Cybercrime is on the uptick and here to stay.
Cybercriminals are getting more sophisticated with their attacks, putting a larger burden on MSPs to protect not only their clients, but also themselves. Gone are the days when having a playbook was a luxury. In today’s landscape, it’s a must. And forget the one-and-done approach. IT professionals need to regularly review their security strategies and adapt them as cyberthreats are continuously evolving. MSPs are uniquely positioned to serve as trusted advisors to their customers, working collaboratively to both implement and foster a security-first culture in their organizations.
Cybersecurity Trends At A Glance
Reconnaissance by Russian state-sponsored cyber actors is on the rise. Their tactics seem endless and most often appear in the form of port scanning, spear phishing, harvested credentials, and password spray techniques to gain access to networks as well as the cloud. It’s critical to have mitigation strategies in place such as a strong firewall, credential hardening, multifactor authentication, strong and unique passwords, centralized log monitoring, rigorous configuration management, and enforcement of the principle of least privilege to safeguard customers’ organizations.
Like the latest social media trend, another tactic that is hard to stay on top of is phishing.
This age-old method continues to be the No. 1 preferred way of attacking organizations through creative emails that can fool even the smartest people. Some of the more successful scams range from an email pretending to be from the company’s CEO requesting some urgent action, or a communication that appears to be from a legitimate financial institution threatening immediate consequences if the recipient does not click on an “authentic-looking” link. The best way to combat phishing is using anti-phishing solutions combined with employee security training that engages workers and helps them understand they are a company’s first line of defense.
One highly sophisticated incident I witnessed as an FBI agent was when a group of cyber actors wanted to hack into a large corporation by targeting the company’s CEO, but he was diligent at locking down all his personal information. All they were able to get was his business email address. The cybercriminals, however, used property records to uncover his wife’s name. They then tracked her social media accounts and discovered the name of their children’s school. With this information, they set Google alerts for the school and waited.
When they received a Google alert for a school lockdown due to an emergency, the cyber actors pounced and sent an email to the CEO’s business email with a malicious attachment purporting to have the names of all the school’s emergency contacts. The CEO clicked on it and as a result, the attackers infiltrated the company’s network and remained there for a year before they were even detected.
Another issue affecting cybersecurity today is finding the next generation of security professionals. It’s already difficult to hire for any position, especially those that require technical experience. Many job openings and salaries are competitive, so finding talent can be daunting. Adding to the problem is hiring people who have the right skill sets to build well-rounded security teams. Larger tech companies, like Kaseya, are trying to address this shortfall by partnering with universities and engineering schools to cultivate talent and incentivize new hires to grow within their organizations.
All tech companies, however, can address the talent shortage by providing educational programs and individualized career paths for employees, whether they’re coming in as a tech, a Security Operations Center analyst, or an account manager — the only requirement is that they have the desire to diversify themselves and learn about cybersecurity. These initiatives allow workers to seek out and gain additional training and opportunities to expand their knowledge so they can be competitive for one of those positions within the organization. This is one step toward solving the hiring challenges around cybersecurity.
Importance Of Helping Customers Focus On A Security-First Culture
The key to creating a security-first culture is education — and that applies to both a company’s executive team and its employees. To have a long-standing impact, MSPs will need to win over their customers’ leadership team on the importance of a security strategy and building out their security stack. It doesn’t have to be an uncomfortable conversation like talking to your kids about drugs and alcohol. No one will argue the devastating effects a cyberattack can have on a company, from lost revenues to reputational damage. Collaborating with customers to help find security gaps helps stakeholders make educated decisions on how to potentially prevent catastrophic losses and protect their business.
Every plan should account for security awareness education. Onboarding should incorporate training, followed by monthly phishing campaigns to confirm retention and that employees are following through on preventive measures. With more people working remotely, it’s essential that workers are up to date on email security. Employees may come to see the training as cumbersome or boring, so it’s helpful to rely on tools that deliver engaging content that is “to the point” and uses gamification in the form of points, badges, leaderboards, and scoreboards; this is huge when it comes to these types of training programs. Interactive components such as selecting an avatar make it engaging and fun.
Solutions Every MSP Should Offer Clients
Choosing solutions to help secure customers’ environments can be overwhelming. Every organization has a risk tolerance gauge, which is why a quantitative assessment simulation based on that tolerance is crucial to help understand the prospective costs associated with the value of what needs to be protected. A client is not going to spend $3 million to protect a $30K asset.
Once there is buy-in from a company’s C-suite, various tools help ensure customers are safe. Key technologies should offer unified tools that incorporate application scanning, managed detection and response, backup and recovery, and anti-phishing and security awareness training — preferably through a learning management platform that offers engaging content and customizable videos. The better solutions will also automate these tasks to free up time for IT professionals. This may be a lot for small- to medium-size business internal IT teams to tackle, which is why outsourcing to an MSP is ideal. They can offer integrated solutions and address various security issues depending on the organization’s budget.
Cybersecurity Is 24/7
Cybersecurity is a continuous process that never ends. Understanding that the current threat landscape is always evolving, MSPs need to implement cybersecurity programs that mirror what attackers are doing. Do not become complacent. Educate yourself on the cybersecurity ecosystem constantly, even if it’s just blocking out 10 minutes a day. Remember, you are the trusted advisor.