Advanced Logic Industries (ALI) is a professional IT services company that works with organizations throughout the Mid-Atlantic to manage and support their IT operations. IT security is a critical component of today’s IT management strategy. To augment its existing expertise, ALI considered the best manner to quickly expand its security practice to include a more robust cyber skillset to its portfolio.
The company specializes in IT projects and managed services – it even has its own data center and infrastructure security expertise. But it’s not a cyber expert. To launch its own cyber division, ALI would need a large capital investment and have to build out a 24/7 manned security operations center. And that’s just for starters.
“Cybersecurity isn’t just another service,” said Eric Thompson, ALI’s Director of Sales Engineering & Data Center. “It’s a specialized niche that takes years of training, expertise in particular tools, and certifications. Not to mention 10 to 20 additional staff.”
“Cybersecurity isn’t just another service. It’s a specialized niche that takes years of training, expertise in particular tools, and certifications. Not to mention 10 to 20 additional staff.”Eric Thompson, ALI’s Director of Sales Engineering & Data Center
Once ALI realized that building its own cyber practice in house would be too costly and time consuming, it turned its attention to finding the right cybersecurity partner. Fortunately, it didn’t have to look too hard.
Assessing a Potential Partner
ALI met GuardSight while working for the same client. The client first brought on GuardSight as a managed detection and response (MDR) cybersecurity services provider. Soon after, the client hired ALI as a managed service provider (MSP) for the company’s IT services. The client then asked the two companies to partner together.
ALI manages the company’s computer systems and networks while GuardSight handles cybersecurity operations, assessments, and response. GuardSight’s services include a Handler on Duty (HoD) 24/7/365, threat detection and hunting, and reporting.
Since ALI manages the physical assets and network infrastructure, it carries out cyber remediation based on input from GuardSight. GuardSight uses various tools, which it refers to as cyber weapons, to monitor the systems for suspicious activity and then notifies ALI to proactively remediate the threat.
This working relationship allowed ALI to assess GuardSight as a potential strategic partner to address the fast-paced and complex world of cybersecurity. While working with GuardSight, ALI discovered that the cybersecurity company possessed the qualities it was looking for.
For example, GuardSight provides actionable intelligence, a time saver for ALI, which has boots on the ground at the client site to remediate threats. Useful intelligence stems from GuardSight’s expertise and knowing what types of activities warrant concern.
“We don’t have to wade through white noise or respond to false alarms. When we get alerts from GuardSight, we know they’re real.”Eric Thompson, ALI’s Director of Sales Engineering & Data Center
“We don’t have to wade through white noise or respond to false alarms,” Thompson explained. “When we get alerts from GuardSight, we know they’re real. There’s a sense of urgency.”
When dealing with a particularly bad actor, GuardSight escalates beyond the ticketing system and alerts ALI with a phone call. The process seems to be working out well.
Since GuardSight and ALI have worked together, their client has not experienced a single moment of downtime.
At the same time, ALI appreciates that GuardSight is proactive. Ideally, vulnerabilities are managed long before they become a problem. The HoD ensures there is a sentry posted around the clock to monitor suspicious activity. And biweekly meetings allow the two companies to review findings together, discuss upcoming projects, or go over lessons learned to continuously improve processes.
ALI was also looking for a partner with the right cultural fit. The can-do attitude of the GuardSight team and John McGloughlin, GuardSight’s CEO, met that requirement.
“John is a guy that gets things done,” Thompson said. “He and his team always try to figure out the solution to the problem. And I know I can pick up the phone and call him if I need to. That’s a big deal to me. There’s a chain of command that’s responsible and cares that they’re attached to the partnership and the project that we’re working on.”
All of these factors – GuardSight’s knowledge and expertise, its responsiveness, its proactive approach and its can-do attitude – convinced ALI that GuardSight would be an excellent partner to help ALI provide the expertise it needed and grow its business.
Now that ALI and GuardSight have formalized their relationship into a broader partnership, ALI can offer cybersecurity as a service (CSaaS) for future engagements. In fact, ALI is already in discussions with several government customers and contractors that must meet standards and compliance requirements such as NIST 800-53, NIST 800-171, and CMMC. The GuardSight MDR service provides a crucial component dictated by those compliance standards.
With GuardSight as a partner, ALI can also customize cyber solutions it offers based on the size and type of clients. Not every client needs the same amount of cybersecurity control that a government or healthcare customer might. Clearly, a CsaaS is far more economical and efficient for ALI to deploy in these cases.
“The hybrid relationship between an MDR and an MSP makes ALI a force multiplier,” Thompson said. “We now have an additional team of cyber experts with a deep pool of knowledge that we never could have staffed and spun up in time to be effective in today’s environment. afforded if we had decided to add a cyber division to our business. It’s a true partnership of equals.”
McGloughlin agreed. “ALI is an exceptional partner. Their team is wired for speed, and our two cultures share a ‘Roger that’ DNA for servicing our customers. Eric and the entire team at ALI are right with us in the foxhole during a cyber fight. Together, we’re able to disarm cyber attackers, protect customer assets, and minimize downtime to ensure business continuity.”