By The Numbers
Coro: Complex Cybersecurity Tool Stacks Are Overwhelming SMBs
Cybersecurity provider Coro’s 2024 SME Security Workload Impact Report reveals that the complexity and demands of managing multiple tools in a security stack are overwhelming cybersecurity professionals. This is leading them to miss critical-severity events. According to the survey, 73% of SMB security professionals have missed, ignored, or failed to act on critical security alerts, with respondents noting a lack of staff and a lack of time as the top two reasons.
Other key findings include:
- Respondents spend an average of almost 5 hours managing their cybersecurity tools every day. The security stacks have an average of 11.55 tools.
- 52% of respondents said the most time-consuming task was monitoring security platforms, followed by vulnerability patching.
- Respondents estimated it takes 4.22 months for a new cybersecurity tool to become operational. Respondents spend an equal amount of time on installation, configuration, training staff, and integration with their existing security stack.
- On average, respondents manage 2029.91 endpoint security agents installed across 655.92 endpoint devices.
- More than half (53%) of respondents must deal daily or weekly with vendors’ updates of these endpoint agents.
- 85% of respondents say they are looking to consolidate their tools in the next 12 months to improve their security posture.
CYE: When A Cyber Breach Hits, Many Face Insurance Coverage Gap
New research from CYE, a cyber risk quantification platform provider, shows that cyber insurance protection coverage often falls significantly short of the actual costs businesses incur during cyber incidents. A whopping 80% of insured companies that suffered a data breach did not have sufficient coverage.
CYE’s Inadequacies in Breach Insurance Coverage: A Data-Driven Gap Analysis finds the average coverage gap to be 350%, meaning that more than 75% of an incident was not covered. In some cases, the maximum insurance gap reached 3,000%.
The study also found that “low tech” sectors of accommodation and food services, construction, transportation, and warehousing are among the more adequately covered. Meanwhile, sectors like finance and insurance, information, and manufacturing present well beyond a 100% gap in coverage.
ConnectWise Threat Report: MSPs Should Brace For These Vulnerabilities
ConnectWise’s recent MSP Threat Report reveals shifts in the cybersecurity threat landscape that MSPs should be aware of, such as vulnerabilities due to outdated software, increased risk in endpoint protection due to remote work, and a significant increase in ransomware attacks.
The outdated software of most concern is Microsoft Windows Server 2012, which reached end of life in October 2023. This means that Microsoft won’t be sending regular free updates anymore—and organizations may never end up patching future vulnerabilities. “The prevalence of Windows Server 2012 still being used worldwide en masse after the operating system has reached EOL is a significant security concern for all of us in 2024,” the report states.
Additionally, there was a 94% increase in ransomware over the last year, with LockBit still the most active ransomware group, a trend consistent with the last few years. The other four most active groups were PLAY Ransomware, BlackCat/ALPHV, 8base, and Cl0p.
Another attack vector MSPs should be particularly aware of, according to the report, is the drive-by compromise. “In a drive-by compromise, threat actors set up a malicious website and then use techniques, such as SEO poisoning or malvertising, to draw traffic to the site,” the report explains. By positioning themselves so that the victims come to them, attackers are able to bypass cybersecurity solutions that focus on system defense. “The main takeaway is that threat actors are increasing their focus on Defense Evasion stealth tactics to avoid detection. Specifically, they’re trying to bypass EDR. This highlights the need for MSPs to layer their cybersecurity solutions—a single solution is not enough and has the danger of creating a false sense of security,” the report says.
Products
Bitdefender Enhances MDR With New Service Tier
Cybersecurity provider Bitdefender added a new tier, MDR PLUS, to its Managed Detection and Response Services.
Bitdefender MDR provides continuous threat monitoring, detection and response, threat hunting, analyst-led recommendations, and security consulting. Services are managed from a single point using the Bitdefender GravityZone Platform. This unified security and risk analytics platform that provides advanced endpoint protection, including endpoint detection and response (EDR), extended detection and response (XDR), and cloud security, which includes GravityZone CSPM+, a solution combining Cloud Security Posture Management (CSPM) and Cloud Infrastructure Entitlement Management (CIEM).
Now, on top of Bitdefender MDR, Bitdefender MDR PLUS adds security baselining and tailored threat modeling, global threat intelligence feeds and analysis, and dark web and priority target monitoring.
