Author Archives: Sydney Pujadas

In today’s business environment, demonstrating strong cybersecurity practices is essential for regulatory compliance and earning the trust of customers, partners, and investors. For service organizations, achieving SOC 2 compliance is a way to show that your security systems and processes protect sensitive data effectively. SOC 2 compliance is one of the most recognized ways for service providers to build that trust.

As a SOC 2-compliant partner, Thrive not only meets these requirements internally but also helps organizations simplify the path to their own compliance needs. That means organizations can run their business with the confidence that their IT and security programs align with industry-leading standards.

What is SOC 2 Compliance?

SOC 2 is an auditing standard developed by the American Institute of Certified Public Accountants (AICPA) that evaluates how service organizations manage data based on five Trust Service Criteria:

• Security
• Availability
• Processing integrity
• Confidentiality
• Privacy

Passing a SOC 2 audit demonstrates that your organization has the proper controls in place to protect sensitive customer information.

Why SOC 2 Compliance Matters

For service-based businesses, SOC 2 is more than a regulatory checkbox—it’s proof that your organization prioritizes customer data protection. Achieving compliance can:

• Build trust with clients and partners who require assurances of strong security practices.
• Enable growth by meeting contractual and regulatory requirements for new business opportunities.
• Reduce risk by ensuring security controls are tested, documented, and continually improved.
• Strengthen your reputation by showing your commitment to protecting sensitive data.

Turning Compliance into a Business Advantage

Thrive is a SOC 2-compliant Managed Services Provider (MSP), meaning we hold ourselves to the same high standards we help our clients achieve. By choosing Thrive, you gain a partner that not only understands SOC 2 requirements but also lives them every day.

We work closely with organizations across industries to ensure their IT environments are secure, resilient, and aligned with compliance goals. Contact Thrive today to ensure your compliance program is customized, sustainable, and aligned with your organizational goals.

Cybersecurity threats are growing more advanced every day. Now, attackers are becoming skilled at hiding within networks, often blending in with legitimate traffic to avoid detection. Traditional security tools, such as firewalls and antivirus software, remain important, but they’re not always enough to catch more sophisticated threats. That’s where network detection and response (NDR) comes in.

Defining NDR

NDR is a security technology that monitors network traffic in real time to identify, investigate, and respond to suspicious activity. Unlike security tools that focus on endpoints or specific applications, NDR takes a network-wide view, analyzing the traffic flowing between all connected systems and with external systems.

This broader perspective allows NDR to spot anomalies, like unusual access patterns, hidden lateral movements, or abnormal data transfers, that might indicate a security breach in progress. By detecting behavioral patterns that can slip past other defenses, NDR strengthens your organization’s overall security posture.

Why NDR Matters

Cybercriminals often exploit blind spots left by traditional security monitoring tools. They may compromise a single endpoint and then quietly move across the network, escalating privileges or exfiltrating data before anyone internally notices.

With NDR, organizations gain:

• Comprehensive visibility: Real-time monitoring of all network traffic, not just individual endpoints.
• Early threat detection: Identification of suspicious behaviors that may indicate attacks in progress.
• Faster response times: Built-in tools for investigating anomalies and containing threats.

How NDR Fits into a Security Strategy

NDR is most effective when combined with other security solutions such as endpoint detection and response (EDR) and security information and event management (SIEM). Together, these tools create a layered defense:

• EDR protects individual devices.
• SIEM aggregates logs and alerts from across the IT stack.
• NDR provides visibility into the traffic connecting everything.

By working together, these technologies provide a faster, more complete picture of your environment, improving your time to detection and helping you stay ahead of modern threats.

Thrive’s Approach to NDR

At Thrive, we help mid-market organizations integrate next-generation NDR solutions into their security stack. Our services provide:

• 24×7 monitoring and alerting by our security operations center (SOC).
• Advanced analytics and machine learning to detect abnormal traffic patterns.
• Expert incident response services to contain threats quickly and effectively.

With Thrive as your partner, NDR doesn’t just detect threats, it becomes a proactive tool for building resilience, maintaining compliance, and ensuring business continuity.

A Stronger Defense with NDR

Network detection and response is quickly becoming a key piece in a modern cybersecurity strategy. By providing visibility into every corner of your network, NDR helps you catch the threats others miss and respond before damage can be done.

