Insights from the 2019 Insider Threat Report

Here at Fishtech Group, we often talk about the fact that we are a data-driven cybersecurity services provider, because we believe that real solutions are driven by real data. That’s why we’re so excited about Haystax, a wholly owned subsidiary of Fishtech Group, releasing their 2019 Insider Threat Report with the help of Cybersecurity Insiders.

There are many powerful insights found in this report, and Haystax hosted a webinar to dig a little bit deeper into the findings of the Insider Threat Report!

In the meantime, let’s take a look at a couple useful items found inside.

The Growing Frequency of Insider Threats

Insider threats have evolved into some of the costliest and most challenging risks facing organizations today, and they are growing more frequent every day. Don’t just take our word for it. Directly from the report:

70% of the organizations surveyed think insider attacks have become more frequent in the past 12 months.


That should perk up the ears of every business owner. According to the report, these increasing insider threats were believed to be due to lack of employee training/awareness, increasing number of devices with access to sensitive data, and insufficient data protection strategies or solutions. But, wait a minute, these don’t really sound like malicious causes, do they? You may be on to something…

70% of businesses are most concerned about inadvertent or careless data breaches/leaks.


“Insider threats” often have the connotation of malicious employees willfully causing harm, but as this statistic shows, that isn’t always the case. Insider threats can occur due to carelessness or negligence, as well as by malicious actors. This really expands the potential pool of insider threat sources, and creates more chances for data breaches/leaks.

Without an effective insider risk mitigation program, your most vulnerable data is at risk, including customer data, intellectual property, and financial data. Data is a core strategic asset, and organizations need a plan in place to make sure their most vulnerable types of data are protected as insider threats become more common.

Insider Threat Solutions

One of the most exciting statistics we saw in the report ties directly into our month-long focus on Identity. When asked about what the most effective security tools and tactics to protect against insider attacks –

52% of organizations said Identity and Access Management (IAM).


If you are interested in the rest of the report, you can find the full Haystax 2019 Insider Report here.

As the month of August progresses, we will be focusing on ways Identity and Access Management can help you prevent insider attacks, along with how it can increase efficiencies within your business with on-boarding and off-boarding, among other Identity practices and philosophies.

Be sure to also catch the “ON-DEMAND: Insider Threat 2019 Report Results with Haystax and Cybersecurity Insiders” that took place earlier.

Low-cost prevention of your next cloud breach with Canary tokens

Help your organization avoid being the next Capital One cloud resource breach with this one weird trick that hackers hate.

Capital One has joined the ever-growing list of companies (including Facebook, Dow Jones, Netflix, and Ford) that have had data stolen out of improperly secured cloud resources.

“The perpetrator gained access to card application data of approximately 106 million individuals across the United States and Canada through a misconfiguration of a web application and not the underlying cloud-based infrastructure,” as told to Newsweek a couple of days ago.

It appears this attack involved exploiting a flaw in a web application to gain enough privilege to read the system’s instance metadata via the AWS API.  The metadata contained credentials to access the highly sensitive data outlined in the breach disclosure.

Instance metadata is a well-known, widely used, but only occasionally scrutinized feature that each AWS instance is deployed with. It is enabled by default to provide easily accessible information about the EC2 instances themselves and how they are deployed to an AWS account as a whole including any IAM credentials the instance needs to talk to other AWS services.

For a more in-depth look at this attack vector, check out this blog post from Redlock.

So how do you keep your company from falling victim to this same attack?  There’s a simple and extremely cost-effective solution that would have very quickly alerted Capital One (or others in the same situation) to the inappropriate access of their EC2 metadata: Thinkst’s Canary tokens.

Canary tokens can be thought of as a tripwire in environments, alerting security teams when accessed or executed without tipping their hand to the attacker. Canary tokens come in many different varieties and specifically include a token that notifies when EC2 metadata is accessed.

These tokens are very similar to a web bug, an object that can be placed within a web page or email that allows the creator to monitor user behavior.

Unlike a web bug though, Canary tokens are designed to have multiple personalities based on various deployment use cases, including an EC2 metadata Token. Once created, these tokens can be deployed by installing Thinkst’s Apeeper application to your EC2 instances, separated by region, with virtually no maintenance required.

With these Canaries in place, if an attacker then attempts to query the metadata of your EC2 instances, an alert will be triggered in real time, alerting you or your team of potential exploitation while also providing valuable information regarding the incident.

