Patrick Garrity 👾🛹💙

Don't just detect cyberthreats, defeat them. The future of SecOps uses advanced AI to provide the tools and insights your team needs to combat threats head-on and protect your organization. Detect and respond to threats at the speed of AI – with Cortex XSIAM. Start here. https://bit.ly/4gcRrgE

26

Surpass evolving cyberthreats with expert insights and rigorous testing. Discover how Cortex XDR leverages machine learning to predict and neutralize threats before impact. Join our webinar to enhance your cybersecurity strategy.

26

1 Comment

Fuse your vulnerability scanner data with intel and enrichment from feeds like #EPSS, #KEV, MITRE ATT&CK, #NIST, and more. See how you can quickly enrich your data and mitigate your risk by identifying and remediating the highest risks to your business. Schedule a demo today: https://buff.ly/3O93JL2 #DarkLight #Cyio #Cybersecurity

5

Cato Networks DNS Security: Safeguarding Your Network Learn how to improve your security posture with Cato Networks DNS Security. Discover the power of Cato Networks DNS Security in this concise video. Learn how Cato provides advanced threat intelligence and real-time protection against DNS-based attacks. Explore the benefits of Cato DNS Protections, including simplified management and enhanced network performance. https://lnkd.in/ge5He7sG

12

Armis is uniquely capable of managing and prioritizing risk in complex higher education environments. Learn how Lehigh is using Armis to see, protect, and manage IT, IoT, OT, all the T's!

7

The ReliaQuest team is ready for RSA Conference 2024! Stop by Booth S-435 to learn how #ReliaQuest GreyMatter uses AI to enhance security operations by automating threat detection, investigation, and response processes. #RSAC #MakeSecurityPossible

248

6 Comments

What would it take for SailPoint to go public again? Bloomberg and Michael Novinson at ISMG did some solid reporting in the past week, breaking the news that Thoma Bravo is in the early stages of taking SailPoint public again. > Already?! They've only been private for two years! I know – this seems like it's defying the odds for a normal private equity transaction. It's defying the odds of the current IPO window, too. There hasn't been a traditional IPO for a pure cybersecurity company for 1,099 days and counting. SailPoint is anything but typical, though. I'm not convinced they even needed to go private. Here's what it would take to go public again: → Profitable growth and scale SailPoint was sitting at $495.4M of revenue (TTM), $429.5M of ARR, and 31% revenue growth as of their last public earnings report in June 2022. Its net income was -$61.6M as of FY'21 year end. Roughly speaking, the current IPO expectations are $500M+ revenue scale, 20%+ growth, profitability, and a clear path to $1 billion. If we project out SailPoint's revenue since going private at 30% growth, they're likely approaching $1 billion in both ARR and total revenue. This might be generous, but they're getting close at anything over 20%. Their losses got out of control, but they're in good shape if they can get net income back to pre-2020 levels (-$10M or lower). → A good story around their ability to compete with Okta, CyberArk, and Microsoft The narrative for a SailPoint IPO is pretty good right now: there is a unique opportunity in the identity security market right now. SailPoint is well positioned to capture it. Under Thoma Bravo's ownership, they've acquired PAM and third party access companies. This matches Okta's entry into the PAM market and puts them in a position to compete with CyberArk in some market segments. I'm a little surprised they didn't try to add SSO to complete the narrative of being a full workforce identity platform (and fully compete with Okta). They were in the middle of their transition from on-premise to SaaS (which probably drove them to go private). I've heard good momentum on SaaS adoption for new implementations. This has to be part of the narrative if they're going to go public again. → No strategic buyers at a higher price than an IPO A strategic acquisition seems like a long shot. At a $6.9 billion acquisition price in 2022, a strategic acquisition might require close to $10 billion – otherwise, an IPO could be a more attractive exit. Large and mega-cap tech companies are the only buyers who can realistically absorb an acquisition of this scale. Palo Alto Networks, CrowdStrike, and the rest of the pure cybersecurity companies aren't doing this big of an acquisition. There just aren't many buyers. I don't see SailPoint wanting to move to another private equity firm, either – there's too much mutual respect between Thoma Bravo and SailPoint for that. The only option here might be to go public.

