Todd Salmon joins NotSoSecure to drive US growth

Industry expert joins leading penetration testing and ethical hacking company to fuel continued expansion.

Leading ethical hacking and penetration testing company NotSoSecure, part of the Claranet Group, has announced the appointment of security industry veteran Todd Salmon as Executive Vice President (US) to expand North American operations. In his new role with NotSoSecure, Todd will be responsible for the day-to-day operations in the US, as well as supporting global collaboration within the Claranet Cyber Security portfolio.

Todd brings nearly three decades of executive leadership and management experience providing information security and technical solutions to all the major vertical markets, and he has a proven track record of building and running successful professional services organisations for both the public and private sectors.

Most recently, Todd was a partner in the start-up Stack Titan where he served as Chief Operations Officer. Prior to this he spent eight years as the Vice President of Optiv/FishNet Security’s Attack & Penetration Practice. During that time, Todd grew their Security Assessments line of business significantly.

The appointment follows the launch of Claranet’s Cyber Security unit, which combines the pioneering penetration testing and managed security service capabilities of Sec-1 and NotSoSecure, and the training competencies of NotSoSecure – one of the largest training partners of the globally acclaimed Black Hat conferences. The new unit ensures that the capabilities of both companies are aligned in a way that offers the best range of security services to customers within the existing Claranet footprint and around the world.

Commenting on the appointment, Dan Haagman, Director of Security Services at NotSoSecure said:

In all his prior roles Todd has led from the front and, as a result of his dedication to client satisfaction, tireless coaching and mentoring of colleagues, and laser focus on quality, he has left a track record of success everywhere he’s been. That is why I am delighted that he has joined NotSoSecure to help us grow our North American operations. We have already have a loyal and engaged customer base in the US but we believe we are just scratching the surface. Bringing Todd on board is a sign of our intent and belief that we are in a strong position to help more customers in the US with security testing, training, and managed services.”

Todd Salmon added:

Despite its relatively small size, NotSoSecure punches far above its weight in the pen testing and security training industry and its consultants are world-renowned for their expertise. I’m therefore excited to be joining NotSoSecure and the wider Claranet Cyber Security Services Group as we build the business while we continue to meet the evolving needs of our existing customers.”

Human error is to blame for poor cloud security, not the infrastructure itself, warns Claranet

Global technology services provider points to automation and fully-accredited partners as way to avoid cloud security vulnerabilities.

A lack of knowledge and an overreliance on manual change processes is leading many businesses to jeopardise the security of their cloud deployments, global technology services provider Claranet warns today.

The warning follows the launch of a report published by McAfee this week, which found that the average business has approximately 14 improperly configured IaaS instances running at any given time and roughly one in every 20 AWS S3 buckets are left wide open to the public internet. Additionally, researchers estimate that roughly 5.5. per cent of all AWS S3 storage instances are in a “world read” setting, allowing anyone who knows the address of the S3 bucket to see its contents.

Commenting on the findings, Steve Smith, Senior Site Reliability Engineer and AWS Team Lead at Claranet, said:

The cloud security challenges highlighted in this report have little to do with the platform itself, but everything to do with the people using it and, in our experience, people are the biggest weakness here. The major cloud providers like AWS set a lot of sensible defaults designed to support configuration – for example, S3 buckets are now private by default – but unfortunately, it’s very easy to get things wrong if you don’t know how to use the platform.”

We’ve seen many AWS configurations that end-user businesses have developed themselves or have worked with partners that don’t have the right experience, and, frankly, the configurations can be all over the place. When internal IT teams create these environments themselves, mistakes can occur when they don’t have the depth of knowledge or experience to follow best practice.”

A click of a button or slight configuration change can have a major impact on your security posture, so it’s important to get a firm grip of the access controls and have safeguards in place to catch mistakes before they hit the production environment.”

Developing infrastructure as code – effectively, templated scripts that will create infrastructure in any public cloud environment – helps here because it makes it more difficult for mistakes to occur. Any changes in the code need to be peer-reviewed in the development lifecycle, making it much less likely that errors will make it out to the production environment and ensuring that any changes can be tracked and audited. In addition, it’s also good practice to run that code from a centralised location – some kind of CICD server for example – so that only that machine can make configurations and that there’s no way to make changes manually.”

Steve concluded by stating that AWS’s Well-Architected Framework, a programme designed to help AWS users build the most-secure, high-performing, resilient, and efficient infrastructure for their applications, is a key way that users can secure peace of mind about their cloud deployments.

