Small and midsized businesses are at considerable risk of cyberattacks.
A recent study from Accenture showed that nearly half (43%) of cyberattacks today are aimed at SMBs. But they often lack the necessary resources to implement comprehensive security measures.
This is where managed service providers (MSPs) can step in to help SMBs protect their operations by providing the expertise, resources, and tools necessary to implement enterprise-level cybersecurity measures.
That said, managing the attack surfaces and detecting threats for SMB clients can be a huge burden.
Complexity, Budget Constraints and Talent Shortages
For many MSPs, the lack of integration between cybersecurity tools makes it difficult to gain a clear view of an SMB’s overall cybersecurity posture.
SMBs also often are reluctant to invest resources in cybersecurity. They tend to focus more on post-breach and recovery efforts, rather than prevention and cybersecurity hygiene. This can leave them more vulnerable to repeated attacks, leading to significant financial and reputational losses. These factors and the ongoing cybersecurity talent shortage are key obstacles for MSPs.
Consolidating all the SMB’s cybersecurity tools within a single vendor stack can help overcome these challenges. However, using a single vendor stack can be limiting for the MSP, as it may not meet their customers’ differing needs.
Safeguarding SMBs Means Controlling the Entire Environment
Implementing cybersecurity controls and using asset management tools can enable MSPs to better safeguard their SMB customers’ infrastructure, applications, and data against potential threats. But they can only protect what they can see, meaning any unmanaged or unknown devices, applications, or assets still pose a risk.
Cross-tool reconciliation — comparing data and alerts from different tools to ensure consistency and accuracy — is one way to eliminate misconfigurations. To ensure maximum protection, MSPs should deploy uniform control coverage across all their SMB clients. This includes implementing multi-factor authentication (MFA), endpoint detection and response (EDR), managed detection and response (MDR), email security, security awareness training, business continuity and disaster recovery (BCDR), and other necessary security measures.
According to a recent OWASP report 90% of the applications studied had some form of misconfiguration. Additionally, VERIS, an open-source event recording and incident sharing project, found that 35% of breaches involved a misconfigured security control.
These statistics highlight that it is vital to properly configure security controls and asset management tools to protect against potential threats and successfully obtain cyber insurance.
It’s also important for MSPs to monitor the implementation of controls to ensure that they are properly functioning. One example of this is checking that MFA is turned on for every user. However, this can be labor-intensive, requiring much manual effort for the MSP, and security controls alone won’t fully protect the business.
Financial Protection is Critical to Surviving a Cyberattack
Gene Spafford, a renowned cybersecurity expert and professor of computer science at Purdue University, once said, “The only truly secure system is one that is powered off, cast in a block of concrete, and sealed in a lead-lined room with armed guards — and even then, I have my doubts.”
Zero-day exploits are becoming more frequent, and even well-trained employees can make mistakes. Cyberattacks can happen despite having the best cybersecurity controls and financial protection is critical in these cases.
SMBs are increasingly opting for cyber insurance to protect themselves against the financial burden of a cyberattack. But due to their limited cash flow, which often covers only up to five days of expenses, they cannot afford to wait for weeks or months for a cyber insurance payout, even if they qualify for it.
Despite the availability of cyber insurance, SMBs find it challenging to obtain adequate coverage due to the complexities of cyber risk. Additionally, involving MSP to secure cyber insurance coverage is not always feasible.
Cyber Insurance: An Illusive Opportunity for MSPs
Many insurance companies still ignore an MSP’s role in securing an SMB. Instead, they will sell directly to SMBs, assuming they can manage their own security and warranty operations, which is often untrue.
In cases where insurance companies work with MSPs to protect against cyberattacks, it can become a complex process that requires additional investment from the MSP.
Some insurers may ask MSPs to install specific security solutions from a single vendor to qualify for coverage. This assumes that the MSP will remove their clients’ existing cybersecurity solutions and replace them with their own, which creates more work for MSPs.
To protect their SMB customers financially, MSPs should consider offering cyber warranty protection. While MSPs can’t sell cyber insurance themselves, they do not need to be registered insurance brokers to sell cyber warranty solutions.
Ultimately, combining cybersecurity controls, monitoring, asset management, cyber insurance, and cyber warranty can increase the chances of SMBs surviving a cyberattack.
Dan Zaniewski is chief technology officer of Cork.
Image: DALL-E