Apeeper can also be configured to run in three different modes depending on your environment’s architecture and security program needs:

  • Blacklist

Alert on certain paths that are queried

  • Whitelist

Do not alert on certain paths that are queried

  • All

Alert on all paths that are queried  

At CYDERES, we provide the best “blue team as a service” with our solutions for managed detection and response that include comprehensive coverage of both on-prem and cloud environments.

The CYDERES Cyber Defense Platform includes a wide range of technologies including Thinkst’s Canary tokens.  With Thinkst, you can have a whole flock of Canary token sensors deployed quickly.

With CYDERES, you can have those sensors monitored 24/7 by our award-winning Cyber Defense Center.  Our surveillance team can not only architect and deploy your Thinkst deception solution, we will actively monitor all of the security telemetry and events from your environment to quickly triage and respond to threats – freeing your precious internal security team to focus on enabling the business to move faster, but securely.

Bridge to DevOps: Further Reading

Throughout the past month, we have been putting a special focus on DevOps and how it can be a transformational part of your business. We’ve helped to define what exactly DevOps is, laid out what our phased approach to DevOps would look like for your business, and talked through some recent buzzwords surrounding security and DevOps. We hope you have gained some valuable insight into DevOps philosophies and practices during this recent close up.

To round out the month, we’re going to be focusing on some further reading materials if you want to dive a little bit deeper into DevOps as you plan your digital transformation. Here at Fishtech Group, we have been passing around a book written by three progenitors of the DevOps movement that may help put DevOps into context for you through a real-world application.

The Phoenix Project: A Novel About IT, DevOps, and Helping Your Business Win is set in a fictional company called Parts Unlimited. Written by Gene Kim, Kevin Behr, and George Spafford, the book gives the reader a small glimpse of DevOps and how companies can integrate different departments, like IT, to align with overall business goals rather than their own individual functions.

While we recommend reading the whole novel, there is one particular idea that can demonstrate how you can help foster a DevOps culture at your business, or at least get an idea of what it looks like when DevOps is implemented correctly. This is idea is summed up as “The Three Ways of DevOps” in the novel. Let’s break it down a little bit more by looking at each way individually.

The First Way says that work should always flow in one direction – downstream. In the novel, the First Way focuses on eliminating constraints and creating a fast workflow that moves from development, to operations, to IT, and then ultimately to the customer. The First Way looks at the system as a whole, rather than fixating on a specific department.

The Second Way looks to create, shorten, and amplify feedback loops. The Second Way integrates feedback, not only from the customers, but also from the different sectors of a company, like operations and development. Through the implementation of this philosophy, communication is increased, allowing for fewer surprises as work gets finished, and allows for faster changes.

The Third Way focuses on continued experimentation in order to learn from mistakes and achieve mastery. This philosophy augments the Second Way in that continued communication will allow you to experiment with more frequency to continue to take risks and find the best way forward through your DevOps practices. Without proper communication and experimentation, your business will not succeed or progress.

The Phoenix Project has been a great resource for our team to better understand the core concepts of DevOps, straight from minds of some of the creators of the movement. If you are wanting to learn more about DevOps in an easy-to-digest setting, think about picking this novel up and follow the DevOps journey of Parts Unlimited as they transform their business for the better.

If you are still looking for a few more resources to dive into as you continue to explore DevOps, we have a short list of recent articles that our DevOps team has sent our way that may help whet your appetite:

Of course, we are always open to talking DevOps and seeing how it can transform YOUR business for the better. If you would like to set up a consultation with our DevOps team, fill out the form below, and let us help guide you on your own Digital Transformation.

Cybersecurity Budget: Spend It Now, or Spend More Later

Equifax to pay up to $700 million in data breach settlement

Marriott faces a $124 million fine for failing to protect customer data

These are just a couple headlines that have come out over the last month regarding penalties for data breaches. How do those numbers compare to your current spend on cybersecurity? A recent social media post from a local CISO fostered some good conversation on the matter when he asked his research and advisory connections:

“Can you please provide a benchmark about the cybersecurity budget before and after a data breach [including fines incurred due to the breach itself]?”

In response to some of the growing dialogue that was stemmed from this inquiry, our own Founder / CEO, Gary Fish, chimed in with some simple, but powerful wisdom when it came to companies’ cybersecurity budgets:

“Spend it now, or spend more later.”

We often only see the enormous fine amounts posted in each subsequent article for each subsequent breach. While those numbers can be scary enough in their own rights, there are other factors to take into consideration.

You’re looking at extra time investments as you take care of the ramifications of the data breach.

