Taking into consideration, the drive to transform the cloud computing ecosystem, devising contemporary cybercrime protection strategies, ascending global progress, and a knack for innovation, Lunarline, Inc has been recognized as the best performing cloud solution provider. Founded in 2004 and headquartered in Arlington, Virginia, Lunarline helps over 500 clients fight back against modern cybercrime. Its portfolio of products, services, managed services, training and certifications, power Solutions Built on Security® for clients in the Intelligence, Defense, Federal Civilian and private Sectors.
Lunarline has worked ceaselessly to build exceptional capabilities that solve each piece of the cyber puzzle for Cloud Service Providers (CSPs). From compliance to cloud security architecture & engineering to Managed Security Services that address unique cloud challenges, the organization’s job is to maximize the secure use of cloud services.
In addition to Lunarline’s compliance work as a Federal Risk and Authorization Management Program (FedRAMP) Third Party Assessment Organization (3PAO), many of its products, services and training solutions have rapidly emerged as market leaders in the cloud space. As an example, the organization provides a suite of cyber intelligence tools and capabilities – such as LunarGroundStation and LunarDownlink – that help CSPs and users of cloud services in proactively addressing emerging cyber threats impacting the cloud.
It also provides training and certifications that help cloud engineers improve security posture while cost-effectively meeting compliance requirements. Lunarline’s Managed Security Services are cloud-focused, helping both CSPs and cloud users take secure advantage of the cloud to optimize performance.
The Guiding Light of Inspiration
Lunarline’s founder and CEO, Waylon Krush is a proven security visionary with a knack for understanding how to apply innovation solutions to achieve real results. He’s relentless in ensuring that the organization stays 100% focused on client service and problem solving. He is also fearless, and has taken enormous risks to push Lunarline into so many different disciplines in cybersecurity.
This fearless investment has led Lunarline to possess the capabilities to compete with anyone in any cyber discipline, from training to compliance to consulting to manage security services. His example of relentless client service and fearless investment in the future is reflected in every Lunarline employee – from the most junior to the senior executives – who understand that they need to bring the same intensity and fearlessness to their own jobs.
Coming to Spence Witten, the Vice President of Lunarline’s Global Sales, comes from a federal service and sales background. Spence is pretty au fait with complex systems and technical requirements, massive Requests for Proposals, budgetary puzzles and procurement cycles that function on geological time. He ceaselessly works to instill that same patient, relentless attention to technical detail needed to support the Government in the sales culture at Lunarline, tempered of course by the need to move at private sector speed.
Spence also makes sure that the promises extended during the sales process are reasonable, reflected in any ensuing contracts, ingrained in project plans and then kept throughout execution. In short he views sales, not just as a revenue generator, but as a critical element of the project lifecycle, that sets the stage for project success.
Lunarline has found that its CSP clients find its approach to sales extremely valuable. “It is absolutely critical to move at the speed of modern business,” states Spence. “However in the cloud we’re dealing with complex, high-consequence stuff. It pays huge dividends downstream when we use the sales process to come to a mutual understanding of requirements and fully articulate our proposed solution up front during contract negotiations. Then we hit the ground running with an actionable plan that yields enduring results,” he adds.
Reformatory Service models
One of Lunarline’s advantages as a small business is essentially infinite flexibility in the services model(s) it can use to meet the needs of its cloud clients. Unlike large businesses wedded to specific approaches, the company can adapt to clients’ budgetary and contractual requirements.
From traditional consulting type arrangements to staff augmentation to comprehensive outsourced security-as-a-service, Lunarline helps choose the model that best fits clients’ present and projected needs. It also uses a wide-range of pricing models, from subscription and performance-based approaches to various hourly and firm fixed price arrangements, depending on client preference.
Lunarline has witnessed a significant increase in the number of CSPs and cloud users looking for Managed Security Services to secure the cloud. Its MSS platform helps CSPs lockdown their infrastructure, but it also helps other organizations securely maximize their use of the cloud. The organization helps these organizations develop cloud migration plans and then secure their data through transition and beyond.
Another one of the advantages of the MSS model is that it’s extremely easy to tailor service packages to specific requirements. With an underlying subscription model Lunarline flexibly allocates services and/or surge support to requirements as needed. This lets it quickly deploy its diverse products, services and training to address any security challenge.