AWS has set up a review scheme, the AWS Well-Architected Framework, to help address these very issues and provide users with the assurance that everything is configured securely and as it should be. Qualified AWS partners can conduct comprehensive and free reviews of existing AWS architectures, checking things like access policies and change processes, and advise on the best way forward to safeguard security.”

Claranet acquires Dutch IT services provider Quinfox

Acquisition enhances Claranet’s capabilities in the healthcare and accountancy sectors

Claranet has acquired Dutch IT services provider Quinfox, a specialist in providing digital services for accountancy, healthcare and public sector organisations. The acquisition, which is the third acquisition that the Claranet Group has made this year, enhances the company’s market position in the Netherlands considerably and puts it in a strong position to pursue further growth.

Netherlands-based Quinfox was founded in 1998 has specialised on providing Hosted Desktop, Application Hosting and Professional Services. The company, which has 20 staff, specialises in working with organisations in the healthcare, public sector and accountancy sectors, and counts some big names in its customer base, including Danone, Baker Tilly Berk, Jeroen Bosch Hospital, and the province North-Brabant and the municipality ‘s-Hertogenbosch.

Quinfox’s founders, Huub van den Bosch and Geert Mossink, will be closely involved with the newly-acquired company to capitalise on the growth opportunities it will bring. Geert Mossink retains an important management position within the organisation, serving as Service Director.

With an ambitious growth strategy, the Claranet Group has grown steadily in Europe over the past five years, both organically and by acquisition. The Group has annual revenues of over £325 / €370 million, employs more than 2,000 staff and works with over 6500 customers across the UK, France, Germany, Spain, Portugal, The Netherlands, Italy, and Brazil.

Commenting on the acquisition, Wiebe Nauta, Managing Director of Claranet Benelux, said:

The collaboration with Quinfox gives Claranet the opportunity to strengthen its position in the Dutch market. We now have more than 125 employees in the Netherlands, a turnover of €20 million and one of the widest IT portfolios in the country. Much like Claranet, Quinfox has cultivated excellent and long-lasting relationships with its customers, making it a great fit culturally. In the coming period we therefore, plan to keep the existing operation intact and focus on synergetic benefits of joining forces. This is great news for customers, who will benefit from our combined expertise and a wider range of services. “

Geert Mossink, co-founder of Quinfox, commented:

We are delighted to join forces with Claranet. Being part of a larger organisation with a broad portfolio of IT capabilities provides us with various benefits, giving us the opportunity to grow and provide our customers with access to more innovative services. We can now take far-reaching steps with optimum security and flexibility in our services.”

Huub van den Bosch, Quinfox’s co-founder, added:

Claranet is one of the most established and well-respected IT services providers in Europe and has a very strong footprint in the Netherlands. In our continuously growing market that is subject to constant change, it is important that we have the right resilience to maintain our position.”

Nation state-backed cyberattacks may take headlines, but the risk from everyday hackers remains most prominent

Actions of national agencies may lead to fear amongst businesses, but leaders must remain wise to the more common threats.

Last week, the UK government accused Russia’s GRU intelligence service of perpetrating four high-profile cyberattacks that took place over the last couple of years. While this latest development could lead to fears that nation states may threaten private businesses, it is important that companies do not lose sight of the biggest threat on their doorstep – the everyday hackers that carry out the majority of attacks they have to deal with.

Gary O’Leary-Steele, Technical Director at Claranet Cyber Security, said:

While nation state attacks make the news headlines, the complexity and frequency of attacks from all sources are on the rise, and attacks will often target the same vulnerabilities, whomever is behind the attack.

To ensure that they are adequately prepared to minimise the impact of cyberattacks, regardless of the perpetrator, organisations need to step up their vigilance across the board. This means implementing a cybersecurity strategy that emphasises not just reactively tackling incidents as they happen, but also adapting to the threat landscape by understanding how hackers think and work, and regularly testing your applications and infrastructure.”

Reactive data breach mitigation always has been and will continue to be crucial, but equally important is being able to understand the ways that hackers go about their business so that organisations can avoid being targeted in the first place, and can keep up with the rapid rate of change. In addition to increasingly sophisticated technical attacks, employees are regularly being exploited as a way into an organisation’s data, so security awareness training, including how to avoid phishing attacks, in addition to more detailed security training for developers and technical teams, must be a critical part of the protection employed.”

