SIA New Member Profile: DirectDefense

New Security Industry Association (SIA) member DirectDefense provides enterprise risk assessments, penetration testing, Industrial Control Systems (ICS)/Supervisory Control and Data Acquisition (SCADA) security services and 24/7 managed security services. The company is headquartered in Englewood, Colorado, and serves companies of all sizes in North America.

SIA spoke with Christopher Walcutt, chief security officer at DirectDefense, about the company, the security industry and working with SIA. Walcutt is a member of the SIA Utility Advisory Board and is also a SIA Cybersecurity Advisory Board member (pending) and was selected to present at ISC West on Securing the Convergence: Collaborative Strategies for Physical & Cyber Security Professionals.

Tell us the story of your company.

Christopher Walcutt: In 2012, DirectDefense was founded by Jim Broome, president and chief technology officer, and Beau Shahriary, chief operating officer, because they saw that the companies we worked with stopped focusing on the client as they grew into mega-value-added resellers. Their careers have been defined by providing strategic consulting to our clients and their organizations, not selling widgets. That mentality also goes into how we create our services. Namely, we started out by offering managed incident response retainers, and six years later, we launched our managed detection and response services based on client demand for better services than the normal industry standard. Now, we offer a full suite of managed services, Internet of Things monitoring, penetration testing and compliance services. As the threat landscape evolves, we have had the opportunity to offer more service-based solutions for our customers in various industries to strengthen their cyber resiliency.  

What solutions/services does your business offer in the security industry? And what makes your offerings or your company unique?

CW: DirectDefense provides enterprise risk assessments, penetration testing, ICS/SCADA security services and 24/7 managed security services. While other managed services offerings typically approach security from the product side, we approach it from an enterprise perspective. We cater directly to your specific response requirements and compliance reporting needs, offering enhanced incident reporting capabilities that go beyond the standard offerings of traditional security information and event management or endpoint detection and response/managed detection and response (MDR) providers.

Our experienced professional services offer unmatched experience, expertise and service accessing the cybersecurity posture in every business vertical to assist them in meeting their goals and initiatives. Our consultants on average hold at least six years of penetration testing experience, and we almost always stand out on quality, and our consultants contribute to that the most. Services we offer include network and application security testing, risk assessment and compliance, talent acquisition and cybersecurity strategy and planning.

Our industrial controls experts, who have direct experience working in industrial control environments, partner with organizations to help strengthen their security architectures without disrupting operations. We enable operational technology and IT departments to work together by creating a strategy for security during testing, and designating operational roles to ensure both systems are being managed and monitored properly. Our Connected Systems services apply across industries from utilities to agriculture, and effectively protect critical operational functions, and allow for complete coverage from device and application testing to architecture and compliance gap assessments from device to cloud.

What’s something we might not know about your company – or something new you’re doing in security?

CW: We invite you to download our recently launched 2023 Security Operations Threat Report, which identifies the top threats from 2023 and what’s already trending for 2024. Using our proprietary SOAR platform known as ThreatAdvisor, we gathered and analyzed intelligence from nearly 2 million hours of alert investigation across our client base.

ThreatAdvisor is a critical piece of our managed services offerings as it provides complete network visibility in a centralized location. It helped us achieve an average time to respond to triaged critical security events of eight minutes. Over 90% of standard MDR events were triaged by our security operations center without engaging the client’s security team. Nearly one-third of events were promoted and triaged in collaboration with client security teams, and 80% of those were custom alerts that go beyond standard MDR monitoring.

What is your company’s vision, and what are your goals for the security industry?

CW: At DirectDefense, our vision is to implement best-practice security programs and managed security services that elevate our customers’ security posture to a higher standard of protection and resiliency. Our goal is to empower businesses and organizations to thrive in a relentlessly evolving threat landscape.

What are the biggest challenges facing your company and/or others in the security industry?

CW: The main challenge we see is organizations seeking managed services providers for both IT and information security. Unfortunately, specialized skill sets require dedicated resources in each discipline, making it rare to find a provider excelling in both. We educate chief information officers about the value of evaluating specialized services for each.

What does SIA offer that is most important to you/your company? And what do you most hope to get out of your membership with SIA?

CW: The SIA advisory boards aggregate industry knowledge from professionals globally and produce free guides and documentation intended to help individuals and organizations with their physical and cybersecurity needs through knowledge sharing, events and industry growth. We look forward to taking advantage of these resources.

The views and opinions expressed in guest posts and/or profiles are those of the authors or sources and do not necessarily reflect the official policy or position of the Security Industry Association.