You’re looking at legal expenses.

You’re looking at marketing costs as you try to repair your reputation. The list goes on and on.

All of a sudden, your budget allocation to cybersecurity doesn’t look so bad, does it?

We recently saw a prime example of the disastrous consequences of cybersecurity vulnerabilities as a data breach forced medical debt collector AMCA to file for bankruptcy protection.

They were hacked last year in a time period estimated to be from August 1, 2018 to March 30, 2019. In the aftermath of the breach, class-action lawsuits were filed, cybersecurity forensics bills grew exponentially, AMCA’s tarnished reputation led to an exodus of some of their most valuable business partners, and this ultimately led to AMCA filing for Chapter 11.

We know conversations around cybersecurity budgets can be difficult, especially if you have never experienced (or more realistically, haven’t realized you’ve already been compromised) any cyber attacks, or data breaches, but in an increasingly digital world, cybersecurity is more important than ever. Take it from Equifax and Marriott…

Fishtech Group has worked with companies of all sizes to help them grow a mature cybersecurity architecture and plan, delivering the right solution, the first time.

Fishtech Group is a data-driven cybersecurity services provider for any computing platform. Combining a group of holistic, data-driven cybersecurity solutions, we identify gaps and solutions to help organizations minimize risk, maintain compliance, and increase efficiency.

DevSecOps – Breakthrough? Or Buzzword?

In the beginning, the tech gurus created DevOps, and saw that it was good.

Next, buzzword nation went off and started creating ThisOps and ThatOps, and here at Fishtech Group, we saw that it wasn’t good.

One of the “Ops” iterations making its way onto the market and into the industry consciousness over the last few years is DevSecOps, which is essentially adding “security” into the previous combination of Development and IT Operations (“DevOps”).

You may have noticed that this is the first time we have mentioned anything about DevSecOps on our website. You may also be asking, “wait, aren’t you a cybersecurity solutions company? Shouldn’t security be a core focus of your offerings?” Of course!

So, why aren’t we providing “DevSecOps” alongside our DevOps offerings? Let’s clear a few things up.

Security in DevOps is a Byproduct of Quality

We talked a little bit in our previous “What is DevOps?” blog post about the pitfalls of buzzwords surrounding DevOps, and DevSecOps is a prime example.

While we don’t disagree with the primary principles of so-called DevSecOps, we think it unnecessary to make a new distinction and are wary of offerings of “DevSecOps” as if it’s a new and shiny thing you should divert your resources to.

With the invention of DevSecOps, it sounds like security is just now in consideration for DevOps principles and processes, but we beg to differ.

Security in DevOps is inherent.

Security in DevOps is implicit.

Without security, DevOps isn’t DevOps.

Security in DevOps is a byproduct of quality. If DevOps practices are implemented correctly, security will be there. But don’t just take it from us…

The Phoenix Project (The Experts Have Spoken)

Our team has been passing around a copy of The Phoenix Project: A Novel About IT, DevOps, and Helping Your Business Win, which was written by some of the progenitors of the DevOps movement, and they mention the inclusion of information security within the DevOps structure, without referring to such an organization as DevSecOps.

In fact, one of the primary writers, Gene Kim, was the CTO of a cybersecurity company for years before writing The Phoenix Project. If there was no distinction made by an originator of DevOps, who has extensive history in cybersecurity, we don’t think there needs to be one either.

We’ve done our own market research to look into what the unique aspects of “DevSecOps” really are. To be honest, they sound kind of familiar…

Automation Through CI/CD Pipelines

Time and time again, source after source brought up automation through CI/CD pipelines as a core tenant of DevSecOps saying that DevSecOps automates security within the DevOps workflow. In our experience this is already a key part of the DevOps philosophy.

As we’ve mentioned, DevOps practices focus on busting silos and automating process from all applicable teams, including IT Operations, Development, Security, and more.

That’s just what DevOps is.

The Focus Should Already Be On Security 

Furthermore, these sources mention that “real DevSecOps” needs to place an emphasis on empowering teams to improve security practices for quick review and approval processes that leave an audit trail and meet compliance requirements. We agree!

But, again, this is something that we believe is already covered in DevOps practices and principles.

Let us again clarify that we find nothing wrong with the ideas behind DevSecOps. Security is supremely important. Our belief is simply that putting a new name on established practices to spin up new business isn’t the right approach.

In Conclusion

Rest assured! While you may not see “DevSecOps” in our offerings, security is still a top priority as we guide organizations through total digital transformation utilizing a DevOps perspective.