Being Customer Centric
Lunarline received its start as a services company. While it has grown to offer a broad array of products, managed services, training and certifications, a services-oriented approach remains a core part of the organization’s corporate DNA.
“While my title is VP of Sales they make me do real work too. We don’t have dedicated sales folks. Everyone who interacts with prospective clients is a recognized cybersecurity expert in a relevant discipline,” Spence expresses.
Lunarline comprehends that cloud security is complex, high-consequence stuff, with a major impact on organizational success. Thus it uses the sales process the way it’s supposed to be used – to come to a mutual understanding of requirements so that it can assemble the best possible solutions package that meets clients’ specific needs.
The organization takes that same high-touch philosophy with it into project execution. As an example, its Managed Security clients have instant, ‘round the clock access to an expert in its Security Operations Center to discuss, anything.
Lunarline also holds weekly meetings where senior and middle management to discuss actionable initiatives which it can execute across the company to improve performance for its clients. The Success in achieving these initiatives is tracked through Key Performance Indicators for all personnel, to align performance incentives to its ability to stay focused on solving client challenges.
Having been in business since 2004, Lunarline has survived a few ups and downs. It weathered the Great Recession, the US Government shutdown and sequestration and a constantly shifting, disruptive technical landscape. A major lesson learned by the organization is the value of diversification. Thus it actively balances its client portfolio to ensure that it covers a broad array of clients and industries.
This protects Lunarline financially, and also ensures that its personnel can draw on technical solutions and best practices from across the Intelligence, Defense, Federal Civilian and private sectors to provide the best possible solutions to its clients’ cyber challenges.
Lunarline has also learned that cyber professionals are extremely hard to come by. One of the reasons it founded the Lunarline School of Cybersecurity is to provide elite cybersecurity training and certifications to its own personnel, in addition to the thousands of external folks it supports each year. The organization identifies promising cyber professionals from all walks of life and equips them with the skills, certifications and mentoring they need to excel in civilian life.
According to Lunarline, an immediate challenge facing its federal clients is the need to significantly improve the ability of CSPs to rapidly and sustainably achieve FedRAMP accreditation. “The US Federal Government needs access to secure, compliant cloud services, but CSPs need to clear the demanding security bar set by FedRAMP before the government can access their solutions. In response we’re developing a package of products, services and training that help CSPs get up the FedRAMP curve faster and more effectively,” Spence expresses.
On the technical front, Lunarline has also noticed an increasing number of attacks targeting access control and API security. Lunarline understands that CSPs in general are fantastic at securing their infrastructure and Software-as-a-Service offerings, but interfaces between CSPs and users are becoming hacker playgrounds.
In response the organization has significantly enhanced its software assurance capabilities and focused penetration testing teams on exhaustively testing access control systems and interfaces to more closely replicate real-world attacks. It has also increased its cyber intelligence collection efforts in this area, to help CSPs stay ahead of emerging threats.
An obvious problem for Lunarline is just how challenging it is to find qualified cloud security engineers. “Simply, finding general security people has gotten extremely difficult. It’s an order of magnitude more challenging to find great security folks who also know the cloud. That’s because they don’t exist. You have to train them,” states Spence.
So Lunarline identifies promising security personnel from within its own ranks, equip them with training and certifications and then pair them with cloud security mentors. This is because the company comprehends that only after completing an apprenticeship program can the personnel become cloud security engineers and consultants.
Lunarline invests an enormous amount of time and money in cyber intelligence, to stay on top of emerging threats, and in training, to ensure that its personnel possess the skills necessary to defeat those threats.
“The CSP threat landscape is constantly changing as are the tools and techniques necessary to fight back. Our cyber intelligence teams inform our training efforts to keep our frontline engineers and consultants prepared for whatever’s next,” Spence asserts.
Lunarline has the in-house capabilities to tackle every piece of the cloud security puzzle while equipping clients with the real-time, actionable cyber intelligence they need to stay ahead of emerging threats.
Beholding the Future
There is no other pure play security company in this space that offers Lunarline’s breadth of products, services, managed services, training and certifications. The organizations goal is to continuously improve its ability to bring these capabilities into unified solutions to clients’ security challenges.
As a part of this process it invests heavily in security automation capabilities that automate monitoring, compliance, security testing, cyber intelligence and device hardening. This helps keep Lunarline’s employees focused on proactively driving continuous improvement in its clients’ security posture.