Contact Thrive today to learn more about adopting and operationalizing NDR, ensuring it supports not only your security goals, but also your organization’s broader business objectives.

Unlock your path to AI success.

Every organization has AI ambition, but turning that ambition into measurable business results requires more than just tools. It starts with clarity of purpose, alignment with strategy, and a roadmap to execution.

Our playbook shows how organizations can align AI to business goals, assess readiness, and create a roadmap that drives measurable outcomes. Learn how to move from ambition to action with a strategy that balances innovation, scalability, and long-term impact.

Download the playbook and discover how your organization can build a purpose-driven AI foundation for sustainable growth.

The IT Partnership That Grows with Your Portfolio Company

For private equity-backed portfolio companies, IT is more than infrastructure, it’s a growth engine. Outdated systems, fragmented processes, and reactive IT can slow expansion, create risk, and limit operational efficiency.

Our eBook shows how PortCos can implement future-ready IT strategies that scale securely, streamline operations, and drive long-term value creation. Learn how to partner with IT teams that evolve with your business, turning technology into a competitive advantage.

Download the eBook and discover how your portfolio company can build an IT foundation that grows with it.

Tackle Technical Debt Before It Tackles You

For private equity firms, technical debt isn’t just an IT problem; it’s a drag on portfolio value. Legacy systems, patchwork solutions, and unchecked risk can erode returns and stall growth. But when managed strategically, eliminating technical debt creates technical equity, a stronger foundation that accelerates innovation, efficiency, and scale across investments.

Our eBook breaks down how PE leaders can identify and measure technical debt, prioritize remediation, and implement portfolio-wide strategies that transform hidden liabilities into competitive advantage.

Download the eBook and discover how to unlock lasting value by turning technical debt into technical equity.

Any Chief Information Security Officer worth their salt has three primary goals:

1. Brand and Reputation Protection: keep the organization out of news headlines. Keep all employees, executives, and stakeholders safe from reputational damage.
2. Data Protection: Keep important data where it belongs. Keep the data available to those who are supposed to see it, delete, modify it. etc.
3. IT Dollar Spend Optimization: Identify a required feature or function, acquire it, implement it, and do not spend the following year’s budget acquiring a new tool that performs the same tasks, but rather, enable new features on the existing technology.

There’s always the latest Swiss army knife of cybersecurity technology that will solve all of an organization’s problems, replace the old broken stuff in its environment, and make your organization feel secure, allowing you to sleep peacefully at night.

It’s not just cybersecurity technology. There are typically three distinct stages of tech evolution:

• Stage 1 is usually big and clunky with parts cobbled together and sort of functional.
• Stage 2 shows some demonstrable integration for purpose-built functionality.
• Stage 3 will show remarkable rightsizing, increased functionality, and remarkable simplification.

Sort of Moore’s law, but sort of not. Think of the original remotes for Amazon’s Fire TV – there used to be lots of buttons, now it’s approximately 8, Microsoft Zune – yes, it’s a thing, and worth a google if you’re not familiar, versus Apple’s iPod. Power and functionality are always increasing, but the trick is to actually adopt the technology in meaningful fashion.

When “commercial-off-the-shelf” turns into “stays-on-the-shelf”, we have all missed the boat. But there’s always the next shiny new thing in the cybersecurity world.

Removing all the fluff and nonsense, there are a handful of simple steps that can improve your overall posture dramatically:

MFA Everywhere

Multi-Factor Authentication (MFA). The single biggest point of risk to any computer environment is where a human being touches the keyboard. Ensuring that the human being in question is who they say they are increases trust and allows for improved accountability. MFA (two factor authentication (2FA), one time password (OTP), and so on, generate a specific time-bounded authentication step helping to ensure that the human is who they say they are, and is doing what they’re supposed to be doing. Ensuring the identity of the user (or entity – think service accounts) may be the single more important control point we have.

MDR Everywhere

Managed Detection and Response. Emphasis on Managed. Having persistent eyes-on information generation, such as where data is created, manipulated, etc., an Endpoint Detection and Response (EDR) platform increases the value exponentially. Visibility into endpoint activities and potential threats may be the single most important control point we have.

