If you don’t believe IT channel security is a key priority for the federal government, here’s something to consider: In the White House’s National Cybersecurity Strategy document, MSPs appear near the top.
The initiative, launched in March 2023, aims to deepen collaboration between the feds and the private sector, including “managed service providers with the capability to reshape the cyber landscape in favor of greater security and resilience.”
Ready or not, the industry is changing, bringing MSPs increased scrutiny and opportunities to contribute.
Michael Cocanower
“What the White House was asking for through the [strategy] is to share information so we can strengthen each other and create a better wall for defense,” said Wayne Selk, vice president of cybersecurity programs and executive director of the CompTIA ISAO. “Then, we rally the troops, and we can shove them back out again.”
Much of that ask comes through policies. Last year brought new Securities & Exchange Commission (SEC) rules about cybersecurity policy documentation and threat disclosure, and Federal Trade Commission (FTC) Safeguards Rule changes that may hold MSPs responsible for customers’ breaches, said Michael Cocanower, founder and president of itSynergy. Such policies tend to be short on technical details, so MSPs may need to seek industry resources for interpretive guidance.
Thinking — and Acting — Bigger
The costs associated with cyber crime keep rising. Ransomware, the biggest cause of loss, costs an average of $514,000 in ransom, per NetDiligence’s 2023 Cyber Claims Study. Plus, SMEs are eating an average of $370,000 due to business interruptions, and $455,000 in legal and regulatory costs.
Unfortunately, SME describes most MSPs. And threat actors are aggressively targeting MSPs, said Lawrence Cruciana, president of Corporate Information Technologies. “They’re using the same tools to perpetrate attacks to blend into the noise.”
Cruciana cited a recent threat advisory about scammers calling MSP help desks to get enough staff names and information to then pose as the MSP and infiltrate its customers.
Mario Garcia delivered the keynote address at ChannelPro DEFEND 2023.
MSPs need to mind more business than their own, said Mario Garcia, supervisory cybersecurity advisor of the Cybersecurity & Infrastructure Security Agency (CISA). Garcia, the keynote speaker at ChannelPro’s Defend conference in December 2023, advised MSPs to be mindful of election cycles and social unrest that might lure hacktivists, and high-profile local events that attract thousands of visitors to their cities.
If an attack occurs, Garcia said to call CISA. The data from your or your customer’s misfortune will help inform the rest of the cybersecurity community — and contribute toward building a stronger response.
Frameworks of Reference
How can you strengthen your own defenses while contributing to the security landscape? Start with a framework to keep you informed and active.
Frameworks are guidelines to ensure you’re speaking the same language as collaborators, customers, and colleagues. Some examples include:
- CIS: Globally recognized best practices written in language accessible to any MSP. “It gives us one place where we can all read the English and then take appropriate actions,” Cruciana said.
- NIST Cybersecurity Framework: Created by the National Institute on Standards and Technology (NIST), this is suited to MSPs with a good grasp of risk management language, Cruciana advised.
- Cybersecurity Trustmark: CompTIA’s soon-to-launch credential guides practitioners through the process of setting up a security program for their organizations, Selk explained.
You may need to layer in other industry-specific frameworks. With each, Cruciana said to ask, “How do I fit in as an MSP? How do my business practices, my people, my processes, my tools fit into the framework?”
Oli Thordarson
Next, create a plan to close any knowledge gaps in your company, perhaps with continuing education or by attending pertinent conferences. Remember: Technical solutions will only get you halfway there, added Alvaka Networks CEO Oli Thordarson. The rest depends on your people.
Getting Smarter About Threats
Tapping into an information sharing and analysis organization (ISAO) is the easiest way to get involved in collective cyber preparedness and resilience, Selk said.
One powerhouse information feed comes from CISA’s Joint Cyber Defense Collaborative (JCDC), which gathers and distributes real-time threat information from the nation’s major remote monitoring and management (RMM) providers, and offers recommended actions.
In addition, CompTIA ISAO provides MSPs the chance to connect with peers via Slack and Discord groups. Finally, valuable discussions can be found on the r/MSP and r/netsec subreddits, Cruciana said.
Scan your chosen sources daily, looking into pertinent brands or software. Ask if your customers are using them. Eventually, you’ll develop a background understanding so that your own alarms go off at the right time, said Cocanower.
“Your response will be, ‘Let’s get to work. Let’s figure out how we patch this, isolate it and protect it.’”
Image: iStock
