Threatscape is a growing pure-play IT security company. Microsoft recently awarded it a Gold Security Partner designation for its Microsoft Security practice. It also offers cybersecurity solutions, managed security services and professional services relating to security. Threatscape has an impressive customer list which includes Kier Group, RTE, AIB and William Hill. Enterprise Times had the opportunity to ask some questions of Dermot Williams, CEO of Threatscape about the company and the new award.
To achieve the Gold designation, a firm needs to have met specific criteria. It includes having active customers paying for Microsoft Security such as with Microsoft Intune or Azure Firewall. It also needs to have at least four people that have passed both MS-500: Microsoft 365 Security Administration and four people to have passed Exam AZ-500: Microsoft Azure Security Technologies. Threatscape has ten in total and works closely with Microsoft on product development.
The company itself has 21 employees. It also draws on a subcontractor workforce of over 200 to service the hundreds of clients it has. It works with many of Microsofts clients across the world including large enterprise customers.
The Threatscape – Microsoft Story
Microsoft announced the specific competency levels for security in July 2019. How did Threatscape reach Gold status so quickly?
“Our route to working with Microsoft was a little unusual. We were the sole UK partner for Adallom who developed one of the first CASB (cloud access security broker) solutions for securing SaaS applications.
“We worked really closely with the team at Adallom including the three founders to build up deep expertise in their solution and were achieving really good market traction with it … when suddenly Microsoft swooped in and bought the company for a considerable nine-figure sum. The Adallom CASB solution was renamed Microsoft Cloud Application Security, and we thought that was the end of our involvement.
“But the opposite happened. People at Microsoft reached out to us to stress how important cybersecurity was to their new cloud-centric business focus and how eager they were not to lose our expertise. Before long they were calling on that expertise for projects not only in the UK but also further afield; we’ve had people travel to client locations as far afield as Switzerland and the USA.
“The senior executive team we had worked with at Adallom became a key part of the cybersecurity R&D hub Microsoft were developing in Israel. With further acquisitions, the Microsoft security portfolio was also becoming increasingly relevant to large enterprises. We realized there was a growing demand for specialist assistance to properly deploy and manage these solutions – and our Microsoft Security Practice was born.
“Until fairly recently Microsoft didn’t have a partner category specifically for cybersecurity specialists like us. We’ve been a bit of an anomaly, officially listed as a silver partner but only focused on security and with far deeper skills than the average partner. The new Gold Security Partner status fixes that.”
Those Greek gods again
Threatscape names its Microsoft services after ancient Greek gods. They include
- Artemis: Provides Microsoft optimisation services or just a one-off audit. It helps customers understand their security posture. Its also provides a detailed road-map of how the customer can improve that security posture.
- Hermes: A security assessment of Microsoft Teams, Sharepoint and OneDrive environments.
- Helios: Targets the endpoint detection and response capabilities of a client using Microsoft Defender ATP or Microsoft Threat Protection.
- Aurora: Provides an Azure security assessment. It includes a review of virtual machines, connectivity, security posture and identity management.
- Narcissus: An identity protection service using Azure active directory identity protection, Microsoft cloud app security and Azure advanced threat protection
- Zeus: A cloud application and information protection service.
Enterprise Times asked Williams which of its services are currently popular. He replied:
“Currently, Artemis is the most asked for service as it provides an ongoing security review and optimization for Microsoft 365, the adoption of which is accelerating. Our newest service Helios, which provides an Assisted Detection and Response service in support of Windows Defender ATP or Microsoft Threat protection, is growing rapidly. Hermes, as you can imagine the increase in remote working during the Covid-19 pandemic, has made it particularly relevant at the moment.”
What are the most common findings from Artemis?
“Poor identity security, including a lack of MFA or rules-based access, to restrict access to critical applications and data, are particularly widespread issues. “
On emerging from lockdown
As Williams intimates, the recent crisis has increased the importance of security. This is because organisations have shifted to a remote working environment and accelerated cloud implementations. Enterprise Times asked Williams what the biggest security threat to organisations is?
“One of the first challenges is to understand that cybersecurity presents a 24×7 and constantly evolving business risk which can have a very substantial business impact. Therefore your approach to securing critical digital assets must be the same – always-on, always adapting. If we’re helping IT professionals communicate this to their boards in layman’s terms, we typically start by explaining that they can’t approach cybersecurity as if it was like a “rodent problem” for which a “set and forget” approach might work (i.e. you only need to figure out where the critters are coming from and lay down some traps to stop them).
“Instead, cybersecurity is more like fire safety. You do your very best to anticipate where the risks are, and you take steps to mitigate those risks. You also recognize that you can’t anticipate everything and that detecting and reacting quickly to a problem is vital. So in cyber, as in fire safety, you need constant monitoring and an effective and well-planned response on standby if things go wrong. “
For many organisations, budgets are limited at the moment. As organisations emerge from lockdown and furloughing, how should they prioritise their security budget?
“I think the experience of the last three months has made people realise the importance of robustly securing identities, and the value of adopting a ‘zero trust’ model – don’t trust, just verify. Also, a lot of the remote working infrastructure which was rushed into place may not have had full security review at the time and doing that now, and ensuring suitable governance is in place, is vital.”
Enterprise Times: What does this mean
It is surprising Microsoft took so long to recognise the importance of security in its partner network. Threatscape is one of only a few Gold security partners. Aisling Curtis, Commercial Director at Microsoft, commented: “The workplace of today is agile, mobile and cloud-enabled. Microsoft is at the forefront of enabling this digital transformation, and also of securing it. We are delighted to have Threatscape partner with us, and to bring their highly regarded security expertise and services to our clients”.
The status in place, Threatscape is well poised to increase its presence in the market from both Dublin and London. Will it look to expand further afield? Founded in 2010 it has a window of opportunity to grow. It is currently hiring in both London and Dublin. It will be exciting to follow how it develops in the coming months.