MDM Everywhere

Mobile Device Management. As mentioned earlier, if the “edge” is truly shrinking (, the spread of mobile computing is prolific. When a computer device sits behind corporate technical security controls, it’s easier – not easy, but easier – to manage access to, manipulation of, and movement of potentially sensitive information. Mobile devices – primarily iOS and Android, but this can and should extend to laptops as well – make controlling and monitoring the access to and flow of data much more challenging. A well-implemented MDM solution should allow for visibility and control of company-owned information assets. Controlling information flow on mobile devices may be the single most important control point we have.

Vulnerability Management

Vulnerability management can be simplified into vulnerability scanning and patch management. Pick a tool that can scan the entirety of the computer environment (on-premises, cloud, remote, etc.) and identify where vulnerabilities may lie. Correlate that data, prioritize it based on the potential impact of someone exploiting it, and apply the appropriate patches. Knowing what’s vulnerable and working to reduce or remove those vulnerabilities may be the single most important control point we have.

SIEM (Monitoring, Logging, Notification) on Everything

Security Information and Event Management (SIEM). Collecting logs from devices for use in forensic investigation is fun, valuable, and a bit of closing the barn doors after the horse runs out. SIEM does that, but properly tuned, it also can give real-time information on potential bad things, disruptive things, or just interesting things that you may want to look into to prevent actual badness from happening. Collecting logs, correlating that data enterprise-wide, and acting on that information may be the single most important control point we have.

Encryption

Encryption in motion and Encryption at rest. Historically, the single largest offender for HIPAA (Health Insurance Portability and Accountability Act) data breaches was lost or stolen laptops. This data should be encrypted. Make it difficult if not impossible to log on to that device and make it impossible to gain access to that data via full-disk encryption.

Aside: I’m not sure why anyone would be walking around with millions of healthcare records on their laptop, but there you have it.

No Internet-Based Open RDP

Remote Desktop Protocol (RDP) over the internet. Don’t. Just don’t. There are a lot of ways to accomplish the end goal, and they should be wrapped up in the things already mentioned. Not allowing Internet-based RDP may be the single most important control point we have.

Build a Program

Have a measurable, monitorable, repeatable set of policies and procedures that define how and why you’re doing something in the information security space. There are a lot of options to choose from, and even more that may be mandatory based on your specific line of business (HIPAA, PCI (Payment Card Industry), etc.), but pick one. Maybe two. And stick to it. Define and test that cybersecurity incident response Plan. A well defined and cared-for program may be the single most important control point we have.

Obviously, it’s not that simple. There is a lot of work to be done in each of these categories. There is a significant amount of overlap and integration in these categories. Understanding that this is by no means a comprehensive list, but getting back to the basics.

The old adage about “How do you eat an elephant? One bite at a time.” is meant to simplify tackling any large and complex process. Cybersecurity is never a static point-in-time solution. Cybersecurity is ever evolving based on new threats, new applications, new this and new that. Every journey begins with a single step, so point your feet in a direction and start the march by focusing on the basics. Think about that poor elephant wishing people would just get it over with and stop with that tedious one-bite-at-a-time silliness.

You may also have noticed that each item is “the single most important control point we have”.

Get it? Stay tuned for Chapter Two tentatively titled “Wait… you clicked on what?!?”

Every organization is talking about AI. Many are experimenting with it. But few have taken the crucial step Gartner® now recommends: defining a clear AI ambition.

According to Gartner®’s AI Ambition research, organizations can’t treat AI as “just another technology.” AI is a strategic force. It shapes brand perception, customer experience, and future competitiveness. That’s why Thrive is helping organizations go beyond opportunistic pilots to build AI strategies that are deliberate, aligned, and impactful.

What Is AI Ambition?

AI ambition is a shared, enterprise-wide intention for how your organization plans to use AI, ranging from internal teams, systems, and customer experiences.

It’s about answering questions like:

• Do we want AI to just improve efficiency, or do we expect it to drive transformation?
• Should AI stay behind the scenes, powering operations, or take center stage in customer interactions?
• What are our boundaries? Are there areas we won’t allow AI to touch?

This clarity matters with AI. Without having defined guardrails around usage and implementation, AI initiatives may conflict, lose support, or stall when risks arise.

