CyberMaxx Taps Ex-Threat Stack CEO to Aid Offensive SecurityBrian Ahern Plans to Infuse CyberMaxx's MDR Tool With Offensive Security Expertise
CyberMaxx has snagged the former CEO of cloud security vendor Threat Stack to bring offensive and defensive cybersecurity services together on a single platform.
The Nashville-based vendor has tasked Brian Ahern with creating managed detection and response bundles with offensive and defensive capabilities and building a next-generation portal that allows administrators to onboard new log sources and search, report, contain and respond to incidents from a single location. Ahern's appointment follows CyberMaxx's buy of offensive security star CipherTechs (see: HelpSystems Buys Red-Teaming Firm for Offensive Security).
"We're here to make CISOs' lives a little less stressful and give them their lives back by bringing more value to their day-to-day job," Ahern tells Information Security Media Group. "You might not have heard of CyberMaxx before, but trust me, you're going to hear a lot more from us going forward."
Despite having more than 20 years of cybersecurity experience, Ahern says CyberMaxx isn't well known since its capabilities lived within a professional services accounting firm before being carved out by private equity firm Periscope Equity in January 2022. After its buy of CipherTechs, CyberMaxx has 140 workers and 400 customers and is strong across the financial services, healthcare and technology verticals.
Ahern most recently spent more than seven years leading Threat Stack, which was bought by application security and delivery vendor F5 for $68 million in September 2021. Prior to that, Ahern founded, led and sold automation system management vendor Industrial Defender to Lockheed Martin.
'You Actually Have to Start Inside of the Cloud Workloads'
Ahern wants to create a full-service cyber risk management company by bringing CyberMaxx's 24/7 SOC and MDR, EDR and XDR tools together with CipherTechs' smarts around offensive cybersecurity, digital forensics and compliance. CyberMaxx plans to offer both a co-managed MDR offering built on Splunk and Devo and a fully managed MDR offering that lives inside CyberMaxx's security analytics engine.
Ahern plans to infuse CyberMaxx's MDR offerings with offensive security capabilities recently acquired from CipherTechs, including security configuration assessments, incident response, business continuity, disaster recovery and tabletop exercises so that the company's long-standing defensive customers will have a broader set of skills to tap into.
"We're here to make CISOs' lives a little less stressful and give them their lives back."
– Brian Ahern, CEO, CyberMaxx
From a technology standpoint, Ahern wants to help the industry move from traditional reactive security management, in which humans are responding to alerts, to proactive risk identification that's largely driven by data analytics. He also will merge the CipherTechs portal, which focuses on incident management and ticketing, with the reporting and analytics the CyberMaxx portal offers, to improve the user experience.
Ahern also wants to move CyberMaxx into delivering threat detection for public cloud infrastructure to provide a consistent user experience regardless of whether a customer has a physical data center, private clouds, public clouds or a mix of the three. Securing an on-premises data center relies more on firewalls and network sensors, while public cloud security is more about apps and workloads.
"In the physical data center world, when you build defense in depth, you typically start from the outside-in layers of defense," Ahern says. "When you go to public cloud, you actually have to start inside of the cloud workloads and build your security strategy out. So there's a fundamentally different approach to how you deploy, how you manage and how you measure risk."
'New Customers Are the Lifeblood'
CyberMaxx competes against eSentire and Arctic Wolf in the MDR market, and Ahern says the company stands apart by giving customers the ability to verify the efficacy of threats that the company has detected. He also says CyberMaxx's work in offensive security enables the company to detect nascent attack vectors that are becoming more popular with ransomware groups and others (see: Bishop Fox Raises $75M to Fortify Offensive Security Muscle).
Ahern says CyberMaxx historically focused most on healthcare, while CipherTechs excelled in financial services. One-quarter of the company's revenue comes from customers with more than 10,000 employees, one-quarter comes from customers with less than 500 employees, and the remaining 50% of CyberMaxx's sales come from businesses with between 500 and 10,000 employees.
From a metrics standpoint, Ahern says CyberMaxx closely tracks the capture of new customer logos, customer churn, gross retention rates and net retention rates. CyberMaxx plans to invest for growth in 2023, but Ahern hopes to set the company up for both growth and profitability in the years to come.
"You want to make sure that you're landing new customers," Ahern says. "New customers are the lifeblood. You get them and you extend the breadth of services that you're offering."