O-Leary-Steele concluded:

It would be foolish to ignore a growing prevalence of state-backed cyberattacks, but it’s crucial not to lose sight of the threat of independent actors, which will remain the most prominent danger for businesses for the foreseeable future. The volume and complexity of cyberattacks is rising substantially. As an example, over four in ten businesses (43%) experienced a cybersecurity breach or attack in the last 12 months, according to the Department for Digital, Culture, Media & Sport in its Cyber Security Breaches Survey 2018.

The best way for businesses to prepare for this is by making sure security measures are proactive as well as reactive, and regularly tested and reviewed. For most organisations, they will require the help of dedicated security experts to achieve this.”

Watch the full video below (sound required)

Claranet makes a significant leap on The Sunday Times Top Track 250

Claranet climbs 55 places in recognition of a successful year, cementing company’s position amongst fastest growing privately-owned businesses

Claranet has achieved the rank of 123rd in The Sunday Times Top Track 250 for 2018, rising 55 places from last year. Published on Sunday 7th October, the league table ranks the fastest-growing privately-owned businesses in the UK. Claranet’s placement in the league table for the third year in a row comes during a sustained period of growth.

Claranet has developed via acquisition and organic growth to become one of the leading providers of hosting and cloud, network, communications, and cybersecurity services to over 6,500 customers across nine countries (UK, US, France, Germany, Italy, Spain, Portugal, The Netherlands, and Brazil). Claranet supports these customers through IT consulting, managed services, and training.

In keeping with Claranet’s desire to maintain its momentum, 2018 has seen further moves to expand the company’s portfolio of services and capabilities. This was spearheaded by the acquisition of cloud and infrastructure specialist Union Solutions in May, which strengthened Claranet’s cloud consulting presence across the retail, legal, and financial sectors, and the Italian AWS experts XPeppers in September. Additionally, Claranet grew its group cybersecurity offering by acquiring global ethical hacking training and penetration testing experts NotSoSecure in July and combined this with previous acquisition of Sec-1 to create the global Claranet Cyber Security unit.

Charles Nasser, founder and CEO of Claranet, commented:

The IT services industry continues to be an important partner to UK business success, helping them win against increasing competition across the UK, Europe, and beyond. Despite a constantly evolving and ever competitive market, we have been able to consistently maintain our progress through acquisitions and organic growth. What began as an ISP 22 years ago is now an expert in the migration and running of critical applications and infrastructure 24/7, and our acquisition of NotSoSecure this year means our cybersecurity offering is more comprehensive than ever before.”

Despite our growth, we remain committed to developing the close, trusted relationships that our customers need to succeed in the long term and achieve their own market-leading results.”

Claranet consolidates its security expertise with official launch of Global Cyber Security unit

New unit eases access for customers to unique capabilities of Sec-1 and NotSoSecure

Claranet has announced the official launch of its Cyber Security unit, designed to give customers access to market-leading information security services. The move represents a strong consolidation of Claranet’s current cyber security offerings, following the acquisition and incorporation of Sec-1 and NotSoSecure into the wider Claranet Group over the course of the last year, in addition to considerable investment in security services across the group, especially in France and Portugal.

Under the new Claranet Cyber Security umbrella, customers will be able to call upon the input of experts across a broad range of cyber security disciplines. This includes the pioneering penetration testing and managed security service capabilities of Sec-1 and NotSoSecure, and the training competencies of NotSoSecure – the largest supplier of ethical hacking training courses to the Black Hat conferences. The new unit ensures that the capabilities of both companies are aligned in a way that offers the best range of options to customers within the existing Claranet footprint and around the world.

Michel Robert, Managing Director at Claranet UK, said:

Security is a top priority for a large number of businesses, so we have worked hard over the last couple of years to really strengthen our offering in this area.”

Acquiring both Sec-1 and NotSoSecure has been an instrumental part of this process, but it’s also crucial that we’re able to leverage the skills and services of both businesses in a way that maximises their impact, while also maintaining the strength and prestige of each individual brand. The Claranet Cyber Security unit aims to achieve all of these objectives.”

The need for more comprehensive cyber security services is encapsulated by recent research conducted by Claranet, which found that 69 per cent of IT decision-makers polled were unable to secure customer data effectively, with almost half (45 per cent) encountering challenges around securing customer details when trying to improve the digital user experience for customers.

Michel added:

Cyber security may have risen up the agenda but getting on top of the latest threats and building a watertight security strategy is still a goal that many businesses are yet to reach. Getting there requires a variety of different skills and technologies, but many organisations don’t have the time or expertise to meet these challenges alone.”