Why Defining AI Ambition Is Essential for Organizations

It’s perfectly reasonable to start your AI journey with small, opportunistic projects. Pilot programs and quick wins can reveal valuable insights for your organization, allowing it to take the next steps towards its AI ambitions. But, because AI influences far more than just technology, touching everything from operations to brand perception, organizations must adopt a cohesive, strategic approach. That’s where defining an AI ambition becomes crucial. It creates structure, sets expectations, and ensures AI initiatives are aligned across all departments.

AI ambition also clarifies whether the organization is focused solely on driving internal productivity or seeking customer-facing innovation that changes the game in their industry. To help identify where AI can deliver the most value, the Gartner® AI Opportunity Radar framework encourages organizations to explore use cases across four areas:

• Products and services
• Core capabilities
• Customer experience/front office
• Back office/operations

With this lens, leaders can prioritize opportunities based on business value and readiness, while avoiding scattershot experimentation.

How to Start Building an AI Strategy That Works For You

The best place to begin is by letting teams keep experimenting with intention. Besides the pilot programs and early-stage projects, begin actively tracking how customers and partners respond to your AI touchpoints. Whether they’re engaging with a chatbot or AI-generated content, public trust and brand reputation will be shaped by those interactions.

Next, senior decision-makers should define where AI supports long-term business goals, which areas are off-limits, and what level of risk is acceptable. As AI becomes more integrated into critical workflows and customer experiences, it demands top-level accountability. This isn’t just a tech issue; it’s an organization-wide priority with real consequences for growth, perception, and resource allocation.

Thrive’s Take: AI Strategy That Scales with Confidence

At Thrive, we help organizations build smart, secure AI strategies grounded in business outcomes. Our approach ensures you can build AI strategies that are aligned and scalable, starting with a clear understanding of where you are today, where AI can drive the most value, and how to move forward with the right balance of quick wins, long-term impact, and trusted governance.

Whether you’re automating back-office workflows or preparing to launch AI-powered customer experiences, Thrive can help you align every initiative with your mission, your risk appetite, and your brand.

Download the Gartner® AI Opportunity Radar: Set Your Enterprise’s AI Ambition Report Today

Why IT Integration Can Make or Break Portfolio Performance

Acquisitions often move fast, especially in private equity. But once the ink is dry, the real work begins and IT is one of the most critical functions to address. Overlooking this in the early stages can introduce unnecessary risk, slow value creation, and complicate integration into the portfolio.

At Thrive, we help organizations prioritize the right IT moves post-acquisition to stabilize operations, uncover opportunities, and lay the groundwork for growth. Whether you’re onboarding a carve-out, consolidating overlapping infrastructure, or unifying disparate systems across a roll-up, here are the first three IT actions every organization should take post-acquisition:

1. Assess and Secure the Current Environment

Before building anything new, it’s critical to understand what you’ve inherited. That includes legacy systems, shadow IT, out-of-date software, and (often) significant cybersecurity risks.

Start with a comprehensive IT and security assessment:

• Inventory all assets, including hardware, software, endpoints, and access controls
• Audit security posture to check if there are vulnerabilities, unpatched systems, or other compliance gaps in the system
• Map out dependencies in the acquired system, such as what’s business-critical and what can be retired
• Identify all data stores and what kind of data is stored where

Partnering with Thrive can help PE firms uncover potential gaps in their PortCos. The cybersecurity risk assessment, for example, helps IT leaders and operating partners uncover potential red flags and prioritize remediation. In many cases, just a few quick wins, like MFA enforcement, DNS filtering, or email security controls, can significantly reduce risk while more complex work gets underway.

2. Standardize Core Infrastructure

M&A often results in a patchwork of systems and providers. Disparate email tenants, different backup strategies, overlapping applications all add costs and complexity. Standardization helps streamline IT operations, enhance security, and improve the user experience.

Early moves to consider:

• Consolidate Microsoft 365 or Google Workspace tenants for unified collaboration and identity management
• Establish a central backup and disaster recovery strategy
• Evaluate endpoint protection and remote monitoring tools across all acquired locations or business units

Where standardization isn’t immediately possible, Thrive can support interim solutions to stabilize operations while planning a broader integration roadmap.

