Explore. Experience. Share. - Cybersecurity Careers Awareness Week

All throughout the month of October, we have been participating in Cybersecurity Awareness Month to help guide organizations and individuals on how to #BeCyberSmart. For week three, we have shifted our focus to Cybersecurity Career Awareness to highlight the individuals that are eyes-on-glass every day as experienced InfoSec professionals, and to also put a spotlight on ways aspiring professionals can get into the field and thrive.

Even as cybersecurity concerns have increasingly dominated international news, the talent shortage in the cyber industry has only grown over the past year.

Studies show that there aren’t enough skilled tech force workers to fill the jobs available now, much less to meet the increasing demand of the years to come. In fact, (ISC)2 estimates the cyber workforce needs to increase by 62% to meet demand as businesses invest in technology and cyber threats become more sophisticated. The Bureau of Labor Statistics reports that the industry will experience job growth of 31% between 2019 and 2029.

At Fishtech Group, we have prided ourselves on our focus on cybersecurity career development, from providing challenging hands-on opportunities for seasoned cyber career men and women, all the way to hosting mentorship events for area schools to help the next generation find their footing in this growing industry.

Below you will find a mix of resources all surrounding our ongoing commitment to advancing cyber careers. Browse through and be sure to reach out if you have any questions.

#AskFishtech Panel Discusses Cybersecurity Careers

We are gradually building our way to the next installment of our #AskFishtech webcast series at the end of the month, and we’re excited to tackle more great questions after the robust and interesting conversations that were sparked last time around. In fact, here’s a clip from last year’s #AskFishtech webcast with a couple members of our executive team chiming in on cybersecurity careers.

Hear from our own Chuck Crawford, Chief Customer Officer, and Kerry Kilker, Chief Operating Officer, as they talk about their experiences in the field, and discuss ways individuals can get started in cybersecurity.

Fishtech’s Commitment to Engaging Young Learners

Fishtech Group is committed to getting young people interested in cybersecurity. Raising awareness and interest is good for both our company’s mission and the industry overall. We’ve been at it so long that we’ve even hired one of our visiting students after he graduated recently!

And our efforts are being noticed. We were thrilled last month to receive a Corporate Hero Award from the Kansas City Central Exchange for our ongoing efforts to bridge the gender gap in cybersecurity.

Inspiring Tours of Fishtech Campus

After a quiet 18 months, we are happy to once again host students and teachers through our headquarters and Cyber Defense Center. We hold Q&A panels featuring our analysts and developers for the school groups. During Covid, we truly missed the interaction and opportunity to inspire — and be inspired by — these visits.

Each tour includes brief interviews with Fishtech Group employees, all from different parts of our organization. Employees each describe the work they do day-to-day, how their career path led them to Fishtech, and what training and education helped them be successful today. Often they will tell our student visitors that certifications and specialized training are great, but what truly makes a candidate stand out are so-called soft skills that our industry values, such as:

  • Passion and how to apply it to real-world problems
  • Curiosity and how to pursue lifelong learning
  • Creativity and collaboration
  • Ability to troubleshoot

Our recent community engagement includes a diversity of initiatives such as:

  • Hosted 70 adults and teens interested in a cybersecurity career with a Community Expert Panel
  • Toured 20 high school students who aren’t necessarily interested in cybersecurity but are on alternative learning paths
  • Counseled seven college students about next steps in their collegiate and cybersecurity career
  • Explored cybersecurity career choices with a group of math teachers seeking knowledge to mentor their students
  • Helped choose recipients for First Robotics grants to area schools
  • Kicked off KC STEM Alliance’s Remake Learning Days with an eye toward cybersecurity

We’re Hiring!

There are so many different roles that make up the broader cybersecurity industry, and chances are… We’re hiring for most of them. So, what are those roles exactly? We have been asking many members of our leadership team to highlight roles they are looking for so we can get to work recruiting the best of the biz.

Whether you’re actively looking for a new job opportunity, or you are new to the industry and want to learn about what some of the roles in cybersecurity actually are, check out a couple of the below videos to get insight into how these positions fit into our organization.

For more information on our career initiatives, fill out the form below to be connected with a member of our team.

Talking Insider Threat Detection & Response with Kirk Cerny, Senior Director of Insider Threat - CYDERES

Insider threats pose a complex challenge for most organizations.

