Executive Q&A: Jon Murchison on Pioneering Proactive Cybersecurity Strategies with Blackpoint Cyber

Author: Sara Montes de Oca, TechEchelon

Jon Murchison is a visionary in the cybersecurity arena, with a background that melds the high-stakes world of national security with cutting-edge technological innovation. As the founder and CEO of Blackpoint Cyber, Jon has leveraged his distinguished background in network engineering and IT operations to pioneer a proactive stance in cybersecurity. Jon’s transition into a leading role within the intelligence community – which involved dedicating over a decade to critical national security missions – has equipped him with unmatched offensive security strategies.

With expertise honed at the NSA as a computer operations specialist, Jon is at the forefront of developing aggressive cyber defense techniques aimed at preempting cyber threats and neutralizing insider risks. Jon’s ownership of multiple patents in network defense, analytics, and proactive offensive strategies underscores his expertise in not just defending against, but actively engaging cyber threats. Under his guidance, Blackpoint Cyber distinguishes itself by emphasizing an offensive security posture that harnesses deep knowledge of adversary tactics to deliver cybersecurity solutions that defend and attack – ensuring organizations worldwide are always one step ahead of potential threats.

In an exclusive interview with TechEchelon, Jon shares his journey, the evolution of Blackpoint Cyber, and his vision for the future of cybersecurity.

Q: What inspired the creation of the Blackpoint Community Protection Program

Yes, that’s an excellent question. Essentially, the program is beneficial for all involved and it’s been in the works for over a year. We offer our MSPs complimentary internal-use, not-for-resale licenses of our platform. This enables them to safeguard their operations effectively, ensuring protection from various threats. Additionally, it provides them with an opportunity to explore the capabilities of the Blackpoint Solutions platform. By using it themselves, they can better understand how to optimally protect their customers as well as their own business. It’s truly a win-win situation.

Q: With the discovery of vulnerabilities in the ConnectWise ScreenConnect solution, what steps did Blackpoint take to ensure rapid and effective communication with your clients and the broader MSP community?

That was a significant day for us. Upon discovering the ConnectWise ScreenConnect vulnerabilities, Blackpoint Cyber immediately launched a comprehensive and aggressive messaging campaign. Our first step was to inform all our partners about the existence of this vulnerability. We then expanded our efforts to social media platforms to educate and protect the wider MSP community. In the days following the vulnerability’s disclosure, we not only recreated the vulnerability to understand its nuances but also remained highly active in our outreach. We engaged in numerous webinars, sent out daily messages, and maintained a constantly updated blog. Most importantly, we personally reached out to each of our partners affected by the vulnerability. We took the precaution of taking their devices offline to prevent any compromise, a move that was greatly appreciated by our partners for its proactive nature.

Q: The BCPP offers free, ‘not for resale’ licenses and 24/7 monitoring by Blackpoint’s SOC. How do you envision these services impacting the day-to-day operations and long-term strategies of MSPs?

The key benefit is the complimentary access to our platform. This essentially relieves MSPs of the burden of security monitoring, allowing them to concentrate on expanding their businesses and serving their clients. Unlike most SOC services that only flag issues after the fact, our main offering includes proactive human engagement, which is a significant advantage for busy managed service providers.

Over time, our goal is to help MSPs conserve resources by using Blackpoint. With our comprehensive solution, there’s no need for them to integrate, maintain, or update various systems separately. This integration offers a substantial business advantage.

Q: Cybersecurity threats are evolving rapidly. Can you share how Blackpoint stays ahead in identifying and mitigating these threats, especially given the recent discovery of vulnerabilities in popular solutions?

We are deeply committed to staying abreast of the evolving threat landscape. Our dedication is evident through our in-house team focused on threat research and intelligence, known as the Adversary Pursuit Group. Beyond our internal efforts, we maintain strong connections throughout the industry, enabling us to gather both curated and raw intelligence. We also concentrate on proprietary research to refine our detection mechanisms.

Blackpoint stands at the forefront of rapid detection and response. We gain direct insights into our adversaries’ actions within our customers’ environments, which allows us to identify and understand the techniques necessary to protect our partners. By integrating external and internal sources of intelligence, we are effectively staying ahead of the curve on trends and threats in the wild.

Q: In a recent blog post, the company mentions the significant financial impact of cybersecurity breaches, citing an average cost of $4.45 million per breach. How does the BCPP specifically address this risk for MSPs?

At its core, our primary focus is on prevention—stopping an incident before it even happens. Internally, we often say that offense is the best form of defense when it comes to preventing attacks. Adopting an offensive mindset allows us to anticipate adversaries’ actions and stop threat actors before any real harm is caused. We tackle these issues not just for MSPs but also for their internal IT teams.

Our approach leverages the unique capabilities of our SOC, which has successfully intercepted numerous incidents over the years. However, when incidents do occur, we go beyond merely flagging alerts for the MSP. We strive to fully understand the situation, providing context to our partners. This way, should an incident arise, we’re equipped to prevent it from ever occurring again.

Q: Feedback from partners indicates that the BCPP is a “game-changing offer.” What feedback have you received from MSPs since announcing the program, and how has it influenced any future plans for Blackpoint?