3. Build a Scalable IT Roadmap

Once the environment is secure and standardized, it’s time to look ahead. Your PortCo’s IT strategy should align with the investment thesis, whether it’s organic growth, bolt-ons, or operational improvement. That means defining what “scalable” looks like for the business and designing technology to match.

Key considerations:

• Cloud migration and infrastructure planning
• Automating manual processes and modernizing core business applications
• Ensuring compliance readiness for future audits or exit

Working with an experienced partner like Thrive means you don’t have to do it alone. We support post-acquisition planning, ongoing IT management, and scalable modernization, so you can stay focused on accelerating value.

Start Strong. Scale Fast.

Every day post-acquisition matters. By prioritizing these three IT moves: assessment and security, infrastructure standardization, and long-term roadmap planning, you’ll give the business a stronger foundation and the portfolio a faster path to value.

Contact Thrive today to learn more about how we can help your firm and portfolio companies navigate IT complexity with speed, precision, and purpose.

Download your complimentary copy of the Gartner® AI Opportunity Radar: Set Your Enterprise’s AI Ambition report to learn how to move beyond tactical AI projects and set a clear, enterprise-wide ambition.

Gartner outlines how mid-sized businesses can use a structured framework to identify and commit to AI opportunities across products, capabilities, customer experience, and operations. Learn why setting an “AI ambition” is essential and how aligning experimentation with strategic goals can unlock competitive advantage, shape brand perception, and drive long-term value.

Download the Gartner report today!

Gartner AI Opportunity Radar: Set Your Enterprise’s AI Ambition, Hung LeHong, Brook Selassie, Jeff Cribbs, Mary Mesaglio, Don Scheibenreif 6 February 2025

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Today’s businesses face an endless stream of cyber threats, such as ransomware, phishing, and data breaches. Staying secure takes more than a firewall or antivirus software; it requires a proactive, strategic approach to cybersecurity. That’s why many organizations turn to a managed security services provider (MSSP) to protect their systems and data.

Comprehensive Security Offerings

Cybersecurity isn’t one-size-fits-all. Look for an MSSP that provides a full suite of services, including:

• 24×7 monitoring and threat detection
• Endpoint protection and patch management
• Vulnerability assessments and penetration testing
• Email and DNS filtering
• Incident response and remediation
• Information security framework support (HIPAA, PCI, Cyber Essentials, etc.)

An MSSP with a broad portfolio can tailor solutions to your needs and scale with you as your business grows.

Proven Expertise and a Dedicated SOC

Your MSSP should have a security operations center (SOC) staffed by experienced analysts who monitor your environment around the clock. Ask about:

Certifications and accreditations (such as ISO 27001, SOC 2)
The technologies they leverage (like EDR and automation platforms)
How quickly they can detect and respond to threats

An MSSP with a robust SOC isn’t just watching alerts–they’re actively hunting for threats and responding to incidents to minimize impact.

Clear, Actionable Reporting

Security metrics shouldn’t be a mystery. A good MSSP will provide transparent, meaningful reporting on your environment, with insights you can actually use. This means:

• Dashboards and regular executive summaries
• Compliance and audit-ready documentation
• Recommendations for strengthening your security posture

You should always know where you stand and what’s being done to keep your business secure.

Alignment With Your Business Goals

Not all MSSPs take the time to understand your industry, operations, and risk tolerance. The right partner will work closely with you to create a security strategy that:

• Supports your business objectives
• Prioritizes your most critical assets
• Meets regulatory or insurance requirements

They should feel like an extension of your team, not just an outsourced vendor.

A Strong Reputation and References

Finally, look for an MSSP that has a track record of success. Check references, review case studies, and see who they’re already protecting. An MSSP that serves clients in similar industries to yours can bring invaluable experience and tailored insights.

How Thrive Can Help

At Thrive, we’re more than your typical MSSP. We take a proactive, consultative approach to cybersecurity, combining next-gen tools with expert human oversight through our 24x7x365 SOC. We build layered defenses that align with your business needs, helping you stay ahead of threats, achieve compliance, and meet evolving cyber insurance standards.

Whether you need help with endpoint protection, vulnerability management, or a virtual CISO to guide your overall strategy, contact Thrive to make sure your business stays secure, resilient, and ready for what’s next.