Cerberus Sentinel Looks To Uplist To NASDAQ…

30 NOV 2020

Cerberus Cyber Sentinel [OTC:CISO], a cybersecurity consulting and managed services company, is in “final negotiations” to mandate an advisor to assist it in uplisting to the Nasdaq, said founder and CEO David Jemmett.

The Scottsdale, Arizona-based company, which started trading over the counter in June 2020, wants to uplist to the Nasdaq rather than the NYSE because it is more noted for technology and high-growth companies, Jemmett said, declining to provide a timeline. It expects the raise to likely be between USD 10m-USD 20m because its business model is focused on acquiring talent and making them shareholders, he said.

Cerberus Sentinel has signed “quite a few” letters of intent and hopes to close multiple acquisitions before year-end, Jemmett said. It most recently acquired Atlanta-based cybersecurity assessment firm Clear Skies Security in September for an undisclosed price.

The company sees its acquisition strategy as a consolidation of talent, and is not specifically acquiring for revenue, according to the CEO. It is looking for cyber training experts at companies that do penetration (PEN) testing, focus on compliance, or have a strong Security Operations Center (SOC), he added.

Pen testing is a simulated cyberattack against the customer’s computer system to check for exploitable vulnerabilities. Cerberus Sentinel provides continuous and periodic scans based on the customer’s regulatory requirements. An SOC monitors a customer’s network and server infrastructure to track potential threats and protect against them.

Cerberus Sentinel, which has closed seven acquisitions to date, typically targets companies with between USD 3m-USD 25m in revenue, Jemmett said. It expects to increase that target to between USD 35m-USD 65m in revenue in 3Q21, he said.

The company does expect to use a buyside advisor when it targets larger deals, but it has already been approached by advisors looking to represent it at that time, Jemmett added.

To date, Cerberus Sentinel has primarily funded operations and acquisitions through revenue and the sale of equity in private placements, according to its latest quarterly filing. During the nine months ended 30 September, it received USD 790,000 from private placements of its common stock to accredited investors.

It posted USD 2m in revenue in the third quarter, up from USD 1.6m in the second quarter and USD 281,000 in the prior-year period, according to filings. Founded in 2019, Cerberus Sentinel is not yet profitable. It received about USD 710,000 in a forgivable loan through the government’s Paycheck Protection Program, as reported.

COVID-19 “rocketed us five years” ahead of where we would’ve been, Jemmett said. With employees working remotely, there has been more than a 300% increase of cyber incidents amid the pandemic, and cybersecurity has become a “central focal point” for businesses to secure themselves, he added.

“Instead of us going out to find clients, the clients are finding us,” the CEO said. Almost 99% of Cerberus Sentinel’s increased growth is through company referrals, and the demand is 10-fold what it was last year, he said.

Companies in the financial and healthcare industries have the most cybersecurity exposure through their handling of personally identifiable information and personal healthcare information, respectively, Jemmett said. Cerberus Sentinel also has government contracts and customers in oil and energy, he added.

It occasionally competes against companies such as KPMGAon [NYSE:AON] subsidiary Stroz FriedbergDeloitte and Booz Allen Hamilton [NYSE:BAH], but Jemmett calls them “frenemies” because there is so much demand for all of these cybersecurity firms to target. “We’re all trying to do our best to keep up with the demand,” he said.

Cerberus Sentinel has 71 employees in offices in Scottsdale; Arlington, Virginia; Austin, Texas; Nashville, Tennessee; Atlanta; Chicago; Denver; Las Vegas; Phoenix; and San Diego.


by Rachel Stone in Charlottesville, Virginia

Source

Persistence of Phishing


By David Jemmett, founder and CEO, Cerberus Sentinel

Read the full article here

We’re all likely to have experienced some form of phishing in our lifetimes and are likely to experience it again in the future. Time and time again, cybercriminals are resorting to tried and true methods of phishing and business email compromise (BEC) for financial gain. An overwhelming 80% of security incidents begin with a phishing attack and an average of almost $18,000 is lost every minute. Recently, a BEC scamming ring was caught which managed to successful hit nearly two million targets, obtaining almost $500 million. With such a high success rate, it is no surprise that criminals are continuing on the trend of phishing scams. 

It’s a universal truth in security that phishing emails are in a constant state of development on the attacker end, becoming more and more sophisticated with criminals incorporating official-looking headshots, phone numbers and signatures from a genuine law firm. Those unfortunate enough to click on the attached PDF that would have no doubt found malware rattling through their computer and beyond, ensuing large amounts of damage. While we’re lucky to be in the industry we are, and understand these threats, not everyone has the same awareness or experience on their side. 