DevOps may go by many names, but true DevOps bakes security into every process, principle, and toolset.

It’s time to embrace the DevOps revolution and see the speed-to-value ramp up in your organization. Let silos be a thing of the past and learn how to continuously and reliably deliver value to your customers faster.

DevOps truly provides the purest form of Digital Transformation.

Buzzword Bingo with Eric Foster & Rick Holland

Recently we were excited to welcome Rick Holland, CISO and Vice President of Strategy from Digital Shadows, to sit down with our own Eric Foster, COO of CYDERES to discuss a wide range of topics across the landscape of cybersecurity.

Check out their fascinating discussion around:

  • DevOps
  • Purple Team
  • AI & ML
  • The “Cloud”
  • The state of SIEM
  • And more …

Bridge to DevOps: Our Unique Approach

We believe DevOps is MORE than a buzzword.

We’ve seen it revolutionize the way our customers deliver speedy value to their customers.

We’ve seen silos busted and teams working more efficiently to innovate securely.

Now that we’ve discussed the history of DevOps and how traditional organizational structures are being revamped for exponential increases in efficiency, let’s take a moment to look at how we approach the implementation of DevOps principles and practices in your organization.

DevOps is more than a practice, it’s a cultural shift. It’s important to take each unique aspect of your organization into consideration as you proceed through every step of this transformation.


DevOps success looks different for every organization while maintaining the same overall tried and true principles of success.

Therefore, the first step in an effective DevOps reorganization strategy is always to take time analyzing what success looks like for your organization and what exactly your core objectives are.

For example, identify a specific targeted process we want to improve. Next, how will we know if we have improved it, or if we’ve actually made it worse? Identifying metrics and KPI’s are crucial in measuring success.

Once we define measurable goals for this project’s timeframe and scope, actionable steps can be set as we progress in shifting the overall culture.


In order to truly sow the seeds of cultural change within the organization, it’s critical that the key personnel are deeply involved and accountable to the process.

Each of these people should be involved in deciding:

  • What are the business objectives we can focus on during the course of this project?
  • What are the requirements that we must keep in mind?
  • Who are the main groups/stakeholders that should be interviewed to gather intelligence?
  • Which of these stakeholders are the most sympathetic to this shift?


This phase involves ascertaining the crucial intelligence needed to begin the transformation towards an effective DevOps culture.

It can and will be painful – silos will be revealed, lack of efficiency highlighted, redundancy and bottlenecks discovered. Keep in mind the goal is not to focus on the negative, but to isolate what’s keeping your organization back and apply the principles to change.

Iterate and improve! That concept is essential to the core of DevOps.

As your DevOps advisor, we will ask fact-finding discovery questions like –

  • In the targeted process, what are the steps, even if loosely understood?
  • How do you track/confirm the success of your process? (e.g. what, if any metrics exist to track the success of this process)
  • Where is significant re-work generated or received?

With all of this analysis of current toolsets and other relevant information, a thorough review of organizational processes can be compiled.

PHASE FOUR: Develop DevOps Structure

At this point, several key processes have been identified to be in need of serious adaptation or to be removed and replaced altogether!

The key personnel involved can continue to work with this data and, with the help of your DevOps advisor, develop detailed recommendations for moving to a CI/CD pipeline. This includes evaluating your technology stack for stability and efficiency moving forward as new benchmarks for success are created.

The new DevOps structure is beginning to take shape, and because the right people have been involved in the discovery and analysis phases, they will have a clear cultural buy-in to lead the new DevOps charge.

PHASE FIVE: Documentation & Execution 

The analysis and conclusions of each of the previous phases culminate in an executive summary that the DevOps advisor will deliver with detailed recommendations for immediate and ongoing execution.

This involves clear and documented process instructions, training on the various new or augmented toolsets, and redefined roles and responsibilities for those involved.

The end result is really no end at all, rather a commitment to ever increasing efficiency and speed to value, constantly innovating and growing your DevOps culture.

Have a question about any of these phases and how a Fishtech-led DevOps workshop can benefit your organization? Put our industry-leading expertise to work for your business, and watch pure digital transformation unfold.

Bridge to DevOps: What is DevOps?

Breakfast + Lunch = Brunch.

Chilling + Relaxing = Chillaxing.

Some of the best things in life are fusions of two equally great things in order to make something that’s even better. That’s why this little equation has us very excited:

Development + IT Operations = DevOps

Sure, many talk about “DevOps” with various definitions and in many different applications. But is there anything real behind all the buzzwordy hype?

