As the technology landscape diversifies and tech stacks become more complex, it becomes increasingly important to recognize—and defend against—new cybersecurity challenges. With more risks, shifting work paradigms and attacks originating in the IT supply chain, MSPs face more pressure than ever to ensure due diligence and secure systems.
Cybercrime is up 600% due to the COVID-19 pandemic, according to a Purple Sec report and recent incidents have impacted organizations ranging from tech companies to lawn enforcement, health care and critical infrastructure. The current environment is a “perfect storm of predatory behavior…that has given MSPs whiplash,” said Ian Thornton-Trump, CISO of Cyjax, in a panel session during ChannelCon Online titled “What’s Your Cyber IQ? What Every MSP Must Know When Selling Security Solutions.”
Thornton-Trump, a member of CompTIA’s Cybersecurity Community’s executive council, noted that this rise in incidents has been particularly bad in the climate of the recent global health problems and workplace shifts. “We used to use cost per record to measure how bad it was—it’s so bad right now, that metric doesn’t even work for us anymore,” he said.
Increasingly, the burden largely falls to MSPs to help drive better cybersecurity protocols. How can MSPs better manage the shifting cybersecurity landscape to ensure customers are protected? Let’s find out.
Engage in Cyber Resilience Conversations
One way that MSPs can up their security game is by adopting comprehensive cyber resilience tactics themselves and being more transparent with customers and with each other. But that’s easier said than done. Historically, there has been a deep-rooted practice of cyber shaming those who have fallen victim to a breach.
Widespread news coverage and damage to brand reputations have made many organizations hesitant to report incidents. But as Desraie Thomas, channel development manager with Datto, said during ChannelCon, “It’s not a matter of if you’re going to get hit, it’s a matter of when you’re going to get hit.” Attacks are so pervasive at this point that most organizations have already experienced some kind of incident or it’s not long before they will, added Thomas, a member of the Managed Service Community’s executive council.
As the frequency and sophistication of incidents continues to rise, we are seeing a trend away from the shame game and moving more towards a community mindset where organizations are sharing information and increasing their transparency to prevent more widespread damage.
How MSPs Can Create More Cyber Resilience
When incidents do occur, MSPs may bear the brunt of the blame because of the nature of the services they provide. It is often assumed that MSPs are locked down with robust security requirements and stringent compliance procedures. However,, cyber responsibility has to encompass all parties interacting with an organization, including vendors and end users. “Technology is completely diversified, and the skills needed to manage all of this has multiplied,” said Thornton-Trump. It’s not fair to safely assume that MSPs even have the control to prevent incidents. Responsibility needs to extend to all who interact with an organization.
To be more cyber-resilient, the ChannelCon panelists at ChannelCon recommended the following:
Get your house in order: You can’t truly understand the risks posed to your customers if you aren’t abiding by your own practices and procedures. “Do what you are asking your clients to do. It helps you understand what you’re dealing with and helps you provide more accurate and helpful information,” said Robert Boles, founder and president of BlokWorx.
Perform a risk assessment. Before you can know how to protect a client, you need to understand their vulnerabilities. “A risk assessment creates a baseline for moving forward,” advised Steve Rutkovitz, CEO of Choice Cybersecurity. “Then you develop a resiliency plan based on that assessment.”
Educate and evaluate your clients, vendors and users. Even if you are being diligent and implementing strict protocols as an MSP, end users and vendors may be lax which can cause vulnerabilities in your client’s environment. Continue to educate clients on best practices and review security expectations with vendor partners, according to said Corey Kirkendoll, president and CEO of 5K Technical Services and chair of CompTIA’s Managed Services Community. “You’ve got to dig in and ask the hard questions,” he added.
Develop a framework for incident response. Cybersecurity frameworks provide an organized structure for incident response and policies. “The reason a framework is so important is because you can check off all the good things you’re doing right now, but you can find the gaps that they’re missing,” said Steve Rutkovitz, CEO and co-founder of Choice Cybersecurity and a member of the Managed Service Community’s executive council.
Do the prep work. Cybersecurity is a persistent issue that changes every day. You have to be prepared and ready for each new attack and make sure your systems can continually accommodate new threats. “Proper planning is what it’s all going to come down to,” said Kirkendoll. “Make backups and test them, have you done your due diligence? Have you looked at your cybersecurity policies as an MSP as well as your customer’s cybersecurity?”
Being proactive is absolutely necessary, according to Boles, who offered five tips and goals for MSPs to pursue in order to be better cyber-prepared:
- Achieve complete visibility
- Reduce the attack surface
- Stop non-threats
- Prevent unknown threats
- Use automation with human validation
It’s far better to be proactive, than reactive, according to Kirkendoll. “Prepare 99% of the time for the 1% of the time,” he said.