Upon further investigation into some phishing emails I had recently received, I found that some details didn’t add up. For starters, the location of the sender didn’t match up with the location of the real attorney’s office, in fact, they were in completely different states. Then, we calling the phone number given in the email, which was answered as though it were a legitimate law firm but revealed that the phone number for this attorney was different to the one given. 

These phishing emails can have data security implications for both those that are uneducated and the firms the cybercriminals are impersonating as it could lead to a lack of trust. However, one of the best, and only ways to confirm the legitimacy is to do rigorous research, and that is what we did. 

Myself and one of the engineers at Cerberus Sentinel did some forensics on one of the emails and attached PDF to see what it intended to do. We took the email and put it into a safeguarded standalone sandbox where it redirected us to seven know malicious sites that would have uploaded into my browser via the PDF. Along with that, it also contained Ryuk-type program that would run as soon as I clicked the file, opening adobe on my system. 

The results were astonishing. Not only was it redirecting to the malicious sites, but it also started giving out data to bad IPs. After only in a few minutes of this test, the sandbox was compromised through several file directories and connections with these bad IPs. Within a commercial network, this scam would have compromised both the device the email was received on and the network itself. 

Worryingly, we are seeing such scams becoming more expertly targeted to individuals meaning they are more likely to open the emails, and without the necessary security awareness training, they are none the wiser. Yet, the increase in sophistication of phishing and BEC scams highlights the need for increase email security systems and training to bypass human vulnerability. 

Cerberus Sentinel announces acquisition of Clear Skies Security

U.S. cybersecurity services firm adds experienced penetration testing team

SCOTTSDALE, Ariz., Sept. 23, 2020 (GLOBE NEWSWIRE) — Cerberus Cyber Sentinel Corporation (OTC: CISO), a cybersecurity consulting and managed services firm based in Scottsdale, Ariz., has acquired Clear Skies Security, LLC (“Clear Skies”), an Atlanta-based cybersecurity assessment firm.

Under the terms of the agreement, Clear Skies will become a wholly owned subsidiary of Cerberus Sentinel and will continue to focus on providing security assessments and penetration testing services to a diverse set of U.S. customers. With the new organizational structure, Brad MacKenzie, president, Clear Skies, will take on the role of managing director for Cerberus Sentinel.

“Organizations have a wide range of diverse challenges and requirements for information security. Clear Skies Security has always delivered high quality technical security assessments, and we are proud to join the Cerberus Sentinel team,” said MacKenzie. “Being part of this elite team of security practitioners, delivering high quality services over the entire security spectrum, fits perfectly with our mission of being a trusted security advisor.”

“Clear Skies adds substantial experience to our security assessment capabilities,” said David Jemmett, CEO and founder of Cerberus Sentinel. “Clear Skies serves as trusted security advisors and has a depth of talent proven to evolve with changing technologies. Their customer-first culture and talented team are a valuable addition to the Cerberus Sentinel team.”

Clear Skies will continue to be based in Atlanta and will lead a growing team in the Southeastern United States. The company collaborates with clients on a continual basis to ensure ongoing security and compliance within their organizations, helping them drive security through all aspects of their business. “Clear Skies will further enable our differentiation in the marketplace and continue expanding our expertise and offerings in the cybersecurity field,” Jemmett added.

Financial terms of the agreement were not disclosed.

About Cerberus Sentinel

Cerberus Sentinel is a U.S. provider of consulting and managed services, focused solely on cybersecurity. The company seeks to expand by acquiring world-class cybersecurity talent and utilizes the latest technology to create innovative solutions that protect the most demanding businesses and government organizations against continuing and emerging security threats.

Safe Harbor Statement

This press release contains forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995. Statements including words such as “believes,” “expects,” “anticipates,” “intends,” “estimates,” “plan,” “will,” “may,” “look forward,” “intend,” “guidance,” “future” or similar expressions are forward-looking statements. Because these statements reflect Cerberus Sentinel’s current views, expectations and beliefs concerning future events, these forward-looking statements involve risks and uncertainties. Investors should note that many factors, as more fully described under the caption “Risk Factors” and elsewhere in Cerberus Sentinel’s Form 10-K, Form 10-Q and Form 8-K filings with the Securities and Exchange Commission and as otherwise enumerated herein, could affect Cerberus Sentinel’s future financial results and could cause actual results to differ materially from those expressed in such forward-looking statements. The forward-looking statements in this press release are qualified by these risk factors. These are factors that, individually or in the aggregate, could cause the Cerberus Sentinel’s actual results to differ materially from expected and historical results. You should not place undue reliance on any forward-looking statements, which speak only as of the date they are made. We assume no obligation to publicly update any forward-looking statements, whether as a result of new information, future developments or otherwise.

