Technology Reseller v50 Cybersecurity 25 customers’ security. “A lot of our partner work to date has been fulfilment but this is more proactively using partners to give us scale and reach and operate in more countries. There is also a need for controls validation in the small to medium enterprise, and that’s a services opportunity for our partners,” he said. He added that AttackIQ gives service providers the ability to validate the security of their own services at a time when MSPs are coming under unprecedented attack (and scrutiny) themselves. “Cybersecurity in the supply chain is incredibly important and it’s becoming a very high priority for larger organisations. They want to be able to validate their service providers; they want to be able to police the police, the MSSPs who are providing these services. “Just today, I was talking to a major critical infrastructure organisation that was trying to take service providers to task by saying ‘These controls that you’re selling us, how do you know that they work?’. The managed service providers say ‘We assure that they work’. ‘Well, we’ve just tested them and they don’t’. There’s a gap here. ’You’re selling this so-called Nirvana, but who’s actually checking to make sure it is Nirvana?’ “Managed security service providers need to ensure that they are testing their capabilities using the latest methodologies because their customers are going to start automating this and MSSPs need to find the gaps before their customers do. It’s going to be embarrassing if a customer like the one I was talking to tests the services provided by an MSSP and finds them wanting.” A new approach The appointment of John Brown as global channel leader with the headcount and resources to drive forward AttackIQ’s partner business in the US and other regions comes at a time of strong growth in EMEA and APJ, with revenues increasing by more than 600% in the year ending January 2022 and set to rise by another 300% this year. Ross Brewer says that this growth is being driven by greater awareness of cyber security risks and the emergence of an evidence-based, data-driven style of cybersecurity based around the MITRE ATT&CK framework that he believes will strengthen businesses’ defences and improve dialogue between cybersecurity professionals and business leaders. Instead of selling solutions through fear, uncertainty and doubt (FUD), AttackIQ provides security professionals with the means to evaluate the effectiveness of their existing defences and identify areas that need strengthening. “What we’re talking about here is control effectiveness and how you measure the efficacy and efficiency of your cybersecurity controls, which ultimately points to the efficacy and efficiency of your cybersecurity programme, because it’s the control failures that allow hackers to continue their activity,” explains Brewer. “The first failure is the initial access – phishing, someone clicking on something – what MITRE calls ’assumed breach’. But that’s not where the action is. The important question is ‘If hackers got to your laptop, could they get to your data, could they get to your contacts, could they get to your customers’ personal information?’ It’s about understanding where they can start from and where they At the end of April, breach and attack simulation specialist AttackIQ signalled its growth ambitions with the appointment of ex-Menlo Security EMEA Channels Director John Brown as Senior Director for Global Channels with responsibility for building out the company’s channel network and taking its partner business to the next level. AttackIQ operates in what Gartner has coined the ‘breach and attack simulation’ market, though Ross Brewer, Vice President and General Manager EMEA and APJ, told Technology Reseller that he prefers to think of it as ‘a continuous security controls validation’ opportunity. The AttackIQ Security Optimisation Platform uses a combination of threat intelligence on the tactics, techniques and procedures (TTPs) of cyber criminals and the publicly available MITRE ATT&CK framework to provide security professionals with a matrix they can use to test and evaluate the effectiveness of their security controls, validate the performance of their firewall, DLP, EDR, SIEM etc., and identify any areas that need strengthening. Because it is automated, the platform enables customers (end user organisations and managed service providers) to do this at scale and on a continuous basis, rather than manually, haphazardly or through quarterly or annual Red Teaming exercises. AttackIQ has a 100% channel, twotier go-to-market strategy, working with Westcon as its distributor in EMEA and APJ and top tier system integrators and service providers, as well as vendors like BT that use its products to validate their own offerings and monitor the preparedness of their customers. Brewer says the expansion of AttackIQ’s channel network will enable the company to extend its reach beyond its core market of government organisations and large enterprises – national infrastructure, energy, banks, technology companies, computer manufacturers, retailers – and into the SME space and new territories, while providing channel partners with consulting and sales opportunities that come from identifying weaknesses in their Ross Brewer continued... Why it’s time to change tack in cybersecurity and replace Fear, Uncertainty and Doubt with an evidence-based, datadriven approach The best form of defence