As an IT service provider offering managed security services, it’s critical that you’re staying up-to-date on the latest cyber security trends and advancements. With the latest cyber security information, education and conversation at your fingertips, you’ll be well positioned to stay ahead of the curve on latest threats and keep your clients protected.
For your convenience, we’ve compiled key third-party resources, including blogs, publications and other educational resources, as well as a detailed cyber security glossary. Check out our list below to brush up on your security knowledge!
Top 3 Blogs to Subscribe to and Why
A former Washington Post reporter, Brian Krebs authors this in-depth blog covering security news and investigation. This is a universal go-to in the cyber security space. Krebs regularly breaks down emerging threats, and MSPs can rely on his blog to stay on the pulse of security trends.
In addition to covering recent cyber security news, this blog provides best practices for mitigating risk and staying ahead of threats. Following this blog will ensure you have cyber security best practices at your disposal so you can implement them in your security services.
This security blog is run by the National Cyber Security Alliance, who is dedicated to educating and advocating for safe and secure internet use. The posts on this blog are not weighed down with technical jargon and offer best practices for professionals, businesses and end users. This is an extremely reliable source for tips to remain safe online. MSPs can reference this blog for straight forward, practical cyber security advice.
Top 3 News Publications to Read and Why
1. MSSP Alert
News and research designed for managed security services providers (MSSPs), MSPs and cybersecurity professionals who safeguard customer data and networks. This is an important publication for managed security services providers to follow because it covers breaking industry news and highlights security thought leaders in the space.
2. CSO Online
This publication provides news, analysis and research on a broad range of security and risk management topics. CSO is a reputable security news publication that will help you remain knowledgeable about a variety of key cyber security topics.
A security news, insight and analysis publication that provides expert analysis on global security threats and headlines. It is helpful to read insights from cyber security experts as you emerge into an MSSP role. This will help you show your clients that you’re the cyber security leader they can turn to.
3 Security Terms to Know and Why
Domain Name System (DNS)
The Internet's equivalent of a phonebook. Every domain on the Internet is assigned an Internet Protocol (IP) address, and all IP addresses are stored in the DNS. Computers and other devices access websites based on IP address, and the actual domain name (i.e., google.com) is only meant for the user, as it is easier to remember than a string of numbers.
DNS systems are a critical piece of offering comprehensive cyber security today. It’s important that you’re familiar with this technology and educate your clients on why it’s a key piece of the puzzle.
The attempt to obtain sensitive information such as usernames, passwords and credit card details (and, indirectly, money) for malicious reasons, by disguising as a trustworthy entity in an electronic communication. Phishing is typically carried out by email spoofing or instant messaging, and it often directs users to enter personal information at a fake website, the look and feel of which are almost identical to the legitimate one. Communications purporting to be from social web sites, auction sites, banks, online payment processors or IT administrators are often used to lure victims. Phishing emails may contain links to websites that are infected with malware.
This is a very common type of cyber attack and MSPs should be prepared to arm clients with cyber security training and education to share with their employees.
A type of malware that limits or prevents a user's access to their system. The malicious software may either lock the computer's screen or the user's files—often through encryption—until a ransom is paid, typically using an encrypted digital currency like bitcoin. Like other types of malware, ransomware can be spread through email attachments, infected software, infected external storage devices or compromised websites, although a growing number of ransomware attacks have used remote desktop protocols. Its motive is almost always monetary.
Over 4,000 ransomware attacks have happened every day for the past year. This is an important cyber attack type to familiarize yourself with as you work to secure your clients’ environments.
To find more leading security resources and reading, download our success kit below:
By Lily Teplow
By Brian Downey
By Dave LeClair