Information security and IT departments are constrained by conventional network detection systems that don’t account for the distinctly human motivations behind such threats. Meanwhile, HR, legal and physical security teams lack the means to derive useful intelligence from cyber indicators. The result is that risky insiders often go undetected until after an adverse event occurs. That’s why we created our CYDERES Insider Threat Detection & Response solution, or ITDR, to address these common challenges.

In order to illuminate more about this game-changing solution, we talked to Kirk Cerny, Senior Director of Insider Threat at CYDERES to get the lowdown on ITDR, and a broader look at insider threats.

Intro to Insider Threat Detection & Response

CYDERES Insider Threat Detection & Response, or ITDR is a first-of-its-kind solution to help organizations combat the growing number of insider activities that are affecting organizations in adverse ways. ITDR seamlessly combines technical and human behavioral indicators within a single analytics platform, providing a unique blend of cybersecurity firepower and AI-driven behavioral analytics that enable SOC teams and their HR and legal counterparts to proactively mitigate their highest-priority threats.

Starting Your Own Insider Threat Detection Program

Don’t know where to begin with starting your own insider threat detection program? Kirk breaks down a good entry point and highlights how CYDERES can help get your insider threat detection program off the ground.

The Technical & Non-Technical Indicators of Insider Threat

Many insider threat programs focus only on technical indicators, but insider threat is not just a network problem, but a human problem. ITDR focuses on both technical and non-technical indicators to provide a more well-rounded and effective insider threat solution.

What Does a Whole-Person Approach to Insider Threat Look Like?

Kirk dives deeper into how non-technical indicators factor in to our “whole-person approach” to insider threat.

The Present State of Insider Threat

Insider threats are on the rise, and 2021 has been a year where many are either starting or bolstering their insider threat programs, as Kirk explains.

The Importance of Insider Threat Deterrence

Insider threat programs need to be much more than just responding to malicious activity. It is also important to put an emphasis on deterrence to reduce the likelihood that an adverse event will occur.

24/7 Insider Threat Mitigation

Staying on top of insider threats effectively can be a daunting task. With CYDERES, you have a team that is ready to assist 24/7.

Insider Threat Detection & Response

Ready to do address the human factor of cybersecurity? The CYDERES Insider Threat Detection & Response solution is built to provide you with a frictionless way to tackle the issue of insider threat within your organization.

To learn more about ITDR and insider threats, fill out the form below to be connected with one of our experts.

Cybersecurity Awareness Month 2021 – Quick Refresh Guide

Cybersecurity Awareness Month was launched by the National Cyber Security Alliance & the U.S. Department of Homeland Security in October 2004 and has been a continued focus in InfoSec communities each October since. On this first full week of October, we’re turning our focus toward spreading cybersecurity awareness to help members of our community and the organizations we serve do their part to #BeCyberSmart.

Each year, Cybersecurity Awareness Month is a call to action for individuals to own their role in protecting their part of cyberspace. At Fishtech Group, our mission is to lead organizations to a more secure future, but that security isn’t achieved by some vague corporate check box, but rather an every day, ongoing commitment from each and every one of us.

We each have a role to play in making sure we follow best practices to protect our devices and data to ensure the broader security of the individuals in our organizations.

We will be putting out new content every week for all of this year’s Cybersecurity Awareness Month themes. To start off this critical month, we wanted to highlight some quick tips in a “Cybersecurity Basics: Quick Refresh Guide” that will help to inform you about some basic areas of cybersecurity and lay the groundwork for your better overall awareness and understanding on the intricacies of cybersecurity and how you can #BeCyberSmart.

Cybersecurity Basics: Quick Refresh Guide

Ask any cybersecurity professional what the biggest threat is to a company, and most of them will say their employees, even if the threat isn’t intentional. Basic human error is a major contributing factor to 95% of security breaches (The Hacker News). Can you remember the last time you reviewed the login information for your personal and professional accounts or checked the security of your network connection? A few small changes just might save you from an account compromise.