By working with third parties with in-depth knowledge and world leading skills such as ours, companies can rapidly upgrade their security capabilities and benefit from a service provision that continuously evolves in the face of a constantly changing threat landscape. The Claranet Cyber Security unit will embrace this philosophy, and we are looking forward to offering our customers the highest levels of support to protect their data, applications, systems, and processes, with a range of services that will evolve over time.”

A poor understanding of data is hampering efforts to drive a positive customer experience, says Claranet

Research indicates that 51 per cent of UK businesses struggle to draw valuable insights from data that they collect

In today’s digital world, data is a vital asset that gives organisations the ability to uncover valuable insights about customer behaviour, which ultimately provides businesses with a competitive edge. However, new research commissioned by managed services provider Claranet has revealed that UK businesses are struggling to capitalise on the vast amounts of customer data they collect.

The research, which was conducted by Vanson Bourne and surveyed 750 IT and Digital decision-makers from a range of organisations across Europe, is summarised in Claranet’s Beyond Digital Transformation report. The findings reveal that despite the increasingly large quantities of data that organisations are now collecting, over half of UK companies (51 per cent) struggle to use and understand their customer data to help them make important business decisions.

According to the survey responses, 41 per cent of UK organisations cite centralising customer data as being a key challenge encountered when trying to improve the digital user experience, and 43 per cent reported that they were unable to provide a consistent experience across channels as a result.

For Michel Robert, Managing Director at Claranet UK, the findings highlight how the often-siloed and legacy approaches to data management are preventing businesses exploiting the potential of the information at their fingertips. Robert commented:

Data has quickly become an incredibly valuable asset in businesses today and the source of important intelligence that can be applied to respond to changing customer demands. Most businesses are sitting on vast amounts of data and those that can harness it effectively can gain a much deeper understanding of their customers, better predict, improve and personalise the customer experience and, ultimately, create stronger brand loyalty and repeat business. It’s therefore troubling that over half of UK businesses are reporting challenges in this area, so addressing data management shortcomings needs to be a priority for any business that is passionate about delivering a positive customer experience.”

To realise the benefits of data you’ve got to be able to combine and mine different repositories of data and make it actionable in real time. However, that’s a process that is often frustrated by legacy systems and batch processing. These unconnected and incompatible IT systems create data siloes and prevent data and insights from being discovered and actioned within organisations.”

Cloud technologies can help a great deal, providing the tooling and infrastructure needed to collect, process, and analyse vast sets of data from across the organisation and make it actionable in real time. By creating a platform that can capture and analyse data from across an organisation, business leaders can discover unique insights, issues and opportunities that will ultimately help them achieve the competitive advantage they seek.”

Claranet wins Best Cloud Support Provider at the Computing Cloud Excellence Awards 2018

Claranet, the leading European MSP has been named Best Cloud Support Provider at Computing’s Cloud Excellence Awards, which took place at the prestigious Waldorf Hilton in London last night

The event honours the wide variety of people, projects and organisations operating in the cloud industry, with 20 different categories recognising a diverse range of success stories and examples of market-leading innovation. The result saw Claranet come out on top against several major cloud players, underlining the expertise and hugely successful track record that the company has built up in this area.

Tanaz Gould, Consultancy Director at Claranet UK, said:

Over the last year, Claranet has spearheaded a large number of highly successful digital transformation projects with leading organisations around the world, including complex infrastructure migrations and consolidations. With each project we take great pride in working very closely with our customers to ensure we can guide them through each stage of the process and maximise the results for their unique business goals.”

The judging panel consisted of key individuals from leading cloud and IT organisations including John Abel, the Vice President of Oracle for UK and Ireland and Julian Burnett, VP & Executive Partner of retail at IBM, as well as Tom Allen, Special Projects Editor at V3 and The Inquirer. The ceremony itself was a fantastic evening celebrating the triumphs of global businesses, with winners in other categories including AT&T, DarkTrace and Anglian Water. Tanaz continued:

Winning this award is a superb result for Claranet and we are delighted to have been recognised for the work we have done over the course of the last year. The importance of cloud-based services and digital infrastructure is becoming increasingly prevalent, enabling any organisation to become more efficient, agile and cost-effective. We’re proud to be at the forefront of the industry in this respect, which has come as a result of us building and maintaining a philosophy that emphasises offering the highest level of service and support to our customers.”

Everyone involved at Claranet deserves immense credit for this accolade, including our architects, engineers, service delivery teams and account handlers. We’re incredibly proud of the entire team for their passion and commitment and hope this will drive us on to even greater things.”

