Are You Your Clients ’ Biggest Cybersecurity Asset Or Their Biggest Liability ?
By Bruce McCully , CEO Of Galactic Advisors
The MSP industry is seeing a major uptick in attackers focusing on big targets . Whether it ’ s vendors that support the MSP or you , the MSP yourself , their target is squarely aimed on your backside . You know what they say about leaders : The higher you climb , the more people can see your …
Same goes for that target . The bigger you get , the bigger that target is . As your MSP grows , more people see it , the tastier it becomes for a ransomware gang , and the higher the likelihood of an incident occurring . ( Just like in sales , security compromises are a numbers game !)
Look , I am not here to place the blame of industry attacks or any vendor or any particular MSP . I am here to give you an idea . A very simple one .
How can you turn your client ’ s biggest liability into their biggest asset when it comes to cybersecurity ?
Most businesses out there just depend on one simple antivirus to protect them . They also have a metric ton of remote control tools . Just think about all those tools you find on networks when you win a new client : TeamViewer , Bomgar , LogMeIn , to name a few .
If you took a closer look at MSPs that have been recently impacted by a cybersecurity incident , I ’ d suspect they were running very simple security stacks . I imagine we ’ d find they were missing simple controls around their perimeter , including WAFs or UTMs .
For every business , their IT support infrastructure and setup are critical . And for many of those businesses , they rely heavily on their MSP to get this right .
The hard decisions and actions MSPs have to take every single day to serve and protect businesses are , in my opinion , what save the day . Many of the MSPs I ’ ve spoken with over the last year that do a good job have an actual playbook and know how to respond quickly . They turn off servers and access , which moves them toward manual procedures . These MSPs communicate with their clients , letting them know what was going on . Most importantly , these MSPs often have secondary controls to respond and stop an attack dead in its tracks . My question to you is how do you become more like this , more resilient ?
The answer is simple ( not easy , but simple ). You evaluate your stack from the standpoint of strategic overlap .
What is strategic overlap ? Let ’ s say your antivirus becomes the attack vector . What is your plan for shutting it down ? Can one of your tools stop an attack , propagated through one of your other tools , dead in its tracks ?
Let ’ s imagine for a minute that your antivirus was compromised . It has domain access throughout your clients ’ networks ( not to mention your own ). What else in your security stack would alert you to a problem and stop an attempted attack within your network or those of your clients ?
14 | MSPSuccessMagazine . com • VOLUME 2 ISSUE 6