Penetration Testing, Vulnerability Management

Cerberus Cyber Sentinel buys Alpine Security

Security consulting firm Cerberus Cyber Sentinel Corporation has acquired St. Louis, Missouri-based penetration testing company Alpine Security, part of a continuing play to beef up their penetration testing and regulatory compliance offerings.

Alpine Security, which offers penetration testing, medical device testing, security auditing, trainings and “CISO-as-a-Service” to its clients, will become part of Cerberus. Alpine president and founder Christian Espinosa will take on a strategy role at the company, per an announcement of the deal.

Alpine Security also has a presence in the government contracting market, offering trainings and assessments around the General Services Administration’s Schedule 70 contract as well as the Cybersecurity Maturity Model Certification and the Defense Federal Acquisition Regulations Supplement programs for defense contractors.

In addition to Espinosa’s new role, Alpine’s penetration testing team will be integrated into Cerberus existing capabilities crew, where they will continue to focus on the health care market and medical device testing.

“Alpine is an excellent fit for the Cerberus portfolio of companies,” said David Jemmett, the company’s CEO and founder, in a statement. “The demand for quality compliance, training, and penetration testing talent continues to grow, and we are pleased to have them join us.”

The release does not list the price of the acquisition, but days before the announcement, Cerberus notified the Securities and Exchange Commission that they had taken a $3 million loan from Hensley and Company at a 6 percent interest rate “to provide funding for the Company’s prospective acquisitions and other general corporate purposes.” Andrew McCain, chief operating officer for Hensley, also sits on the board of directors for Cerberus.

The deal, and implication of more to come, hint at increased hunger for third-party security auditing services in the face of worsening cybercrime, and an increasingly complex regulatory compliance landscape.

A survey of 100 North American chief information security officers conducted this past year found that security teams faced an average of 3.3. audits over the next year, with the sudden shift to telework in the wake of COVID-19 creating a host of new non-compliance concerns. Two-thirds reported dissatisfaction with the security tools they had in place to prepare. In another survey of 900 CISOs conducted by Thycotic earlier this year, 77 percent reported that fear of failing a security audit was one of the primary drivers pushing their boards to make new security investments.

The move marks the second acquisition by Cerberus, which offers consulting and managed security services, of a cybersecurity-focused, penetration testing company in the last three months. In September, the company purchased Atlanta-based Clear Skies Security, also on the strength of their penetration testing work.

Derek B. Johnson

Derek is a senior editor and reporter at SC Media, where he has spent the past three years providing award-winning coverage of cybersecurity news across the public and private sectors. Prior to that, he was a senior reporter covering cybersecurity policy at Federal Computer Week. Derek has a bachelor’s degree in print journalism from Hofstra University in New York and a master’s degree in public policy from George Mason University in Virginia.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.