technologyreseller.co.uk 27 Redsquid CISO For Redsquid, the acquisition of Cyberseer doesn’t just bring a SOC and the ASPECT automation platform. In the form of Adrian Hunt, it also gains a Chief Security Officer, who, when he can release some of his technical responsibilities at Cyberseer, will be able to drive Redsquid’s information and cybersecurity strategy and ensure compliance with the forthcoming Cyber Security and Resilience Bill. “We’re a key provider of services to our customers. If they’ve outsourced security services to us and trusted us with such a critical part of their operation, we have to be squeaky clean. Redsquid is ISO 27001 and it’s a B Corp, which we can leverage, and we already operate in a very secure way. We’re going to stretch that out across everything else to make sure that we meet the requirement in that bill to be able to report back properly. It makes us accountable.” www.cyberseer.net Hunt adds: “Scaling is not going to be an issue, but we will need to manage it sensibly, and it’s a nice problem to have.” Extra resources Sohin Raithatha, CEO of Redsquid, adds that being part of a larger group can help alleviate some of these challenges, from a recruitment perspective as well as a sales and marketing one. “With our resources, capability and brand we can take that recruitment and retention headache away from Adrian. We’ve got people all around the group who could be that new analyst they might need, and, if an analyst says they want to do something different now, say work in the IT managed services department, we can give them that longevity in our group. Cyberseer’s people now have a great opportunity from a career development perspective.” Cyberseer itself will benefit from the strength of the Redsquid brand for lead generation and from an expanded development team that will enable it to keep strengthening its cybersecurity ecosystem, including investment in AI. Hunt says he is taking a measured approach to AI, pointing out that Cyberseer has been working with machine learning-based platforms since 2014, that its ASPECT platform already delivers a high degree of automation and that there is already a lot of AI in the solutions it uses like Nova in Exabeam, Gemini in Google and AI Analyst in Darktrace. “We are good at what we do with what we’ve got. We will add some extra sauce, but in our own time because we don’t want to break what we’ve got now. We don’t want to jump on the bandwagon and destroy everything. We have plans for AI. It’s in the roadmap. We’ve done a lot of testing on all the different pieces. We just need to fit it all together.” Currently, Cyberseer is using its own LLM in its threat advisory service to highlight the implications of threats, especially for smaller customers that might not have deep technical knowledge; it has installed some NVIDIA GPUs in a data centre to support its ongoing AI focus; and it plans to deploy LLMs in its consolidated data pipeline and alongside ASPECT. “With an ASPECT escalation, you’ll get an LLM summary of what it thinks is going on. That will be fed to the analyst, who will be able to give us feedback on what was good, what was not good and why it was not good, so we can then start to progress that.” customers, the largest of which has around 10,000 users. So, how easy will it be to scale Cyberseer’s operations? “Scaling the code is not a problem,” says Hunt. “We run sessionless or lightweight VMs for customers which connect and do the business. The backend will scale up quite easily to hundreds of customers. The slowest bit is bringing on a new analyst. We have a very strict and rigorous recruitment process to get that person on board, as you can imagine, after which we spend three to six months turning them into Cyberseer people, making them work the way we do. That’s always going to be the bottleneck, getting talented people and keeping them.” Another potential bottleneck for a business that prides itself on being a ‘soup to nuts’ organisation is the in‑depth onboarding process and ongoing collaboration that may not be suitable for smaller clients in Redsquid’s customer base. “Right now, we’re what you’d call a white glove service. If you sign up to us, you’re going to have all the bells and whistles, which is what our enterprise customers want. That’s what they enjoy – they have weekly meetings, lots of reporting, we get involved in their strategy meetings, we get called into their change calls. That’s what we’re good at. “What we’ve now also done is build out a service that can be deployed to smaller organisations that wouldn’t be able to cope with that level of engagement simply because they don’t have the structure for it. We will give them priority threat response and isolate things for them but in a much more automated way. This will enable us to hoover up those much smaller clients while giving them a level of security that they wouldn’t have had access to before and do it in such a way that we don’t swamp ourselves with a massive influx of events. “That service is built and can be deployed quite rapidly. We’ve done a lot of work on our back-end infrastructure so we can automate the code deployment right the way through, so when a smaller customer comes on, we can see what they’re using and deploy the service straightaway and, because we spend a lot of time looking at onboarding those customers, we’re not going to get inundated with noise. We’ve already done the threat hunts across their environment to see the baseline we’re operating from, so we can scale those up quite quickly.” CYBERSECURITY Redsquid Co-founders: Vince Mignacca (l) and Sohin Raithatha (r)
RkJQdWJsaXNoZXIy NDUxNDM=