While speaking at a recent partner event on cybersecurity, the sales lead from the MSP was talking about healthy fear. He referenced walking to the edge of the cliff. You know that queasy feeling you get when looking over the edge knowing you are fine, but you are one step from a really bad day. Welcome to the world of MSP cybersecurity.
Over 300 and Counting
Let me be clear. For most of you, the sky isn’t falling. Several hundred MSPs have have been attacked by cybercriminals this year alone. And that’s the ones we know about and doesn’t include the actual count of end clients that may have been impacted from these attacks. Several of the MSPs have since filed for bankruptcy protection because they didn’t have adequate insurance. And yet, most of these could have been prevented with common sense best practices and the right tools.
A Little Background
We’ve been preaching the need to drive cybersecurity to MSPs for years. The business opportunity continues its double-digit growth for MSPs that adopt cyber. I’m not alone in this viewpoint. Joe Panettieri Executive VP and Content Czar, ChannelE2E, recently wrote a great article about the need for us to police ourselves. As an industry, we’ve reached a pivot point where we must solve this problem for ourselves.
The good news is that there’s finally an appetite for it from the SMB market. A recent report we published reflected a maturity from the SMBs around cybersecurity. As a matter of fact, 93% of the 850 businesses that were interviewed for that report stated that they would change their service provider for the right cybersecurity tools AND would be willing to pay, on average 25% more to do so. Garter also delivered a paper that reflected a very similar response around choosing the right tools. And yet many MSPs aren’t taking action on the opportunity, let alone protecting their own businesses.
Getting Off the Ground
Knowing where to start is going to take some time and research. There are over 900 security products on the market today. But who has time for that? In our experience, there are some immediate steps you should take across all your tools:
- Require multi-factor authentication; this isn’t optional anymore. Turn it on as soon as you finish reading this blog!
- Disable RDP that is directly connected to the internet. NO RDP without VPN, period. While you are checking firewalls, go ahead and disable any other open ports that are no longer in use.
- Setup advanced solutions like our Continuum Fortify solution (specifically deploy our Fortify for Endpoint Security and Network Security products) to provide a protect, detect, respond, and recover capability for your systems. And yet the benefit may not even be the tools themselves as much as the global team of over 100 people working around the clock to protect you and your clients. There’s nothing better than knowing you have a team well versed in cyber incident response available to assist when things go bad.
- Check your vendors and understand not only their backup capabilities but get clarity on what they are doing to protect their systems. This is a critical step you can’t afford to skip.
While this isn’t an exhaustive list of things you can do, it’s a great start and would put you ahead of most of your competition.
To learn more about what you can do to accelerate your movement towards a more successful security business, attend my upcoming webinar. For a preview, watch this video.
By Meaghan Moraes
By George Anderson