ccording to the National Center for Middle Market, 43% of cyber-attacks are against small businesses. Every month, multiple incidents evade traditional security measures, and customer data is stolen. 53% of businesses have experienced a cyber-attack in the last year. On average, it takes over 206 days to find out. Our customers are under attack, and most are frankly unaware.As technology providers, customers may turn to us for help and guidance and it’s often after it is too late. Still, there are some things we can do to leverage our position as technology subject matter experts (SMEs) to help protect our customers.
Here are some reminders for how MSPs can help customers when it comes to security:
1. Employees are often the source of the problem, start there.
Nuspire has found that over 1/3 of security incidents originate from within the network.This could be due to phishing scams, downloading unapproved software, or even clicking on a malicious link. As service providers, we can provide guidance, training, and policies to help head off security issues before they start. Having a policy that explains where employees can go on the network, what employees can access, and how to handle account creation and decommissioning can stop a whole host of issues and exploits. Providing basic training and best practices can stop the majority of threats to a company and also provides guiderails for employee behavior and productivity that can benefit the organization beyond traditional security concerns (think HR and bandwidth challenges).
2. Someone needs to watch over the network.
The security landscape is a game of attrition. Hackers figure out ways to evade security technology. The industry responds with signatures, bulletins, and new technology to stop this new threat and hackers respond with new ways to get around this new technology, or find brand new threat vectors. In this game of attrition, your customer will always lose. Our technology has set rules, signatures, and procedures to follow. They have people who know how to get around these tools. For example, there is a common security control that will lock you out if your password if it’s input incorrectly three times in five minutes. There are programs that will guess a password twice in five minutes, forever. Or simply, a hacker may send a phishing email to obtain the password from the user, so they don’t even need to guess. Because the bad guys have people on their side, they know the rules, and how to circumvent them. The only plausible way to get a leg up is to also have people playing defense. People that aren’t concerned with signatures, but with what is actually happening on the network. Day after day of incorrect password? A person can pick up that threat. Suspicious activity on an endpoint? A person can find that.
3. Provide customers with the security expertise they need.
Even with the best security posture, there will come a time when security resources are needed. No security system is airtight, and even normal events might require a second set of eyes to validate safety of the activity. When that time comes, MSP’s have valuable resources that they may not be able to find elsewhere. However, they don’t have to do this alone. Partnering with a Managed Security Service Provider (MSSP), outsourcing a Security Operations Center (SOC), or simply providing security information event management (SIEM) technologies can provide the customer with the tools and people need to help navigate an indication of compromise.
4. Have a plan in place prior to a breach.
After discovering a breach, coming up with a plan is too late. Organizations need a documented response plan, a process for threat management, and a procedure for after action reporting and remediation. However, many companies are too tied up in their core business to put these measures in place. An MSP is an ideal resource to help with planning, preparation, and response activities. This also ensures that when the time comes, the MSP is a trusted resource, and a part of the team.