Contact:
Charles J. Zigmund, Vice President
Cerberus Sentinel
617-838-4183
charles.zigmund@cerberussentinel.com

Cathy Morley Foster
Eskenzi PR
925-708-7893
cathy@eskenzipr.com

Press Release: Cerberus Sentinel Commences Public Trading

https://www.globenewswire.com/news-release/2020/06/26/2054225/0/en/Cerberus-Sentinel-commences-public-trading.html

SCOTTSDALE, Ariz., June 26, 2020 (GLOBE NEWSWIRE) — Cerberus Cyber Sentinel Corporation (OTC: CISO), a cybersecurity consulting and managed services firm based in Scottsdale, Ariz., announced that public trading commenced today, and quotations for its common stock are now available from OTC Markets Group under the ticker symbol CISO.

Cerberus Sentinel is led by CEO David Jemmett and an experienced and technical management team. Jemmett has successfully launched several technology companies (GoodNet/Windstar, CDC Communications, and Clear Data Networks) that all have had a strong component of cybersecurity.

“Cybersecurity is a culture, not a product,” says Jemmett. “In a world with over 2.8 million and growing unfilled cybersecurity jobs, we seek to be the place where experienced cybersecurity professionals want to work.” In contrast to product-centric companies, “we look to deliver a holistic security approach that places our customers in the center of a solution that creates a true culture of security from end to end utilizing and responding to the needs of each client.”

Cerberus Sentinel, and its subsidiaries, offer a comprehensive suite of services to help enterprise customers secure their operations, including data, intellectual property, and applications. These services include assessments and testing, remediation, and incident response. The company provides a set of managed services that include training, monitoring and alerting, compliance, and ongoing advisement for chief information security officers (CISOs).

Cerberus Sentinel seeks to expand, including by acquiring cybersecurity services organizations across the United States. President and COO Bill Santos says, “we focus on bringing together experienced teams that have a passion for the customer, creating unique solutions that establish long-term, growing relationships.”

Cerberus Sentinel went public through the direct registration process, which it believes is an efficient way to access the public markets that does not require an investment bank. “Since cybersecurity professionals are our enterprise value, a direct registration is expected to give us a currency to reward and motivate them,” says Jemmett.

About Cerberus Sentinel

Cerberus Sentinel is a U.S. provider of consulting and managed services, focused solely on cybersecurity. The company seeks to expand by acquiring world-class cybersecurity talent and utilizes the latest technology to create innovative solutions that protect the most demanding businesses and government organizations against continuing and emerging security threats.

Safe Harbor Statement

This press release contains forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995. Statements including words such as “believes,” “expects,” “anticipates,” “intends,” “estimates,” “plan,” “will,” “may,” “look forward,” “intend,” “guidance,” “future” or similar expressions are forward-looking statements. Because these statements reflect Cerberus Sentinel’s current views, expectations and beliefs concerning future events, these forward-looking statements involve risks and uncertainties. Investors should note that many factors, as more fully described under the caption “Risk Factors” and elsewhere in Cerberus Sentinel’s Form 10-K, Form 10-Q and Form 8-K filings with the Securities and Exchange Commission and as otherwise enumerated herein, could affect Cerberus Sentinel’s future financial results and could cause actual results to differ materially from those expressed in such forward-looking statements. The forward-looking statements in this press release are qualified by these risk factors. These are factors that, individually or in the aggregate, could cause the Cerberus Sentinel’s actual results to differ materially from expected and historical results. You should not place undue reliance on any forward-looking statements, which speak only as of the date they are made. We assume no obligation to publicly update any forward-looking statements, whether as a result of new information, future developments or otherwise.

Contact:
Charles J. Zigmund, Vice President
Cerberus Sentinel
617-838-4183
charles.zigmund@cerberussentinel.com

Cathy Morley Foster
Eskenzi PR
925-708-7893
cathy@eskenzipr.com

     
Copyright Cerberus Sentinel2021. All Rights Reserved.   Privacy Policy / MSA