Expanded Definition: Threat Research Team

What is a threat research team?

A threat research team is a group of cybersecurity experts dedicated to proactively seeking out potential risks and delivering related insights to their broader security team to take action on. 

This team has the dual role of threat hunting and threat intelligence, to make their proactive cybersecurity approach more effective. They not only keep specific threats and trends on their organization’s radar, but also provide forward-thinking approaches and research to help fortify the team’s defense. 

Threat research teams vary in size and scope depending on the type of organization they serve. Some teams work in-house, while others act as an outsourced team of experts, and a third-type provide research and intelligence to multiple organizations, like an information sharing and analysis community (ISAC) or organization (ISAO). 

How threat research teams help managed service providers (MSPs) 

Since MSPs offer organizations a way to outsource their IT and cybersecurity needs, providing the expertise of a threat research team through the MSP can be a great value-add for clients. 

Too often in recent years, MSPs have taken a trial-and-error approach to cybersecurity. To bring the most value to their customers, MSPs must take a proactive and holistic view of their security offerings. Creating, or working with, a threat research team can allow the MSP to stay ahead of upcoming cybersecurity challenges while also providing cutting-edge counsel to their customers. 

The threat research team keeps the MSP, and the customers they are serving, ahead of the curve on ransomware and other common cybersecurity threats, like vulnerabilities. Beyond serving customers, these proactive approaches also serve to protect the MSP’s own cybersecurity posture. 

The 2021 Perch MSP Threat Report found that MSPs are vulnerable targets for cyberthreats. The aid of a threat research team helps the MSP focus on everyday security needs while also taking a forward-thinking posture. 

The Connectwise Cyber Research Unit (CRU) aids threat hunting and threat intelligence 

ConnectWise introduced the CRU to offer a threat-protection focused platform to MSPs and technology service providers (TSPs.) Like a threat research team, the CRU specializes in threat hunting and threat intelligence. This team is composed of security operations and threat research experts, brought together to offer MSPs and TSPs the research and proactive approaches they need to mature their cybersecurity offerings.  

The CRU produces threat reports, a daily-updated threat feed and more to spread the knowledge they gain through their research into automated and manual malware analysis, the monitoring of ransom leak sites and malicious botnets. As a result of this threat hunting, the CRU can provide threat research teams with new indicators of compromise (IOCs) that were previously inaccessible. 

Did you know?

“Cyber threat intelligence provides several benefits, such as enabling organizations to develop a proactive cybersecurity position and bolster overall risk management policies. With the growing implementation of cloud platforms, IoT, and other networking technologies in organizations, they are becoming more and more exposed to various cybersecurity breaches...encouraging them to adopt threat intelligence platforms to strengthen their capabilities against the rapidly evolving cybercrime landscape.”

Verified Market Research 

Additional Resources

blog icon 5 Cybersecurity Services the MSPs Need to Offer Customers

Small to mid-sized businesses (SMBs) are becoming increasingly aware of cybersecurity as a major area of concern. We’ve broken down five key cybersecurity services that MSPs should offer—take a look to see where you could increase your service offerings to drive revenue, meet customer needs, and tap new markets.

Blog post >>
toolbox icon Building Your Cybersecurity Practice Kit

Even before the pandemic hit, there’s been elevated pressure on MSPs to think beyond prevention measures and deliver a new standard of cybersecurity protection. ConnectWise has the tools and resources to help you establish a cybersecurity solution you can deliver with confidence—based on best practices throughout the industry. 

Kit >>
reporting icon 2021 MSP Threat Report

Learn about the cybersecurity events that made waves in 2020 as seen through the eyes of the Perch SOC in the 2021 MSP Threat Report. In the report, you’ll get an eye-opening look at why MSPs are vulnerable targets, what the security pros think you should be looking out for, a timeline of standout hacks in 2020 impacting MSPs and predictions for what’s coming next.  

Report >>
toolbox icon ConnectWise Cybersecurity Starter Kit

Want to get started selling cybersecurity? We’ve put together a kit to help. Download the kit today for helpful resources that will transform your business from an MSP to an MSP+ model, including educational information for your SMB customers, templates, and more.

Kit >>
blog icon Why SMBs are high risk for cybersecurity threats in 2021

There’s significant opportunity for MSPs to offer “MSP plus” service, helping their clients to embrace better security practices. In fact, our 2020 State of SMB Cybersecurity report found that 91% of SMBs would switch MSPs for the right cybersecurity support.  

Blog post >>
security solutions icon IT Nation Certify cybersecurity training

Become your client’s go-to security expert by joining thousands of MSPs worldwide in obtaining MSP-specific cybersecurity training to protect your own practice, gain confidence in your ability to provide cybersecurity services to your clients, and drive security sales growth. 

Training >>