From the tested and delivered value our customers are experiencing – the answer is a resounding YES.

This month we plan to cut through the language and illuminate the real value that a genuine DevOps practice (and overall culture) can bring to any organization.

Let’s start with the basics.


What exactly is DevOps?


Our DevOps model is defined as “a set of practices and cultural patterns designed to improve your organization’s performance, revenues, profitability, and outcomes.” We believe that having a DevOps approach is important for every modern business in an increasingly technological world.

Companies can no longer afford to specialize in their industry alone. The pizza war proves it: Every company today is a technology company. From 2010 to 2019, Domino’s share price rose 3,405 percent. Some of their competitors only saw a fraction of that share growth. Why?

Domino’s understood that they needed to be a technology company first and a pizza company second. They put a number of applications into place to allow their customers to easily order a Domino’s pizza from multiple devices and multiple platforms including via text, Twitter, and Amazon’s Alexa. This is a prime example of a company embracing technology as a core part of its business.

As organizations continue to embrace digital transformation, how should their various teams be structured? How can DevOps principles help increase the speed, efficiency, and value they bring to their customers?

Next, to show you the value of DevOps and how it can transform your business, let’s take a look at the traditional organizational structure of an IT organization.


Traditional Organizational Structure Inefficiencies


Traditionally, the organizational structure of a team implementing changes would be:

  • Dev Group / Application Team
  • Network Team
  • Security Team
  • QA Team
  • Other smaller teams

These are all separate teams working on their own goals… and not working together. Any changes requested may take weeks to go through all of the various silos. With so many moving parts and red tape, things never seem to get done. This is the traditional place that DevOps arose to address.


DevOps is the DevOpposite


Organizations using a DevOps approach have small cross-functional teams that include all of the skill sets mentioned above. These could be assigned per project or product. These cross-functional teams allow for a better implementation of a Continuous Integration/Continuous Delivery (CI/CD) pipeline and can lead to faster go-to-market strategies. When you bust the silos of traditional IT organizations, you don’t have to wait for each separate team to complete their tasks before moving a project along.

So, what is the ideal DevOps team structure? It can be different for every team, and different practices may be more ideal for your business objectives, and where you are at in your digital transformation. Ideally, working with a highly knowledgeable team of experts that can analyze your current situation and how best to move forward would allow you to adopt DevOps practices and principles in a tangible way that can help you achieve your goals, and keep DevOps away from the buzzword garbage bin.


DevOps… More Than a Buzzword


Hear it from James Grow, Fishtech Group’s Director of DevOps and Security Automation:

“It’s almost become a buzzword, and it’s kind of a tragedy, but knowing what DevOps is about, and then adopting those concepts helps us to scale, automate, and improve our culture, employee satisfaction, and most importantly, help deliver faster value to our customers.”

Utilizing a consultative approach, Fishtech Group covers the tools and processes needed to implement a DevOps practice while addressing the necessary changes to adopt new toolsets, processes, and training for all facets of an IT organization.

It’s time to embrace the DevOps revolution and see the speed-to-value ramp up in your organization. Let silos be a thing of the past and learn how to continuously and reliably deliver value to your customers faster. DevOps truly provides the purest form of Digital Transformation.

The Speed of Chronicle: “It’s Like Google… for Business’ Network Security”

Changing Cybersecurity for Good.


A bold tag-line for Alphabet Group’s new security arm, Chronicle. After working deeply within their Chronicle platform, we believe it’s absolutely true.

CYDERES, Fishtech Group’s Security-as-a-Service division, has been tapped as one of Chronicle’s initial partners worldwide trained and licensed to deliver managed detection and response services for its new Backstory platform.

Today we’re going to zoom in and focus in on one particular powerhouse feature of Backstory … speed. But first, for the uninitiated:

What is Chronicle?

Born from X, Google’s “moonshot factory” intent on solving the world’s most intractable problems, Chronicle is a new company within Alphabet (Google’s parent company). Like Fishtech Group, Chronicle is dedicated to helping companies find and stop cyber attacks.

What is the platform?

Chronicle was built on the world’s biggest data platform to bring unmatched capabilities and resources to give good the advantage. Essentially, “It’s like Google Photos but for business’ network security” says Stephen Gillett, Chronicle’s CEO. But what makes Chronicle different? What gives it an edge in the cybersecurity space?

