Ransomware, phishing attacks and other social engineering vectors have become increasingly common today. While larger enterprises used to be almost exclusively in the crosshairs for cybercriminals, hackers have now set their sights on the undefended and highly vulnerable SMB market—a cohort containing more than 6 million corporate targets and nearly 50 million unsuspecting individuals. Given the lack of attention typically paid to SMB cybersecurity, these companies have generally made for easy marks.
The number of successful ransomware attacks (and subsequent payments) is staggering, and the effects of such malicious efforts can be crippling. In economic terms, cybercrime now outweighs the sum of all other forms of organised crime in the world—including money laundering, gambling, prostitution, drug trades and extortion. And because SMBs aren’t in the spotlight in the same way that major brand names or enterprises are, the space is a valuable, target-rich environment that is relatively easy to exploit.
The MSP often is flat-footed in addressing these needs because suitable security solutions that are engineered for the SMB market are lagging. Furthermore, skill- and labor-strapped MSPs find it impossible to compete for security-certified and properly trained professionals to work in SMB environments. There is heavy competition from high-paying, large enterprise employers who are faced with a similar challenge.
This exacerbated dynamic creates a conundrum for MSPs, which will be held responsible in the event of an attack. These organisations are required to inform their customers of the risks, regardless of the MSP’s inability to actually address those risks.
A recent research report had 93 per cent of SMBs declaring they would consider moving from their current provider to a new one if they were offered the “right” cybersecurity solution, even if the SMB was not planning to change otherwise.
SMBs were also willing to pay up to 25 per cent more for a new MSP that has the right security solution, or willing to pay that much more to their existing MSP if it brought such a solution forward.
The survey also revealed that SMBs are planning to invest more in cybersecurity in the next 12 months. Despite this, MSPs are still reluctant to bring these issues to their customers’ attention since most of them are woefully incapable of addressing their customers’ security needs in the first place.
SMBs reported they were more inclined to terminate their existing MSP for a new one that brings the right solution forward. It is also estimated that MSPs will be replaced more in the next two years compared to the rate over the past two decades. This further shows the enormous opportunity and demand for MSPs that can bring effective security solutions to the market.
Tips to improve security
Modern MSPs must automate and orchestrate a comprehensive and complete approach to business intelligence data from hundreds of thousands, if not millions, of endpoints. In addition to consolidating the alerts generated from these environments, systems must capture the remediation steps taken so they can improve upon security conditions. This enables true AI, facilitated by a high volume of business intelligence.
Size, scale and brand matter when it comes to buying IT—after all, it’s typically a confidence buy. If you’re an SMB owner, you want to have confidence that the hired IT company is capable, competent and is going to be there when you need them. The company must make sure you’re running on the most current security versions, ensuring your network stays secure. A cybersecurity issue is now an existential threat to your business.
That is where trust comes into play. When you make a purchase decision for IT services, you need to trust that they have the right security solution, the right insurance, the right employees and the right technology. As the old saying went “no one ever got fired for buying IBM.” Brand matters. This is a huge trust factor—confidence alone is not enough.
MSPs need NOC, security operations centre (SOC) and help desk operations to immediately oversee alerts and actions taken for full remediation. Alerts are received and analysed, with remediation steps curated into automated actions that are taken when the alert condition is repeated; this is true automation that MSPs need in an ever-evolving cyberattack landscape.
Having the right partner will ensure that MSPs can gain system adherence in a unified way, doing so quickly and inexpensively. This also empowers those MSPs to stay competitive and profitable with their service delivery. Technical MSP organisations also need to be empowered with the right level of control over the environment orchestration and remediation methods they employ.
MSPs should have complete control over the executable elements of automation, and be able to tie together the orchestration of the critical aspects of service delivery. That includes security where the earliest anomaly detection lets the MSP engage with a SOC technician who can determine whether it is malicious activity.
There are no simple, silver bullets that can solve the cybersecurity challenge (or capitalise on the opportunity it presents). When MSPs can find the right company with which to partner—one with the size, technology and experience necessary to keep networks and data secure—they are taking a crucial step toward creating a comprehensive and long-lasting security solution. In part two of this series, we’ll touch on why cyber insurance is not all it’s cracked up to be and steps for SMBs to stay secure.
Michael George, CEO, Continuum