Cybersecurity's biggest challenges and their impact for MSPs
TechTarget highlighted cybersecurity as one of the top three challenges CIOs face in 2023. This likely doesn't come as much of a surprise, knowing there were over 25,000 cybersecurity vulnerabilities assigned a common vulnerabilities and exposure (CVE) number and included in the National Vulnerability Database (NVD) via the National Institute of Standards and Technology (NIST) in 2022.
From an MSP perspective, looking deeper into specific cybersecurity-related issues and keeping up with the threat landscape were the key concerns MSPs faced as they planned their cybersecurity programs for the upcoming year, according to the recently released survey findings from MSPs at IT Nation Secure. So, while confirming via the TechTarget article that cybersecurity is important, the crucial insight for MSPs is their need for an easy way to keep up to date on all the cybersecurity threats they and their customers face.
In this blog, we will review and unpack the results of a recent IT Nation Secure 2023 survey which were briefly discussed at the event’s keynote address. The survey identified the top five challenges and their implications on the MSP community and their customers—let's review them in order of importance:
The threat landscape is the constantly changing nature of cyberattacks, which can occur when viruses, malware, phishing attacks, ransomware, or other forms of intrusions penetrate a company's networks. These threats can come from a variety of sources, including nation-states, organized crime, individual malicious hackers, or even ethical hackers.
With the rapid pace of technological change experienced in the IT industry, as new technologies are developed and adopted, they can create new vulnerabilities to be exploited. A recent example of this is the migration of enterprise applications, such as Microsoft 365, to the cloud, which has created a vast landscape of inter-connected computers and networks that can be attacked individually or as a group.
For MSPs, this changing reality necessitates a proactive approach to cybersecurity. This includes technical cybersecurity solutions, such as antivirus, firewalls, and intrusion prevention systems, based on the latest security technologies, as well as updated company cybersecurity processes that mandate periodic employee training and incident response plans.
Regulatory and legal landscape
With an increased focus on digital security, many countries and regions have enacted and updated cybersecurity regulations to protect their citizens and businesses. Some important things to note about this are:
- Cybersecurity legislation can vary by country, state, or even local community
- The European Union has implemented a Cybersecurity Act to protect digital services within its member countries
- Regulations may also be specific to certain types of businesses or industries in some cases
As the landscape of cyberthreats and regulations continues to evolve, staying up to date with the latest cybersecurity legislation is essential for all MSPs. In fact, depending on the specific type of services they offer, MSPs may need to comply with a unique set of rules or standards. With this in mind, keeping up with the general evolving threat landscape is important. Several resources for this are suggested below:
- 2023 MSP Threat Briefing Series
- Importance of Vulnerability Management
- What happened with LastPass breach?
- 10 common cybersecurity threats and attacks
- 7 best cybersecurity risk assessment tools
- How to conduct a cybersecurity risk assessment
- What is cybersecurity risk management?
- What is cyber threat hunting?
2. Finding the right vendors and tools
The cybersecurity tech stack is built around IT systems focused on reducing enterprise cyber risk and enhancing a company's cybersecurity posture. It usually comprises two distinct sets of technologies: the first provides user-based access control to the IT team, and the other focuses on proactive security vulnerability analysis and remediation.
An MSP's cybersecurity tech stack should incorporate elements that protect digital assets, networks, databases, servers, and enterprise applications. It's important to remember that the ideal cybersecurity tech stack for you should be based on your organization's—as well as your customers'—overall risk profile. No matter what the current state of your cybersecurity tech stack is like, it's crucial to remember that threats are constantly evolving and business and cybersecurity needs are changing, so it's necessary to stay vigilant and find ways to improve. Take a look at some of these helpful resources to get inspired and gain invaluable business insights:
- Why your tech stack is your new cyber tech stack
- Meet the CW Cybersecurity portfolio
- What is a SOC and how to choose the right one
- What I Wish I Knew about cybersecurity: Tips from MSPs
- How EDR, SIEM and SOC work together
- Art of the cybersecurity assessment
- SIEM Buyer's Guide
- How to build your security stack
- From AV to MDR: evolution of cybersecurity technology
- Why CW for cybersecurity
- EDR vs MDR
- Cybersecurity Tech Stack Cheat Sheet
- Evolve to next level endpoint defense
- ConnectWise SOC Feature Sheet
Cybersecurity can significantly contribute to recurring revenue streams, given that customers are updating their technology stack to a distributed infrastructure approach, signing up for hosted services, and migrating their enterprise applications and networks to the cloud.
All of these services are increasingly vulnerable to attack, and these attacks are becoming increasingly more sophisticated. As such, cybersecurity can be both a driver and a benefit from attached sales. Your customers need the off-premise and on-premise products and services you provide and the affiliated add-on security products and services.
The reverse also applies. When you provide your customers with cybersecurity products and services, you have an opportunity to up-sell complementary technologies such as storage, backup, and the associated professional services.
As a result, you must always think of your MSP as a sales and customer service organization, not only a technology company. Successful recurring-revenue-driven organizations depend on new sales for growth and high customer renewal rate for baseline revenue maintenance. For more information about pricing and packaging cybersecurity, watch this webinar or read this eBook.
According to the Yr 2022 ISC Workforce Study, the cybersecurity workforce has been growing about 26% annually, and more than three million cybersecurity-related jobs exist worldwide that need to be filled. According to the study, "the cybersecurity workforce gap jeopardizes the most foundational functions of the profession like risk assessment, oversight and critical systems patching."
The growing need for specialization is an additional issue within the industry. The talent scarcity that exists across the cybersecurity profession includes many of the specialized areas mentioned previously, like cloud security, identity and access management, data protection, and incident response.
For MSPs, investing in tools such as artificial intelligence (AI) and machine learning (ML) can create a layer of 24/7 automated support for their customers, which provides predictive threat detection and remediation capabilities they may not otherwise have been able to afford. Bringing an MSP on board can provide the cybersecurity expertise they wouldn't have had in-house.
For more information about the cybersecurity talent gap and how to work toward closing it, check out these resources:
5. Responding to incidents
Well-run companies have formal incident response processes fully documented by their cybersecurity team. This way, when an actual cybersecurity incident occurs, the team can focus on mitigating the incident rather than wasting resources tracking each team member to ensure they are successfully completing their assigned tasks.
Without such processes, a simple incident can turn into a major crisis, causing serious harm to an organization's operations, compliance, reputation, and financial state. Having standard operation procedures (SOPs), especially for frequent incidents, is critical for proper resource management and ensuring the most critical incidents are prioritized when required. The owner of the SOPs with the appropriate level of authority to make enhancements or changes also needs to be identified and updated when required as part of the documentation.
Without such formal incident response processes, MSPs can waste valuable time and already-scarce cybersecurity talent tracking personnel instead of spending time on the actual resolution. For additional information about the importance of incident response, take a look at some of these helpful resources:
- Why You Need an Incident Response Plan and How to Create One
- Introducing ConnectWise Incident Response Service
ConnectWise can help MSPs keep up with the evolving threat landscape
The ConnectWise Cyber Research Unit (CRU), comprised of seasoned cybersecurity professionals with deep engineering, IT administration, security operations, and incident analysis and response expertise, is uniquely dedicated to expanding the industry's collective understanding of today's threat landscape.
Throughout 2022, the CRU put together an analysis of over 440,000 cybersecurity incidents that impacted our MSP partners and their clients, the findings of which are included in the fourth edition of the ConnectWise 2023 MSP Threat Report. Download the report to learn more the evolving threat landscape and how ConnectWise can help.