For more information on the awards and a full list of the winners, please visit:…

Claranet Italy acquires XPeppers to strengthen its Agile and Cloud expertise

  • Claranet expands its Amazon Web Services (AWS) offering and confirms its position as a leader in the European cloud outsourcing market
  • Group strengthens its Agile and AWS competencies to support complex client applications in the cloud
  • Claranet further confirms its experience and its ability to support its customers across Europe in their digital transformation

Claranet, a European leader in the hosting and management of critical applications, has announced the acquisition of Italian DevOps and cloud specialist XPeppers.

Founded in 2010, XPeppers is a value-added systems integrator specialising in AWS managed services, DevOps and Agile technologies. Having built strong relationships with a number of large businesses, XPeppers has become a respected partner for customers who need to manage critical applications through AWS and is also an AWS Partner Network (APN) training partner. Its expertise in DevOps and Agile tools also gives it the critical capabilities to help customers manage digital transformation.

XPeppers has an annual turnover of around 4 million euros, with its customers including Conde Nast and Mercury Payments.

This latest merger has enabled Claranet to further strengthen its AWS offer in the Italian market and confirms the Group’s position as a natural leader in the public cloud market in the rapidly growing European market. This is in line with Claranet’s ambitious expansion strategy, which has seen the Group grow rapidly in Europe in recent years, both through organic growth and acquisitions. XPeppers represents the latest of these acquisitions.

Lucia Terranova, Deputy General Manager at Claranet Italy, said:

Bringing XPeppers into the Claranet Group is a natural fit for both parties. As an AWS specialist, XPeppers possesses expertise which is very much in line with that which we value at Claranet, and reinforces our position as one of the leading AWS stakeholders in Europe. Combined with XPeppers’ DevOps and Agile capabilities, our customers now have the opportunity to benefit from all the advantages that public cloud has to offer, while maintaining a single point of contact and unified support.”

Mario Lanzillotta and Anna Tocci, founders of XPeppers, said:

Being part of the Claranet Group will create many opportunities for our customers, partners and employees, so we’re very pleased to announce this deal. All of our customer ecosystem will see benefits from us merging with Claranet’s pan-European operations, with its financial strength and reputation for outstanding service being hugely valuable in ensuring that we’re able to serve our customers in the best possible way.”

Microsoft recognises Claranet as an Azure Expert MSP

Claranet recognised by Microsoft’s MSP program for demonstrating excellence in delivery, technical expertise, and experience of the Azure cloud ecosystem.

Claranet has been recognised for its expertise in consulting, implementing, and operating cloud solutions by Microsoft, becoming one of just 32 global launch partners to achieve this status. Securing the Azure Expert MSP accreditation confirms Claranet’s high level of expertise and knowledge of Azure cloud services as well as its ability to support customers in their unique innovation and digital transformation projects.

The certification program was created by Microsoft to reward partners who can meet a demanding set of criteria by demonstrating their excellence in delivery on a consistent basis. This includes an independent audit of their managed services, processes, and technologies, with only the most loyal and experienced partners being rewarded with the Azure Expert MSP badge.

The audit focuses on a wide range of key criteria and specialities that must be mastered by the MSP in a cloud environment, including: overall knowledge of Azure services; good cloud security practices; excellence in architectural design and application code adaptation; exploitation of platforms in scalable environments and cost containment.

Frédéric Atlan, Group Business & Partner Development Manager at Claranet, said:

Over the last few years there has been a rapid increase in the number of businesses migrating their in-house legacy technology and infrastructure to a public, private, or hybrid cloud service provider. In order for these transformations to be successful, organisations need to be supported and guided by partners with proven knowledge and experience of the cloud. The Azure public cloud, for example, has its own unique features and at Claranet we have known for a long time that following traditional methods are no longer suitable for this type of service”.

We now operate specifically on Azure using the best of the platform, including all advanced services, and this is an opportunity to collaborate with Microsoft further by bringing all of our cloud-based tools into compliance with their platform. When delivering critical services just having technical expertise is not enough, so it is vital that all associated processes and workflows are mastered to give the most effective support to customers”.

Gavriella Schuster, corporate vice president, One Commercial Partner, Microsoft Corp, added:

We are delighted to name Claranet as an Azure Expert MSP. Claranet has extensive experience in supporting its customers in the cloud by embracing a methodical and innovative approach, meaning they are fully deserving of this new status”.