Four months of 2019 are in the rear-view mirror, and after talking to MSP owners and security experts on a daily basis, there are some trends are emerging that I thought I’d share.
AI is one area that seems to be dominating the conversation this year. As 2019 comes into greater focus, here are four areas of opportunities that MSPs might want to give a closer look.
You’re thinking: this isn’t anything new. Like most online malevolence, tactics and methodology evolves. Ransomware continues to be problematic, but its targets are changing. While the volume of attacks seems to have died down, the attacks are becoming more targeted and the demands of criminals far more onerous.
While the volume of #ransomware attacks seems to have died down, the attacks are becoming more targeted and the demands of criminals far more onerous.
Most people have heard of Atlanta, so when the city was brought to its knees by a ransomware attack in 2018, the world took note. Atlanta didn’t pay the $50,000 ransom demanded by the attackers, and they were slowly able to get their systems back online. Far fewer people have heard of Jefferson, Georgia, the seat of Jackson County with its 60,000 residents. Jackson County is carpeted with red clay soil and rolling bucolic peanut farms an hour east of Atlanta’s sprawling suburbs. Icy glasses of sweet tea and buttered cornbread are staples on the menu. The attackers had done their homework. With limited coffers, the county hadn’t invested much in cybersecurity, including crucial back-up systems.
When the Ryuk virus came calling last month – and someone answered – Jackson County’s systems were shut-down. The county government ground to a halt and quietly paid a staggering $400,000 to the attackers to get their systems back up. Lessons can be drawn from this attack. Namely, MSPs in rural counties should be offering their services to local governments with sparse defenses, but high data density.
This is becoming a significant, but often overlooked, opportunity for MSPs. The digital signage market will hit $27 billion dollars by 2024. While retailers have led the way in the digital signage market, there are more and more informational or hybrid commercial-informational applications. An example of a hybrid sign would be a highway billboard advertising a hospital’s emergency room (commercial), that digitally displays the current wait time to be seen (informational). There are also freeway signs that update traffic information in real time and kiosks in colleges where students can interact with campus maps and course information. Signs are everywhere, waking up from their slumber to become interactive and personalized.
Moreover, in scores of multi-story office buildings across the world, the digital sign revolution is just beginning. A ten-story office building, for instance, has traditionally had a static “menu” in the lobby that listed the building’s tenants by floor. Now, those mainstays of lobbies (along with fountains and fake plants) are being placed by interactive signs where one can press a button to see the building’s tenants, another button to find out about renting vacant space in the building, and yet another for upcoming events.
The trend towards digital signage is about more than just cosmetic improvement, it’s also about saving costs. For instance, if a business moves out of an office building, there’s no need to update the static sign, the digital version is directly updated. For retailers and restaurants, digital signage increases customer engagement and allows for a more seamless experience.
Digital signs are often poorly defended attack surfaces, that can serve as a gateway to a company’s more extensive network.
However, these digital signs also represent often poorly defended attack surfaces, that can serve as a gateway to a company’s more extensive network. Some MSPs are choosing to turn their focus to digital signage as a niche, and with the business poised to grow, there should be plenty to go around.
Turns out GDPR was just the tip of the iceberg. With IoT devices creating an ever-wider latticework of data point collection opportunities, retailers, marketers, and the government will have a chance to collect and learn a little bit about you. Medical wearables will continue to track, harvest, and transmit medical data to distant collection centers where one hopes that the information is handled in a HIPAA compliant manner, but few consumers really know.
IoT devices without screen interfaces and secure opt-in or opt-out options continue to create problems. MSPs that can wade into the muck of convoluted and patchworked privacy regulations and the desire of enterprises and people to maintain privacy will have more business opportunities.
Hackers once had to penetrate what was the online equivalent of Fort Knox to breach a heavily defended network, but with network lines being blurred more and more by IoT and mobile devices, a hacker just needs to probe for the weakest point to gain access. Often these weak spots are poorly defended endpoint devices, whether they are the IoT coffeepot, kiosk in the lobby, or a mobile device brought in from off premises.
Endpoints are becoming increasingly easy to overlook as connectivity extends to every crevice of the business ecosystem. Any MSP that can integrate endpoint security into their overall package of protection will be ahead of the competition.
As attack surfaces grow, so do the opportunities for MSPs and 2019 is opening many new fronts for MSPs to operate in.
Photo: cifotart / Shutterstock