Making MSPs into MSSPs
Ed Amoroso summarizes a recent technical discussion with Blackpoint on their MDR offer and how it can extend MSPs to MSSPs.

Making MSPs into MSSPs

The Wikipedia entry for managed services has its first reference to security at Word 345 of the narrative. When you Google managed services, the People-Also-Searched-For box lists cloud computing, data center, IT service management, outsourcing, and software-as-a-service, with no references to security. Suffice it to say, managed services from MSPs are viewed as broader and largely distinct from managed security services from MSSPs.

And yet, every cyber security practitioner in our industry preaches that IT infrastructure and enterprise protection must become more integrated – and that those stubborn silos between CISO and CIO-led organizations must break down. Adding cyber security as an after-thought, which involves retrofitting prevention, detection, and response controls into existing infrastructure, has always been a second-rate approach. It just doesn’t work well.

This interplay between managed services and security came front-and-center during a technical discussion today with Blackpoint Cyber, a Maryland start-up. My former AT&T colleague, Linda McGuigan, is connected to the team – and she urged me to listen to their story. After a lively discussion, during which I pushed hard on some of their bold claims, I got excited about their solution – especially in the context of making MSPs into MSSPs.

We began with a technical overview of the Blackpoint platform from Jon Murchison, founder and CEO. Blackpoint focuses on managed detection and response (MDR), which provides a safety net for the inevitable attack, probe, and breach attempts that evade cyber preventive measures. Such coverage is possible through a combination of network mapping, enterprise asset tracking, and lateral movement identification.

“Our platform supports security operations teams by making the live assets of an enterprise visible in real-time,” explained Murchison. “As a breach unfolds across a network, such visibility provides a window into the east-west traversal that is so typical of modern cyber breaches run by advanced actors to steal credentials, obtain intellectual property, or produce some other undesirable consequences for the targeted entity.”

I asked about how this extends to cloud, and Murchison explained that the Blackpoint platform can operate on-premise or in externally-hosted infrastructure. I also asked about typical deployments, and it sounded like Blackpoint has had considerable success with larger enterprise customers, especially outside the US. This makes sense, because lateral traversal in advanced persistent threats has been particularly nagging for larger companies.

But it was the discussion around Blackpoint’s intense focus on working with managed service providers that really piqued my interest. Murchison took me through their process of working with MSPs who want to offer cyber security services to their business customers. Apparently, the secret sauce involves integration of the MDR protection with the software management suite used by the MSP – which is often ConnectWise or ServiceNow.

“We make it simple for MSP partners to onboard the Blackpoint MDR solution to any managed IT environment,” explained Neville Gibson, Head of Channel Sales. “We work with them to deploy our agents to customer endpoints, and we can enhance this visibility with network taps that help identify evidence of exfiltration. The result is that we manage to transform an MSP into an MSSP, which is a win for everyone, including their customers.”

While this sounded like a good arrangement, I expressed concern that the MSP and MSSP marketplace is undergoing dramatic changes with virtualization and SDN-enabled services from carriers. And this can introduce business risk. But we all agreed that such change might also provide excellent opportunity as customers rethink their managed service contracts and arrangements. Empowering MSPs with new security services will help them compete.

If you are part of an enterprise team with the need to improve your post-breach MDR, or if you manage IT services for a living, then you are advised to connect with Blackpoint and listen to their story. For MSPs, in particular, the opportunity to transform your service suite to include advanced cyber breach response capabilities should be something on your 2019 list. (You can be certain that your competitors have it on theirs.)

As always, let us know what you learn.


Jan Zlotnick

Brand Strategist & Creative Director

6 年

Fascinating, Ed Amoroso and Linda T. McGuigan "... platform supports security operations teams by making the live assets of an enterprise visible in real-time." Real-time makes me take notice. With some graphics, your story (and I sense, you, yourself) would make a compelling, straight-forward (and more shareable) video.

Linda T. McGuigan

??Proven Executive builder of Enterprise sales leaders/teams and Enterprise Revenue Accelerator through savvy GTM strategies in the Enterprise Business arena ?CEO Advisor| Recognized Connection Strategist

6 年

Superb write up Ed. I am thrilled that you share my excitement for this product. And Jon is building a world class team to execute the vision. Very cool indeed!

Interesting read Ed. I’d like to know how they transverse east > west activity during a breach... is it based off of correlation of global intelligence or is it automation?

要查看或添加评论,请登录

Edward Amoroso的更多文章

  • Protecting the U.S. Bitcoin Reserve and Stockpile from Cyber Threats

    Protecting the U.S. Bitcoin Reserve and Stockpile from Cyber Threats

    As you no doubt have heard, plans are in place to establish a Strategic Bitcoin Reserve and Digital Asset Stockpile…

    13 条评论
  • Parable of Network Observability

    Parable of Network Observability

    I’d like to discuss here a common problem we see in our work at TAG every day – namely, the deployment of “network…

    23 条评论
  • Parable of the Cyber Industrial Complex

    Parable of the Cyber Industrial Complex

    Preamble In 1961, Eisenhower gave a famous speech that warned of the dangers of the so-called military-industrial…

    34 条评论
  • The Challenges of CISOs Working for Cybersecurity Vendors

    The Challenges of CISOs Working for Cybersecurity Vendors

    (Note to Reader: Normally these reports are available only to TAG Research as a Service (RaaS) subscribers. But with…

    27 条评论
  • Have Uncle Joe Read This Before He Invests in Crypto

    Have Uncle Joe Read This Before He Invests in Crypto

    I’ve been lecturing to my graduate students on the foundations of cryptocurrency and blockchain for years. Starting…

    15 条评论
  • Why TAG is Now Rating Cybersecurity Vendors

    Why TAG is Now Rating Cybersecurity Vendors

    by Edward Amoroso The first time I ever paid attention to an analyst quadrant – fully two decades ago, I found myself…

    11 条评论
  • Predicting the Impact of Trump’s Election on Cyber

    Predicting the Impact of Trump’s Election on Cyber

    Below are seven predictions from our team at TAG for how the recent Trump election of 2024 will impact U.S.

    83 条评论
  • Five Tips for Working CISOs

    Five Tips for Working CISOs

    Our team at TAG has been coaching CISOs for years – and this includes private discussions just about every day of every…

    11 条评论
  • The SEC is Weakening the Cybersecurity Posture of the United States. Here is Why.

    The SEC is Weakening the Cybersecurity Posture of the United States. Here is Why.

    Preface During May and June of 2024, draft versions of this article were shared with Chief Information Security…

    123 条评论
  • Sad Loss Today

    Sad Loss Today

    Several years ago, before the Pandemic, I received a friendly call from a law firm I’d done some business with – and…

    9 条评论

社区洞察

其他会员也浏览了