June 7, 2024
Posted by
Bernie Eller
Navigating Todays MSP Cyber Landscape
Statistics for cyber-attacks in Australia and New Zealand are nothing short of a sobering wake-up call. It’s a crisis that affects business of all sizes. From phishing attacks to ransomware, the threat landscape is evolving, and so must our defense mechanisms.
Speaking with business in New Zealand and Australia, we discovered they have one thing in common. When it comes to cyber security, they have hit a brick wall. They are unable to determine their level of proactive security readiness and have no recognized benchmark to use as a gauge.
Some IT services companies have shifted to incorporate lessons learned from client interactions and collaborations with specialized third-party security providers.
That’s exactly what Optimyze did over two years ago. We began developing the necessary capabilities to provide real-time internal and external data for detecting and mitigating common cyber threats. And that shift came after researching options long before. We expected everyone in the field to see exactly what we were seeing – that a major re-think was necessary. Because that’s what IT people do, right?
I have been on the frontline and witnessed cyber-attacks from 2012 to the present. I can assure you that today’s cyber-attacks, unlike the virus / spyware infections of 2012, are non-recoverable unless a robust backup system in place. Hopefully, the point of actual compromise is never reached. And while there can be no 100% guarantee, in 2024, a protection rate in the high 90s is obtainable.
Let’s face it – people do some silly things. I remember sitting in JFK Airport and creating honeypot free WIFI access points on custom firmware dongles back in the day. I just wanted to see who would connect. Plenty did. (And you might be shocked by the companies they worked for!) I left some of them a little note on their desktop, “Hi! You should turn on your built-in firewall and spend a few $$ on a reasonable antivirus suite.”
Eventually I grew curious as to how easy it might be to compromise both the WIFI passwords and the devices utilizing them. After one such session, I was followed into the bathroom by 5 burly security guards. I decided to move on to less risky experiments.
A real wake-up call for me was the 2017 leak of NSA cyber tools. I could imagine the vast, long-term ramifications. (They are still coming!) Any sentence that includes “NSA,” “cyber tools,” and“leak” can’t be good!
In helping a business recover after a significant event, witnessing the devastation is never pleasant. I’ve been called late at night by Australian businesses operating in New Zealand asking how we could assist. That assistance has often required reformatting every device used in their business, including servers, then restoring backups. This means lost business operations of several days, or possibly a week if a database must be rebuilt.
We realized that we don’t want to go through that again! That’s a lot of stress, missed sleep, and spent time for me and my team – to say nothing of the drama for the client. There is a much better way! Don’t let the client end up in that position in the first place!
Yes, of course, we are here to help new businesses who call us needing a rescue! But, for our existing clients, there is now a set baseline of security requirements. Outside of that, we asked them to sign off on their acceptance of a particular level of risk.
We realized that cyber-attacks were not going way – they would increase exponentially. Cybersecurity is a service that clients are not only asking for but demanding. As part of its 2023-2030 CyberSecurity Strategy, Australia will be legally mandating baseline cybersecurity requirements. As a Managed Service Provider (MSP) we would be complacent if we didn’t react appropriately. Our device stack now includes global-standard top-tier real-time detection and mitigation software. We have team members that analyze events that automatically resolved and react accordingly 24/7.
Surprisingly, many of the businesses we've spoken with are concerned that their current MSP (despite having over 300 employees in some cases!) lacks a solid understanding of the NIST Cybersecurity Framework and does not have the necessary reporting capabilities to measure their compliance with the standard.
We’ve found that many businesses are required to work not only with their current MSP but also with an expensive external security-focused company for regular audits and governance. Based on our experience, the yearly costs for these services can range from $10,000 to over $50,000.
What many SMBs are unaware of is that most of what is being offered involves standard templating and SaaS reporting, which is not rocket science. The key personal component is overall cyber governance and penetration testing (PEN testing), if required. Governance can be achieved by the MSP hiring key staff or partnering with the right business with relevant qualifications and experience. Fortunately, one of our senior partners now holds the highest globally recognized cybersecurity qualification, CISSP.
Educating clients about the initial investment in cybersecurity can be challenging, especially when you are ahead of the curve, as every MSP should be. Many clients tend to lean towards a false economy when it comes to IT-related expenses. Those in the IT field are familiar with this struggle.
