Every business is vulnerable to cybersecurity threats — even MSPs who genuinely believe they aren’t targets. MSPs may think they are too small or that the data they are dealing with is not valuable. But nothing could be further from the truth.
In reality, many bad actors worldwide are pursuing information from MSPs and their clients. These bad actors have extensive resources and constantly develop new tools, such as AI, to target the data they can profit from in many ways.
Every MSP must better understand the cyber threat landscape and the measures that exist to protect themselves and their clients.
Leading and Emerging Cyber Threats
Nation-state activities are on the rise in the technology landscape, especially around healthcare providers and the energy sector.
Threat actors based in North Korea and Russia are targeting MSPs — more specifically, their clients. Another cyber threat is the time from discovery to publishing an exploit to a vulnerability. MSPs have less time to patch or mitigate them before threat actors start exploiting. In some cases, AI is helping write this exploit code. Lastly, MSPs are not well prepared for vendor procedural flaws.
Moving into 2025, AI will be more involved in shrinking the timeline of disclosure to exploit. Additionally, the cybersecurity skills gap is a major challenge, as is the lack of understanding of why MSPs need to have better practices around cybersecurity. MSPs who don’t understand their business risk will struggle to sway clients in keeping their services. This translates into more cyber-aware clients leaving inexperienced MSPs.
Wayne Selk
Effective Cybersecurity Is About More than Technology
If MSPs only focus on technology, they’re not looking through the world with the right lens. Technology is very vulnerable, especially to bad processes, as was seen recently when a bad update was pushed out into the world. Something was missed on the quality assurance side before the update went out.
People may think they’re okay if they’re doing the right things to protect their businesses and catch vulnerabilities, such as patching, but that isn’t true.
Conversations about cybersecurity must focus on risk, which makes it more business focused. For example, in the case of a firewall, the conversation should focus on how tweaks add another layer of protection to thwart an attack. That’s quite different from having a conversation with one person about updating a piece of outdated equipment.
One of the bigger challenges is that solution providers and their clients need to put more emphasis on governance and policy. Policy is nothing more than a direct reflection of the risks of achieving business objectives and then taking measured steps to mitigate those risks. This focus should be from the top down to the newest employee.
Security-first Culture and Policies
Businesses need to have a cybersecurity-first culture as the basis for everything they do. If someone clicks on a link they shouldn’t, this is an opportunity to go back to the entire organization and remind people not to click on links in emails instead of singling out the person.
With the right culture, your people look at everything they do every moment of each day to ensure that they’re still in line with the organization.
Companies should review their policies at least annually, and more often if there are major changes within the organization. If something goes sideways, such as a major vendor technology issue, you must have a contingency plan. Even if you don’t use that particular vendor, you must act to find out what to do if something similar happens, rather than think, “Whew, dodged that bullet!”
By incorporating a strong focus on people and processes, MSPs can help solve a lot of problems within an organization. In doing so, they have powerful tools to confront the growing issue that every MSPs faces in the expanding risk landscape.
Wayne Selk is vice president of CompTIA Community Cybersecurity Programs, and executive director of the CompTIA Community ISAO (Information Sharing and Analysis Organization). His more than 25 years of experience and leadership in planning, managing and delivering information security deployments helps CompTIA Community members secure their customer’s sensitive/business critical data.
Featured image: iStock
