Full-time chief information security officers, virtual CISOs and associated technology startups are popping up across the MSP software industry — leading a multi-year journey that is starting to deliver improved MSP industry security and enhanced risk mitigation.
On the people and process front – CISO Impact Expands: Meanwhile, MSP software companies are hiring and/or naming CISOs to oversee overall cyber-protection and risk mitigation. The effort extends from infrastructure, data and employee security all the way to software development best practices.
MSP Software Gets Serious About Chief Information Security Officers
Datto CISO Ryan Weekshas been in place since January 2017. Basically, the MSP-focused technology company ramped up its security team and associated best practices long before the Datto IPO of October 2020.
Kaseya 2021 hired FBI veteran Jason Manaras CISO. The hire came after Kaseya suffered a ransomware attack in July 2021. Manar previously was Assistant Special Agent in Charge for the FBI, overseeing all cyber, counterintelligence, intelligence and the language service programs for the San Diego office. Side note: Manar is scheduled to speak during this SC Media virtual event that runs Feb. 22-23.
N-ablenamed Dave MacKinnonas chief security officer just ahead of the company’s spin-out from SolarWinds in 2021. Also ahead of that spin-out, N-able carefully audited its code base and development practices to confirm the company was not hit by the SolarWinds Orion breach.
NinjaOnein February 2022 announced Mike Arrowsmith as its new chief trust officer to “take the lead on all security and IT initiatives for NinjaOne, with early priorities focused on scaling and aligning the company’s internal teams and resources.”
Whom did we miss? Drop me an email ([email protected]) and we’ll keep the executive in mind for future ChannelE2E and MSSP Alert content.
Virtual CISOs: MSPs, MSSPs and Software Companies
Meanwhile, the virtual CISO trend is also taking hold across the MSP market. Interestingly, the trend involves people as well as technology.
On the people side, it’s safe to say vCISOs are close cousins to the long-established vCIO trend in the MSP sector. Experts like Gary Pica of TruMethods have long evangelized the need for MSPs to offer virtual CIO services to end-customers — essentially, a trusted advisor to help SMB customers align their business and technology strategies for growth.
Yes, MSPs and MSSPs increasingly have vCISOs. For instance, Trusted Internet — a Top 250 MSSP for 2021 —aligns its project managers with vCISOs to scale its own business.
Meanwhile software startups are jumping on the vCISO trend. For instance, Cynomi has launched a Virtual CISO Platform for service providers and SMBs and $3.5 million in seed funding. The company plans to engage MSPs and MSSPs that want to safeguard SMB customer systems.
Where do we go from here? We’ll be seeking the next round of MSP security questions and answers at the Right of Boom 2022 conference in Tampa, which runs February 9-11.