Summary of the Ultimate Operations Guide For MSP Cybersecurity

| By:
Sajal Sahay

Cybersecurity is a hot topic among MSPs. From discussion groups to social media to major headlines after well-known companies suffered very public breaches, it’s clear that cybersecurity is necessary everywhere—on our computers, phones, tablets, mobile devices, IoT devices, and even in our cars.

At ConnectWise, we’re consistently hearing the same concern from our partners: “If these huge companies are having problems with cybersecurity, how am I going to do this for my business and clients?”

Let’s start with a dose of reality—There are a lot of factors involved in cybersecurity operations, and for MSPs, it’s even more complex. As an MSP, you have to consider your internal network, the force multiplier effect that it causes, and the security of your clients. Add in the increasing regulatory requirements and insurance on top of that, and it can feel like a constant uphill battle.

The good news is we’re here to help. Our in-house cybersecurity experts have written an eBook, The Ultimate Operations Guide for MSP Cybersecurity, to enable MSPs with critical information and insights to get started with their cybersecurity efforts. 

At ConnectWise, we have:

  • Years of experience across diverse MSPs and their clients
  • Taken programs from zero to audit and can talk with you about everything from broad policy structures to technical minutia to continued learning
  • Walked this path and want to help others do the same, so we’ve created a shared foundation for understanding and evaluation
  • The ability to share our knowledge to help you evaluate what makes the most sense for your business and explore some of the nuances unique to our industry

This blog, which is a summary of The Ultimate Operations Guide for MSP Cybersecurity eBook, serves to provide a quick snapshot of all the most important cyberrelated issues MSPs may want to consider.

Core Cybersecurity Concepts

This section of the eBook covers the basics. If you’re starting from scratch, most of this may be new material, but if you’re an experienced practitioner, it’ll likely be more of a review. The topics that are covered in detail within this part of the eBook include:

  • The CIA triad (confidentiality, integrity, availability)
  • NIST Cybersecurity Framework
  • Compliance
  • Basic risk concepts and risk management
  • Risk assessments and risk treatment
  • Role-based access control
  • Separation of duties and shared responsibilities across the security team


Governance is the set of formal policies, processes, standards, etc., that make up a cybersecurity program and allow an organization to achieve its objectives. The specifics will differ for every organization, both for architectural reasons and risk tolerances. The key point of governance activities is that they are high-level and don’t get into specific technologies, and they represent management’s goals for the cybersecurity program. The critical governance-related topics covered in detail include:

  • Documents
  • Policies
  • Standards
  • Procedures
  • Data classification, classification levels, and owners
  • Cybersecurity team roles
  • Recommended industry certifications
  • Third-party vendor management
  • Third-party risk assessments
  • Change management and change control


Cybersecurity architecture is essential for MSPs because it provides a structured approach to securely designing, implementing, and managing cybersecurity solutions. When created, implemented effectively, and regularly tested, the architecture enables an MSP to identify and address potential cybersecurity risks and vulnerabilities. Topics that are covered in detail related to why cybersecurity architecture is crucial for MSPs include:

  • Network segmentation
  • Remote work considerations
  • Core components of a cybersecurity program (EDR, SOC, SIEM, SASE, etc.)
  • Other non-core but important components of a cybersecurity program (Pentesting, vulnerability management, BCDR, etc.)
  • Physical security
  • Employee onboarding and offboarding

Factors Unique To MSPs

MSPs hold a unique role due to their responsibility for servicing and securing the systems and data for themselves and their clients. This creates unique requirements to ensure it meets its mission and limits its liability. The topics covered in detail about special considerations for MSPs include:

  • Protection of client data
  • Trust and transparency
  • Compliance
  • Risk management
  • Business continuity and disaster recovery (BCDR)
  • Training and cybersecurity awareness
  • Agreement considerations (SOW, SLAs, etc.)
  • Responding to alerts
  • Insurance
  • Secure onboarding and offboarding
  • User verification
  • Responding to client incidents and disasters
  • Billing considerations
  • Team certification requirements

Metrics and Reporting (Key Performance Indicators)

A security operations center (SOC) monitors and responds to cybersecurity incidents across an organization’s networks and systems. It is important to track and measure key performance metrics to ensure that the SOC is effective in its mission. The topics that are covered in detail on critical metrics for a security operations center include:

  • Performance
  • Cost
  • Importance of measuring the right metrics

Explore these concepts further in The Ultimate Operations Guide for MSP Cybersecurity

Successful cybersecurity operations require multiple technical and administrative components working together to maintain the core cybersecurity principles of confidentiality, integrity, and availability for MSPs. Less formally, they provide reassurance that information is safe. While complex, cybersecurity is the result of combining straightforward concepts to build resilience. These concepts work together to meet the unique challenges of MSPs and are validated by successful programs in both small and large environments.

In summary, The Ultimate Operations Guide for MSP Cybersecurity was created for MSPs and goes through each of the items summarized in this blog in greater detail. While the guide isn’t meant to be a technical manual, we do assume some basic understanding of IT architecture, as the content is written for owners, techs, marketing leaders, and account managers.