65

Thoughts on Just-In-Time procedures and NIST SP 800-171 / #CMMC compliance... At Kieri Solutions - Authorized C3PAO , we figured out that people follow procedures best when they 𝘢𝘳𝘦𝘯'𝘵 𝘱𝘳𝘰𝘤𝘦𝘥𝘶𝘳𝘦𝘴. ??? Let me explain. You're onboarding a new user. To be compliant with #CMMC, your onboarding team needs to go through a convoluted process involving getting details about the new user, verifying NDA, background checks, training, requesting permissions, justifying permissions, reviewing permissions, authorizing permissions, creating accounts, creating records of the accounts, creating records of the permissions for the accounts, assigning expiration dates for each account, setting up a laptop, authorizing the laptop...!!! It goes on and on. If your strategy is to tell your HR and IT team that they need to perfectly follow a 70 step process on page 19 of ye old 𝐈𝐓_𝐏𝐫𝐨𝐜𝐞𝐝𝐮𝐫𝐞𝐬_𝐌𝐚𝐧𝐮𝐚𝐥, 𝘺𝘰𝘶 𝘮𝘪𝘨𝘩𝘵 𝘢𝘴 𝘸𝘦𝘭𝘭 𝘱𝘢𝘤𝘬 𝘶𝘱 𝘺𝘰𝘶𝘳 𝘣𝘢𝘨𝘴 𝘳𝘪𝘨𝘩𝘵 𝘯𝘰𝘸. The error rate will be upwards of 80%, unless you nag and threaten 😡 everyone constantly, in which case you might get down to an error rate of 30% (and your team will quit). Instead, if you use a combination of a well-designed Access Request Form and an Account Management database, all your team needs to do is remember to start with the correct form. 📝 The form should have fields and just-in-time instructions for each step of the process between HR and your IT Department. All your team needs to do is fill out each field in the form and they will complete the background screening, training, permissions, justifications, etc. naturally without nagging. Then, a well designed Account Management database helps your team manage the accounts long-term by including checks ◻️ for commonly-forgotten steps (like user agreements), next-review dates, annual training refresher dates, mapping the user to their supervisor, granular "should-be" permissions for both digital systems and facilities, and historic authorization notes. The last step for perfect procedures is a regular review to look for and fix errors. But again, if you want to be successful, don't expect your team to remember your dusty policies and procedures book in the corner. Instead, use a scheduled task, a ticket, or a checklist with just-in-time instructions to make sure that the review gets done. Pro-tip: next-review-dates are an excellent way to spread this task across time, instead of trying to do it all in one lump. Are your compliance policies and processes working for you, or against you? There is a better way. Use thoughtful design in your compliance system to reduce errors and streamline functionality. Screenshot below is from the Kieri Compliance Documentation's Account Management Database, showing some of the magic of our full-featured 800-171 / CMMC Level 2 compliance program. I'll put the link in comments, for anyone that is interested.

54

5 Comments

DONE. 🔐 **Empowering SMBs, MSPs, and MSSPs in the Cybersecurity Arena!** 🔐 🌐 On the verge of reaching **10,000 professional connections**, I am eager to forge ties with specialists and aficionados in **Information Security, Business Management, Marketing, and Investment**. 📈 💼 Fueled by a zeal for **Science, Blockchain Technology, Cryptocurrencies** such as Bitcoin and Ethereum, and traditional investments like **Gold and Stocks**, I'm a staunch advocate for collective growth and wisdom exchange. 🤝 🛡️ Specifically, I have a strong commitment to supporting **Small and Medium-sized Businesses (SMBs)**, **Managed Service Providers (MSPs)**, and **Managed Security Service Providers (MSSPs)**. By sharing insights on risk management, tailored security strategies, and innovative business solutions, we can elevate our practices to new heights. 🚀 🤖 Whether you're an established expert or an inquisitive newcomer in these sectors, let's unite and unlock the full potential of our industries! Extend an invite and let's delve into **cutting-edge innovations, robust security measures, and the latest market dynamics**. 🌟 #Cybersecurity #BusinessGrowth #MarketingStrategy #InvestmentInsights #BlockchainEvolution #NetworkingGoals #10KConnections #SMB #MSP #MSSP

5

4 Comments

Understanding your SPRS score is critical for NIST 800-171 compliance, but managing it can be complex. Victor Cich, Compliance Consultant at RADICL demonstrates how our platform’s live score calculator gives you real-time updates as you assess each requirement, making compliance tracking easier for your team. Check out this clip to see how our platform simplifies compliance management. How do you ensure your team stays on top of compliance? #SPRS #ComplianceTracking #NIST800171 #CyberSecurity #RADICL #DefenseIndustry

4

Newly patched Ivanti CSA flaw under active exploitation https://lnkd.in/dcunNMJ7

4

Why settle for an MDR that lacks the context of your specific environment? The Blumira SIEM+XDR gives SMBs real-time, tailored threat detection and response, avoiding the typical delays and limitations of an MDR solution. Learn more about the advantages of SIEM+XDR from Blumira CTO Matthew Warner in the full video here: https://okt.to/aN4Uhj #Cybersecurity #SIEM #XDR #SMB

20

ICYMI, Matthew Warner, indefatigable CTO of Blumira, on why SMBs do not have to settle for an MDR that lacks the context of their specific environment and can't really drive success without it. Check out his wise words and all of the company’s new features and platform updates designed to make life easier for SMBs and MSPs, including: ✅ Blumira Free SIEM — top-notch security instantly and without begging for budget ✅ Blumira Investigate — an intuitive dashboard that IT staff can use to track threats, assess incidents, and respond swiftly Also, the platform now integrates with over 250 applications to provide seamless, comprehensive security coverage. 🔗 Full video here: https://okt.to/aN4Uhj #Blumira #CyberSecurity #TechInnovation #SMB #MSP #ThreatDetection #SecurityUpdates

11