Penetration testing (PEN testing) is an excellent independent method to verify that your MSP's policies and processes are effective. It ensures that no obvious vulnerabilities are left in your internal, external, or third-party infrastructure.
The standard Cyber PEN testing platform Kali Linux can be downloaded for free with the required basic tools. It just needs a person driving it that knows how to exploit the weaknesses discovered after rudimentary scans. The client often has a perception that the external security firm handles a “black box” which they themselves could never understand.
There are many independent penetration testers available online, as well as companies like Blacklock, that MSPs can employ to independently verify the effectiveness of their cybersecurity solutions. These services are often offered at a significantly lower cost to clients compared to larger firms. In 2024, effective cybersecurity solutions do not need to be prohibitively expensive.
It feels to us like the early days of the internet. Customers were charged for data usage in tiers, while the ISPs had unlimited data. That was the dirty secret they tried to hide for so long. We all paid exorbitant prices because there was little choice.
Things are different now. MSPs have an entire world of services available, enabling them to offer all that SMBs need for cybersecurity.
So, why are many MSPs slow to change? There are many possible reasons.
It depends on the MSP business model. Some MSPs are focused solely on patching and managing devices. That’s all they do – and at scale, it’s profitable. If you want a service such as onboarding or off boarding, that’s an extra cost. If customized cybersecurity is needed? They employ a separate company.
For a large MSP operating at scale, incorporating up to three or more SaaS services across the business and client software stack can significantly impact their monthly recurring revenue (MRR). Additionally, extra staff would be needed to maintain and monitor the new processes and reporting to ensure effectiveness for clients. To mitigate these internal costs, MSPs can consider external SOC vendors.
This is where smaller, more agile, and ideally internally automated boutique MSPs come into play. For them, making these changes is less like doing doughnuts in a bus or turning an aircraft carrier around. It is less expensive for them to implement changes, provided they have adequate cash flow. While internal management issues could occasionally hinder effective change, employing the right staff, services, and partners can make these improvements the best business investment in 2024.
This is the reality of our future, and if MSPs aren’t making the shift now, they are leaving their clients vulnerable to excessive external costs and potential risks. I feel fortunate that we have a great team and a robust, cybersecurity-focused client stack.
Key Highlights from the Cyber Frontlines:
Increased Threats: A surge in cyber threats across diverse industries.
Sophisticated Phishing: The art of deception is reaching new heights.
Ransomware on the Rise: Businesses facing the peril of data hostage situations.
Remote Work Challenges: Securing the virtual workspace is now a top priority.
Financial Fallout: The cost of cyber incidents is skyrocketing, both in terms of finances and reputation.
Not all MSPs are equal on Cyber: In fact, some just aren’t responding to the call to action at all.
The Imperative of a Security-Focused MSP
Amidst these challenges, the question arises: How can businesses safeguard themselves in this digital battleground? The answer lies in collaboration — with a Security-Focused Managed Services Provider.
Why a Security-Focused MSP?
1. Proactive Protection: Unlike traditional approaches, an MSP adopts a proactive stance, constantly monitoring and fortifying your systems against potential threats.
2. Tailored Solutions: Cybersecurity is not a one-size-fits-all scenario. An MSP crafts solutions tailored to your specific business needs, ensuring comprehensive defense.
3. 24/7 Vigilance: Cyber threats don't adhere to office hours. An MSP provides round-the-clock monitoring, swiftly identifying and neutralizing potential threats.
4. Cost-Effective Security: Investing in a Security-Focused MSP is not just an expense; it's an investment in mitigating potential financial losses that could result from a cyber-attack.
A Call to Action for 2024: Be Proactive, Not Reactive!
As we peer into the future, the key to cybersecurity lies in being proactive rather than reactive. Businesses can no longer afford to be complacent; the time to act is now. Find an MSP that’s asking the right questions.
In a world where data is the new currency, let's ensure that our businesses navigate the digital landscape securely and confidently.
Here’s to a safer cyber environment for 2024 and beyond!
#Cybersecurity #Australia #NewZealand #MSP #BusinessSecurity #CyberAwareness #InfoSec #GetOptimyzed