Ready to implement a few upgrades to protect your information and access? Here’s your handy checklist of basic security features to add to or refresh your personal and professional accounts:

  1. Create strong passwords.
    • Ensure that your passwords contain upper and lowercase characters, symbols, and numbers. A random combination of these will make guessing your password and hacking into your personal accounts more difficult.
  2. Use at least two-factor authentication
    • Add an extra layer of protection to your login process by implementing one extra step. Instead of only submitting your login credentials to gain access to your account, set up a second method by confirming your access on a second device. For example, have a confirmation code send to your phone or email.
  3. Keep your software up to date
    • Ensure your operating system, applications and web browsers stay up to date by setting your updates to happen automatically. Many updates include security features, so it’s a good idea to stay on top of them!
  4. Backup your files
    • Be sure you have your important files backed up on an external drive or in the cloud. This way, if something unfortunate happens and you lose information on your device, you have it saved in another place.
  5. Be careful with public Wifi and Hotspots
    • Public wifi and hotspots are not secure internet connectors, so it’s easy to see the activity of others connected to the network. We recommend using a VPN and personal hotspot to access the internet instead.

We hope this handy checklist serves as a quick reminder of the basic, but necessary security practices. If you already have these in place, and we’re certain that most of you do, then a quick refresh won’t hurt. If you don’t, today is the perfect day to start!

Are you an organization looking to ramp up the basic security features you have in place? Our experts at Fishtech Group are standing by to help. Drop us a note below and our team will be in touch.

In the meantime, stay tuned through the rest of October as we continue empowering you to #BeCyberSmart this Cybersecurity Awareness Month. We’ll be back next week for a focus on phishing with ways you can better understand and fight back against these kinds of attacks.

Any questions? Fill out the form below to be connected with one of our experts.

Talking CYDERES Engineering with Cassandra Varvel, CYDERES Director of Engineering

Our Teams are Building a More Secure Future.

We have been incredibly excited by the launch of the CYDERES Cloud Native Analytics Platform (CNAP) 2.0 as we continue to bolster the already amazing capabilities of our strategic partner Google Cloud, and their Chronicle offering.

With Google Cloud’s recent announcements around Autonomic Security, the path to modernizing your security programs is clearer than ever. On their recent earnings call, Alphabet and Google CEO Sundar Pichai recently highlighted GC’s security offerings (incl. Chronicle) as their “strongest product portfolio” empowering their incredible growth.

CYDERES is proud to be one of Google Cloud Chronicle’s founding partners and preferred MSSP partners to deliver this solution.

With all of the excitement building around CNAP 2.0, we wanted to illuminate a bit more of the team that is working behind the scenes to develop these game-changing offerings. We recently sat down with Cassandra Varvel, CYDERES Director of Engineering, to talk about CNAP 2.0, the various parts of the Engineering organization, how we integrate with Google Cloud and Chronicle, and more.

CYDERES Engineering Team

Our CYDERES organization is built of many moving parts. Cassandra illuminates one of the pivotal pieces of the broader CYDERES organization: the Engineering Team. Learn about the various positions within the team, and what impresses Cassandra the most about this talented group.


CNAP 2.0 Benefits

CYDERES Recently launched CNAP 2.0, improving on the CYDERES Cloud Native Analytics Platform that has already provided so much value for our customers. Cassandra talks about some of the new benefits you can expect with this exciting launch.


How Does CNAP Utilize BigQuery?

CYDERES has been in close partnership with Google Cloud, and their Chronicle platform, to help bolster their already incredible threat hunting capabilities, and to provide one of the best answers to the issues of legacy SIEM. Learn more about how CNAP utilizes Google BigQuery and what we bring to the table to help make detecting threats easier than ever.


How is CYDERES Different From a Traditional MSSP

We pride ourselves in being different from traditional MSSP offerings. Cassandra talks about some of the reasons as to why we are a better alternative for those looking to move away from legacy managed security offerings.


The Power of TEAM

It’s important to build great teams that can trust each other and work well in collaborative environments, and we think our Engineering Team is one of the best in the business. Cassandra talks about some of the best aspects of the teams we have been building at Fishtech and CYDERES.


Work on Critical Client Solutions at CYDERES

It can be a daunting task to work in a cybersecurity company, but these challenges can be very rewarding as well. Cassandra talks about the excitement she feels when working on critical client solutions.


Join Our Growing CYDERES Team

Interested in joining our CYDERES team? Hear about some of the positions we’re looking to fill, and be sure to check out our Careers page apply for one of our amazing opportunities!



If you are ready to discuss CNAP, CYDERES Engineering, or any of our other offerings, fill out the form below to be connected with one of our experts.