The MSPs’ Path to Cyber Success Starts with Resiliency and Planning
MSPs are under greater pressure to ensure their due diligence, given the shifting work paradigms, increased risks, and attacks originating from the IT supply chain. MSPs must start with resilience conversations, self reflection, and incident response planning. As technology changes and tech stacks become more complex it is important to recognize new cybersecurity threats and defend against them. MSPs are under greater pressure to ensure secure systems and due diligence, with shifting work paradigms and attacks originating from the IT supply chain.
According to a Purple Sec report, cybercrime has increased 600% since the COVID-19 pandemic. Recent incidents have affected organizations from tech companies to lawn enforcement, critical infrastructure, and health care. “The current environment is a perfect storm of predatory behaviour…that has given MSPs whiplash,” said Ian Thornton Trump, CISO at Cyjax in a panel session titled “What’s your Cyber IQ?” What Every MSP Should Know About Selling Security Solutions
Thornton-Trump is a member of CompTIA’s Cybersecurity Community’s executive board. He noted that the recent climate of global health problems and shifts at work has made this increase in incidents particularly concerning. He stated that the cost per record was once a way to gauge how bad it was. “But, it’s so bad right this moment, that metric doesn’t even work anymore.”
MSPs are increasingly responsible for implementing better cybersecurity protocols. How can MSPs manage the changing cybersecurity landscape better to protect customers? Let’s find the answer.
Cyber Resilience Conversations
MSPs can improve their security by adopting comprehensive cyber resilience strategies and being more transparent with customers as well as with each other. This is not an easy task. Cyber shaming has been a tradition in cyberspace for those who have been affected by a breach.
Many organizations are reluctant to report incidents due to the widespread news coverage and the damage to brand reputations. However, Desraie Thomas, channel developer with Datto, stated that it is not a question of “if you’re going get hit”, but rather, “when you’re going get hit.” Thomas is a member the executive council of Managed Service Community.
As incidents become more complex and more frequent, we are beginning to see a shift away from the shame-game and towards a community mentality where organizations share information and increase transparency in order to prevent further damage.
How MSPs can increase cyber resilience
MSPs can be blamed for incidents that do happen due to the nature of their services. MSPs are often assumed to be secure with strict compliance procedures and strong security requirements. Cyber responsibility must encompass all parties that interact with an organization, including vendors, and end users. Thornton-Trump stated that technology is complex and the skills required to manage it all have increased. It is not fair to assume that MSPs have the ability to prevent incidents. All people who interact with an organisation must share the responsibility.
The following recommendations were made by ChannelCon panelists to increase cyber resilience:
Your house must be in order. You won’t be able to fully understand the risks your customers face if you don’t follow your own procedures and practices. “Do what you ask your clients to do. It helps you understand your clients and gives you more accurate and useful information,” Robert Boles, founder of BlokWorx.
Do a risk assessment. Understanding the vulnerabilities of clients is essential before you can determine how to protect them. Steve Rutkovitz (CEO of Choice Cybersecurity) stated that a risk assessment provides a baseline from which to move forward. Then, you create a resiliency strategy plan based on the assessment.
Your clients, vendors, and users should be educated and evaluated. Even if you’re following strict protocols as an MSP and are diligent, vendors and end users may be less attentive which could lead to vulnerabilities in your client’s environment. According to Corey Kirkendoll (CEO of 5K Technical Services) and chair of CompTIA’s Managed Services Community, he recommends that clients continue to be educated on best practices and discuss security expectations with vendors. He said, “You have to dig in and ask the hard question.”
Create a framework for incident management. Cybersecurity frameworks offer a structured structure for incident response.