The network edge security is a prime target for attackers looking to breach systems. Rapid7’s 2024 Attack Intelligence Report revealed that mass compromise events stemming from the exploitation of network edge devices nearly doubled. Plus, 36% of widely exploited vulnerabilities occurred in network perimeter technologies.
Furthermore, research showed that security teams often have limited to no visibility into more than half of the physical devices on their network. Additionally, network “dark matter” devices — those often unmanaged by IT and rarely updated — represented 19% of devices on enterprise networks.
These figures make one thing clear: Organizations need help with cybersecurity at the edge.
3 Ways to Layer in Edge Vulnerability Scanning
The good news is that 73% of MSPs claim revenue tied to cybersecurity services has increased, according to a recent Kaseya 2024 benchmark survey. This is not surprising given that more than half of breached organizations claim to be facing high levels of security staffing shortages.
With new edge security solutions emerging, MSPs and MSSPs have an opportunity to expand as post-breach solution providers. Partners often handle exploits recovery, tech stack rebuilding, security frameworks, or security outsourcing. Yet businesses frequently overlook network vulnerabilities. That matters because attackers are exploiting vulnerabilities in network edge devices.
Rebuilding an organization’s security framework must include securing the network edge. As an MSP/MSSP, how can edge vulnerability scanning be layered into your security offering? Here are three areas to consider:
Jeff McCullough
1. Fast Forensics
After understanding the scope of and containing a breach, a forensic investigation is conducted to understand how the exploit was executed. This is often part of broader incident response services that include a deep-dive assessment, locating the source of the exploit, remediation, and a detailed recommendation of next steps — for an effective incident response plan tailored to specific needs and budgets. Due to the increase in attack surface at the edge, analyzing infrastructure is critical. Deploying tools that are edge-specific helps identify gaps that centralized tools miss.
2. Recalibrate the Risk
Once the breach or exploit is thoroughly understood, perform a comprehensive cybersecurity assessment to measure the overall risk posture and the likelihood of another security incident in the future. In this scenario, there is an opportunity to advise the organization to reconsider its entire tech stack. If necessary, you can recommend new solutions that offer enhanced security features.
After a breach, replacing an exploited business-critical system is impractical. Rather, take a risk-balanced approach, where they determine what level of security constitutes ‘good enough.’ For these types of clients, MSPs/MSSPs should proactively define acceptable risk tolerance with clients to ensure alignment with both parties.
When it comes to the edge, risk tolerance should be low. Traditionally centralized security solutions fail to give insight into edge vulnerabilities. This can include IoT/OT/ICS devices, rogue assets, and vulnerabilities in IP connected devices like printers, appliances, or industrial equipment. This presents an opportunity for partners to incorporate edge scanning services when evaluating or rebuilding a security framework across wired and wireless networks. Considering the cost of a single breach, the expense far outweighs the potential risks when the edge is not consistently scanned.
3. Continuous Visibility at the Edge
As successful exploits by malicious actors rise, more IT and software vendors now implement secure-by-design and other frameworks to help protect user data. However, most of these frameworks don’t account for the network edge.
MSPs/MSSPs can help restore confidence by conducting regular network edge vulnerabilities assessments on site, which many remote observability platforms are unable to comprehensively scan. When equipped with a multifunction handheld vulnerability scanner that sees the edge from the edge, partners can ensure proper controls are in place and comply with applicable cybersecurity policies without negatively impacting perimeter devices or endpoints.
Opportunity at the Edge
With breaches on the rise, MSPs/MSSPs are stepping up. That said, the last 100 meters of the network are often overlooked. New edge vulnerability scanners enable providers to enhance post-breach security, boosting revenue while delivering superior services.
Jeff McCullough is vice president of sales, Americas for NetAlly. He brings 25 years of IT channel sales experience to NetAlly, including senior leadership positions at SolarWinds, NetApp and HP Inc. He is also a founding advisory board member at Sales Community, the premier social network for global technology sales professionals.
Featured image: iStock
