It appears the managed services provider (MSP) community may finally be coming to the conclusion that it’s time to come to each other’s mutual aid, rather than hanging separately. CompTIA has announced it will be assuming the leadership of a Technology Solution Provider Information Sharing and Analysis Organization (TSP-ISAO) that previously was launched under the stewardship of ConnectWise.
CompTIA announced it plans to fold the TSP-ISAO work that has been done thus far into its existing cybersecurity initiatives and industry groups over the next several months. It’s not clear how many MSPs and IT vendors will put aside their rivalries to advance the greater good in terms of cybersecurity. Most will probably wait to see what initially emerges from CompTIA in the months ahead before making any commitments. However, it’s clear that some form of a shared threat detection capability is in the best interests for MSPs.
MSPs need help
At this point, the amount of cyber threats has drastically increased and is too much for any one MSP to face alone. Today, cybercriminals are part of an organized crime empire that generates more than $3 trillion in revenue a year. The services and support that cybercriminals now receive from the various entities that create the tools they leverage to launch attacks are on par with anything provided by the largest IT vendors in the industry. It’s already been well established that cybercriminals have identified MSPs as a point of convergence through which they can potentially launch attacks against millions of businesses that MSPs serve.
That crisis is now being made more urgent by the COVID-19 pandemic, which is driving many organizations to rely on MSPs to deliver IT services to more employees working from home offices than ever before. Cybercriminals are taking advantage of that shift to launch even more attacks against end users and MSPs alike.
Next moves for MSPs
In the short term, there’s no doubt that MSPs will need to make more extensive use of technologies, such as two-factor authentication, to make sure end user credentials have not been compromised. The unfortunate truth is the only thing standing between cybercriminals and access to the proverbial application kingdom is a password of dubious strength.
MSPs should invest in anti-phishing tools and training to enable end users to recognize these types of attacks as much as humanly possible, while at the same time embracing best DevSecOps practices to make their existing IT environments more secure.
In the long term, MSPs should also be transitioning toward providing zero-trust networking services and embracing microservices to modernize their application portfolios in a way that makes them more secure.
Most MSPs can’t afford to wait for industry associations to define a set of best cybersecurity practices. There are plenty of tools and best cybersecurity practices that are already defined. There’s also no shortage of threat intelligence feeds that MSPs can subscribe to on their own.
The real issue now will be for MSPs to determine to what degree they want to collaborate with one another to identify potential threats that are specifically aimed at them, as early as possible. The decision for MSPs to collaborate may not come naturally, but given the increased volume and sophistication of the attacks being launched, there may be some comfort in the fact that not every MSP needs to face those threats alone.
Photo: Lightspring / Shutterstock