Atrion Communications has snagged New York Life's former information security leader to help clients navigate and streamline the delivery of security services from multiple vendors.
The Branchburg, N.J.-based solution provider tapped Rich Moore to be its first-ever Chief Information Security Officer (CISO), tasking him with building out a lab ecosystem where clients can see simulations of security products in action. Moore expects to have a cyber innovation center up and running in 90 days, which will focus on connecting CISOs not looking to follow the herd with emerging technologies.
"We saw a guy that has the technical experience, that's been there, done that," said Pat Grillo, Atrion's CEO and executive chairman. "He's got credibility. He did it at New York Life and other places."
Top-tier MSSPs often struggle to keep up with the security technology that enterprise CISOs want to integrate into their IT ecosystems, Moore said. These channel partners often take a more standardized approach, Moore said, making it difficult for a CISO to swap in a different SIEM offering or move their data from one Security Operations Center (SOC) to another SOC.
Moore, therefore, plans to strike up a relationship with a company that allows for greater flexibility in creating a best-in-class experience as part of a modularized setup. As a result, Moore said, whatever's in the program of the CISO can now be consumed by the SOC.
Atrion under Moore will also work to boost its footprint around deceptive technologies and next-generation endpoint security, working closely with vendors such as TrapX and Cylance. Moore spent two years as New York Life's head of information security, three years as senior information security manager at Citizens Bank, and 2.5 years as an associate director in KPMG's information security group.
As a CISO, Moore said he was introduced each month to between five and 20 security companies with new technologies. But Moore said the sheer volume of new offerings hitting the market makes it difficult for CISOs to wrap their minds around everything and figure out how it's going to work in their environment and infrastructure.
CISOs also typically lack the time to see how security products from different vendors integrate together and operate, Moore said, as well as whether or not they're compatible with the company's existing firewall, SOC, or intrusion detection system.
What CISOs want, Moore said, is a fully-integrated SOC with all of those products in a stack generating data that's applicable to a particular vertical such as manufacturing, finance, or pharmaceuticals, since each of those industries bring unique data to the table. Atrion's background and access to CTOs provides the firm with a good understanding of the data that flows across a client's environment, he said.
"We just made ourselves bigger and broader," Grillo said.
Moore's first day was April 30, and he doesn't currently have any direct reports. But the company expects to onboard a veteran and junior engineers with cybersecurity experience, along with hiring a security-focused intern who could be in line for a full-time position, Grillo said. Atrion today has three employees dedicated full-time to cybersecurity, Grillo said, and that figure should increase in the months ahead.
Grillo plans to use Atrion's experience with David Magee as a model, who had run a network for a large corporation before becoming Atrion's CTO in December 2014. Magee's end-user experience and deep industry knowledge went a long way with customers, Grillo said, who both respect and listen closely to him.
Although Moore will be a little more customer-facing that Magee, Grillo expects the on-boarding experience to be similar. Many high-level people in the cybersecurity industry know Moore, thanks to his resume and experience making security-themed presentations around the country, which Grillo said should help Atrion become more visible in the fast-growing cybersecurity arena.
"We've got our quiver with all our arrows in it," Grillo said. "We just added another arrow."