Helpt Rolls Out The HelptNow Service
Helpt, which provides outsourced, onshore, 24/7/365 technical support for MSPs of all sizes, has unveiled its new HelptNow service. Features and benefits of HelptNow include:
Human Touch 24/7/365: HelptNow ensures that clients receive empathetic and personalized service anytime.
Technical Expertise: HelptNow’s team consists of technical experts ready to tackle a wide array of IT challenges.
Intelligent Triaging and Resolution Capabilities: HelptNow not only aims to resolve issues directly but also employs intelligent triaging to ensure that more complex problems are escalated appropriately.
HelptNow is available now with month-to-month contracts starting at $750/month for 300 minutes of technical live answering.
Keeper Security Empowers Users with Integrated Passphrase Generator
Keeper Security, a privileged access management provider, has added an integrated passphrase generator to Keeper Web Vault with support on mobile and for the browser extension coming soon. The release also includes an update to the existing password generator which enables users to select specific symbols to include or omit, based on the requirements of the website they’re creating the password for.
Keeper’s new passphrase generator is incorporated within the existing password generator. It allows users and admins to choose which generator they prefer to use or enforce for their organization. Keeper’s generator leverages the Electronic Frontier Foundation‘s recommended wordlist containing 7,776 words, which has been sanitized to remove any offensive words. Users can generate cryptographically secure passphrases tailored to their specific requirements including how many words it contains, the type of separator used, and whether it includes numbers and capital letters. The process to generate and store passphrases with Keeper is the same as passwords and passkeys.
Alliances and Integrations
Guardz Joins Forces with SentinelOne
Guardz, a cybersecurity platform purpose-built for MSPs, announced a strategic partnership with SentinelOne, which includes an investment from S Ventures, SentinelOne’s venture fund. The two companies will collaborate to advance Guardz’s AI-powered cybersecurity technology and go-to-market pipeline. The funding comes on the heels of January’s $18M Series A funding led by Glilot+, the early growth fund of Glilot Capital.
Dor Eisner, CEO, and Alon Lavi, CTO, along with a team of cyber and insurance experts, founded Guardz in May 2022. Guardz launched its platform last year.
“We are building a very unique cybersecurity solution that is powering MSPs to secure and ensure small businesses,” says Eisner, in an earlier interview with MSP Success. “It’s a unified security platform that connects all the different security controls like cloud protection, email protection, data protection, user protection, device protection—everything connected into a single … multitenant platform for MSPs.”
It also offers reporting capabilities, including prospecting reports and business review reports, and enables one-click customer onboarding, explains Eisner, who started his cybersecurity career as a commander for Israeli intelligence and subsequently built three cybersecurity companies. Rapid7 acquired his most recent company, IntSights, in 2021.
Through a collaboration with a cyber insurance under writer, Guardz also expedites the process of obtaining a cyber liability policy.
Malwarebytes’ ThreatDown Solutions Integrate With ConnectWise
Malwarebytes has partnered with ConnectWise to integrate its ThreatDown portfolio with the ConnectWise Asio platform. Now ConnectWise MSP and cloud reseller partners have one-click access to the ThreatDown solutions, including ThreatDown EDR and ThreatDown MDR.
“The integration of ThreatDown products and services within the ConnectWise Asio platform will provide more automation, protection, detection, and options for guided remediation and response, ensuring our users have access to top-notch security measures within a centralized platform,” said Chris Timms, EVP and GM, Ecosystems for ConnectWise, in a press statement.
Partner Programs
Laserfiche Reimagines Partner Ecosystem
Laserfiche, a SaaS provider of content management and business process automation, is strengthening its partner ecosystem. Enhancements to its Solution Provider Program include new product trainings and sales and marketing resources. The newly introduced Premier Partner Program increases visibility of highly qualified solution providers and helps to connect them to customers that can best leverage their business and solutions expertise.
Additional new benefits to the Laserfiche Solution Provider Program include a reimagined Winners Circle event to celebrate the top sales achievers annually; open forums for the Laserfiche sales community to share knowledge and strategy; a solution provider track at the annual Laserfiche Empower Conference; and the opportunity to participate in regular advisory councils to influence sales campaigns and resources, product roadmap, and more.
Laserfiche said it will unveil additional enhancements and investments in its channel program in the coming months. To learn more about the Laserfiche Solution Provider Program and the benefits of becoming a partner.