The creation of the BCPP was directly influenced by feedback from our partners. They expressed a strong desire to utilize the same products and services for themselves that they provide to their clients. In response, we listened and granted them direct access to all our products and services, free of charge. This enables them to learn, use, and grow with our solutions, ensuring they can effectively protect their clients.

Our MSP partners are particularly keen on adopting a proactive approach to security, often referred to as preventing ‘patient zero’ scenarios. We embraced this by empowering our MSPs with immediate access to our offerings, providing them with a comprehensive understanding of our capabilities. This strategy is aimed at preventing any ‘patient zero’ incidents from occurring.

Q: The “See Clearly” campaign introduces a comprehensive suite of solutions for MSPs. Can you elaborate on how these solutions work together to provide a holistic security posture for MSPs and their clients?

We recognize that visibility is a major challenge in security. The question is, how do you ensure you’re fully aware of the extent of an intrusion or incident you might be facing? Our ‘See Clearly’ campaign is specifically designed to help MSPs and their clients gain deeper insights into their ecosystems. It focuses on understanding the threats they should be vigilant of and how they can better prepare for potential attacks.

At Blackpoint Cyber, we concentrate on the methods of attack—the ‘how’, rather than the ‘who’. Our goal is to simplify the process for MSPs to acquire a broader understanding of the current threat landscape, by examining the tactics and strategies of adversaries. We place less emphasis on the identity of the attackers (the ‘who’) and more on understanding their methodologies. This approach allows us to extract valuable insights, regardless of whether the threats originate from Russia, China, Iran, or elsewhere, enabling us to equip our partners with the knowledge they need.

Q: Dark Web Monitoring and Threat Assessment Summaries are part of the new offers. How do these tools integrate with Blackpoint’s existing services to enhance security for MSPs?

At the heart of our approach at Blackpoint is the goal of achieving extensive coverage of the attack chain. Our focus is on threat prevention, disruption, and containment. Part of our strategy includes dark web monitoring and thorough threat assessments, which enhance our partnerships by offering more services. These services are designed to help our partners grasp the first three steps of the NIST cybersecurity framework: identify, protect, and detect.

By empowering our partners, we enable them to take necessary measures to safeguard themselves. This includes protection against visible threats identified through our SOC, as well as potential threats from breaches involving their data. Dark web monitoring is a key component of our ‘See Clearly’ mission, providing our partners with insights into who is targeting them and the methods of these attacks.

Q: Blackpoint University is described as the only ‘MBA for MSPs’ program. What gaps in the market did you identify that led to the creation of this educational initiative, and what outcomes do you anticipate for participants?

We’ve identified that the gaps in the MSP sector are primarily related to business discussions and the needs expressed by MSP owners and their leadership teams. Many MSP owners are first-generation business leaders who founded and grew their businesses based on their technical expertise and understanding of client requirements. However, as these MSPs aim to mature and expand, their needs evolve. Those who have grown now find themselves in need of guidance on developing financial models for further growth. The focus shifts from purely technical aspects to considerations of investment and scaling their operations to a higher level.

We’ve recognized an opportunity to merge the insights of highly successful MSP owners with those of seasoned business professionals and experts in various fields. This collaboration aims to support these owners and their teams in building the next generation of managed service providers, focusing on sustainable growth and scalability.

Q: With Bain Capital’s recent involvement, what future developments can we expect from Blackpoint Cyber? How does this partnership facilitate your vision for the company and its offerings to the MSP community?

The recent funding round will significantly accelerate our development and enhance our go-to-market strategies, ensuring we continue to deliver top-tier cybersecurity solutions. Our goal is to attract the best talent throughout the organization, ultimately supporting our MSPs and internal IT teams in safeguarding their business assets from cyber attacks. This investment will enable us to achieve these objectives more rapidly.

Q: Given your background in security and intelligence from the Department of Defense, how has this influenced Blackpoint’s approach to cybersecurity and its commitment to stopping hackers before they cause damage?

Drawing on my background in security and intelligence, it’s apparent to us at Blackpoint Cyber that threat actors and adversaries will not cease their hacking efforts. One of our core messages has always been about “winning the unfair fight.” Our dedication lies in preventing these hackers from succeeding in this battle, where MSPs often find themselves at a disadvantage. Over time, we’ve observed that government efforts are largely directed at combating nation-state actors, leaving small and medium-sized businesses vulnerable to cyber attacks that could potentially devastate their operations. Therefore, we’ve adopted a proactive defense strategy, aiming to build an ecosystem that effectively protects our customers from the very threats we’ve identified.

Q: Finally, for MSPs interested in the BCPP and other Blackpoint solutions, what steps should they take to get started, and what can they expect in terms of support from Blackpoint throughout the process?

First and foremost, getting an MSP set up with us at Blackpoint is a matter of minutes; it’s genuinely that straightforward. MSPs will find in Blackpoint a partner ready to guide them through the entire process. Our experience spans from thwarting hackers to helping MSPs build and expand their businesses. Simply reach out to us, and we’ll have you set up in no time. It’s that easy.

Q: Anything else?

We aim to ensure that everyone is aware of the BCPP and its purpose. As a trusted partner, we’re here to assist MSPs in navigating the complex landscape of cybersecurity.