The Speed of Chronicle

With the incredible resources of Alphabet, including Google’s vast computing and cloud storage infrastructure, Backstory is able to process information at speeds previously unheard of in the cybersecurity space.

In the last several months since Chronicle’s launch, we’ve seen a repeated theme in rooms of CISOs as we demonstrate its’ capabilities – often leading to “holy sh*t” moments – as we showcase how unbelievably fast automatic analysis through Backstory can help analysts filter through and understand security telemetry … all in a matter of seconds.

Yes, that’s right – not 4 hours, not 4 minutes, even faster than 4 seconds to search through petabytes of data.

“Backstory can handle petabytes of data, automatically”  so you can find threats faster and spend more time actually remedying issues.

To demonstrate, here is a quick video demoing Backstory.

Now, let’s do an easy experiment to help us make a comparison. We’re going to highlight something you’re probably so used to seeing that it doesn’t register to you anymore.

  1. Go to
  2. Type in “Google Chronicle”
  3. Look at the top of your screen

What do you see? Google kindly spits out a few numbers detailing their speed.  As of this posting, we received 384,000 results in .56 seconds. That’s a lot of data, very quickly. That’s the power of Google.

Chronicle offers up similar speeds, but with a different focus.

Whereas Google is focused on web data, Chronicle is focusing on your security telemetry. Because it’s built on Google’s infrastructure, no matter how much data you’re working with, Chronicle can scale to your needs, without sacrificing valuable time. This infrastructure, along with strategic automation allows for Backstory to:

  • Handle more volume, including petabytes of data.
  • Provide automatic analysis to help your analysts understand suspicious activity in seconds, not hours.
  • Automatically connect user and machine identity information into a single data structure, giving you a more complete picture of each attack.

All of these factors amount to a huge asset for your organization – speed to value, speed to clarity, speed to security. Even major cyber thought leaders are “absurdly enthusiastic” about the solution.

Why CYDERES with Chronicle?

Powered 100% by Chronicle, CYDERES is the human-led and machine-driven 24-7 security-as-a-service operation of Fishtech Group.

We supply the people, process, and technology to help organizations manage cybersecurity risks, detect threats, and respond to security incidents in real-time.

“Chronicle is Google for your security data,” says Eric Foster, CYDERES COO. “We are the Backstory experts.”

With our dedicated personnel, we can bring the speed of Backstory and the power of 24/7 managed detection and response to protect your organization from the next big digital threat.

If you would like to learn more about the power of CYDERES and Backstory, let us know by filling out the form below. We’re excited to show you how we can help stop today’s alert from becoming tomorrow’s incident.

How SMBs achieve enterprise-grade cybersecurity

Winning at cybersecurity is difficult for today’s large enterprise. It’s more so for smaller operations.

Meet payroll, develop products, schedule benefits. With the long task list in mid-size enterprises, cybersecurity all too often falls by the wayside.

Every business is a technology business. Unfortunately, this puts small to mid-sized execs in an especially tough spot when it comes to cybersecurity. They often don’t have the architecture (the people, processes, or technology) in place to properly or efficiently secure their organization.

The threat of compromise looms large. The struggle to meet compliance requirements is real. And the distraction from the core business affects the bottom line.

Truth: Cybersecurity is every organization’s Achilles heel. The advantages of online commerce bring perils that absolutely need to be addressed. That’s why leveraging the cloud and shoring up security is imperative to a prosperous future.

Outsourcing to overcome financial hurdles

Outsourcing allows mid-size businesses to take advantage of the same kinds of tech resources that large companies have in-house. Cost-effectiveness is the biggest advantage, as medium-sized businesses would need to dedicate at least $1-2 million to stand up a security operations center (SOC) with three shifts of three analysts each, plus backups.

A partner with virtual SOC capabilities, by contrast, can offer superior 24/7 security for a fraction of the total cost of ownership — due to economies of scale, reliance on cloud infrastructure and deployment of AI techniques. Partnering with an outside provider is the best way for mid-level orgs to obtain enterprise-level security while maintaining focus on their core business.

Enterprise-grade security for all

We believe every organization deserves and needs enterprise-grade security. And we understand mission critical. Cybersecurity concerns are no less significant to the CEO of a smaller enterprise. It’s a huge stressor that detracts from the company’s mission.

To avoid downtime and disruption, mid-size orgs can’t afford to put off cybersecurity architecture assessments. With a roadmap of actionable findings — and a trusted partner, mid-size execs can focus time and talent on the company mission.