Dark Cubed pivoted their offering in the last year to focus on selling to smaller business through an MSP channel, with an emphasis on simplicity and cost appropriate for this market.
Alexandria VA-based Dark Cubed emerged from stealth in 2016, with a network security solution emphasizing cost-effectiveness and simplicity for the mid-market. The cost-effectiveness and simplicity are still there, but in 2019 the company underwent a major pivot in its strategic focus. They shifted their emphasis to smaller customers, and focused squarely on the MSP channel as the route to reach them.
Dark Cubed’s technology is intended to be a replacement for an outsourced SOC service.
“We implement security automation in a way that works for small and mid sized companies who don’t have the ability to properly resource a SOC,” said Vince Crisler, Dark Cubed’s founder and CEO. “We don’t fit easily into a Gartner category, because they don’t work well downmarket, but we essentially provide security automation for SMBs.
“SOCs run a traditional services-based business model where you get the fractional time of an analyst. For smaller businesses, that provides no value. We focus on automating machine-to-machine at scale in a way that provides real protection.”
Crisler was Chief Information Security Officer at the White House during the George W. Bush administration, and Dark Cube’s staff is deep in individuals with cybersecurity experience in the Department of Defense and the federal government generally.
“We integrate back into the firewall and block threats,” Crisler said. “We can classify all traffic on a network as good, bad or ugly. In ten minutes, we can get a company set up so that their firewall has all the benefits of a SOC, without the cost, through automation. SMB’s don’t typically tune the firewalls that they do buy, so when they turn on our service, they see all kinds of things they aren’t used to seeing.”
Crisler acknowledged that enterprise SIEM vendors like Splunk and Sumo Logic provide deeper threat intelligence and broader features than they do, but also emphasized that those offerings really have no bearing on the SMB space.
“SIEMs do not work for midsized companies,” he stated. “Unlike them, we focus on providing automation and simplicity at a price point for the SMB market. Being easy to use is a key differentiator for us. Being affordable is another. We can do that because of our automation. We provide threat intelligence integration, predictive analytics, orchestration, and threat protection, in a low-touch, easy to use way.”
When Dark Cubed came out of the gate, they concentrated on selling to the midmarket, but since then, they have changed their focus to concentrate on the SMB space.
“We have made some significant pivots and changes in the last five years,” Crisler said. “Early on, we were focused on the midmarket, particularly in financial services, energy and health care. But sales cycles were long, and customer acquisition costs were high. We went to our loyal customers and determined what they liked about us, and then we pivoted to a SaaS infrastructure and a channel business model where we supported those channel providers directly.”
The focus now is on going to market through these MSPs, with partners who Crisler described as having between 10-100 employees, and with between 10-1000 customers.
“Maybe 1% of MSPs monitor customer networks, because it’s too hard,” he said. “We do this, and also provide active protection. Security has been a bolt-on to what MSP are offering. That has to change, because MSPs are the gatekeeper.”
Dark Cubed has just released an analytical report stressing how MSPs are now being targeted precisely because they are the gatekeepers. It found that 6.9% of the traffic impacting MSP networks is related to bots, scanners, and hackers. 100% of the MSPs participating in the study said they suffered from both automated and directed attacks, and in addition, MSP defenses are also being overwhelmed by friendly fire from companies that routinely scan for information gathering.
“MSPs have to provide robust security, including doing things like requiring 2FA whether people want it or not,” Crisler said. “We are rapidly increasing our number of MSPs, who realize nothing differentiates their services, and who realize that if they don’t bake in security, they are going to lose their customers.”
Dark Cubed offers MSPs a tiered membership level, with a package of professional services that they can resell to customers. These include ransomware risk assessment, compliance assessment, penetration testing, vulnerability scanning and end user assessment.
“Given our team’s background, we have a lot of expertise in this space,” Crisler said. “MSP partners asked us to provide these professional services capabilities, and so we added these services to help them.”
Crisler said that Dark Cubed is able to accommodate the needs of an MSP’s larger customers as well as the small.
“If an MSP has 100 customers, 10 or 15 may be larger and the rest are small from a revenue perspective. But they care about all their customers. We are able to come in with an offering that lets them support all customers, with the right price point for small ones, but which can also fully support large ones as well.”
With the pivot to the MSP model, Dark Cubed will still sell direct, but only when the end customer contacts them, and already has the capabilities of managing their service themselves.
“If companies reach out directly to us, we will have discussions,” he said. “They do need to have the ability to support themselves from a tech perspective though. We can’t be their MSP. If they can’t do that, we refer them to a local MSP partner.”
MSSPs are not really a play for Dark Cubed.
“We don’t work with MSSPs because they do similar things to us – provide log aggregation, SIEM and analytics,” Crisler indicated. “The value isn’t there for them.”
With the shift in strategy, Crisler said the company’s business began to take off in the second half of 2019.
“We had significant growth in the latter part of last year, with 300% growth,” he stated. “That reflects that last year we focused on the new Go-to-Market, that the best way was to go to market with small companies through MSPs.”
They do not, as yet, have many MSPs in Canada, however.
“We do have a lot of US ones and some overseas, in Europe, Southeast Asia, Australia, and Africa,” Crisler noted.
“We are looking at partnering with others with similar models and overlapping capabilities, Crisler added. “Having a significant footprint in the MSP market is where we want to be headed.”