In their zeal to be seen to be doing more about cybersecurity, vendors are increasingly embedding threat monitoring capabilities within a variety of applications to make it easier to hunt for malware. But even when vendors decide to make threat detection pervasively available, it doesn’t necessarily follow that IT organizations have the time or expertise to act on that data.
Knowing where malware might be hiding is one thing; removing it is quite another. In many cases, MSPs will find that threat detection tools embedded in cloud services such as Microsoft Office 365 will wind up generating sales leads for them. More customers will become aware of just how much malware there is in their IT environment.
Most IT organizations today are not especially good at hunting for threats and spend very little time looking for them in their network.
As threat monitoring becomes more widely employed, more organizations will be coming to terms with the fact that despite their best efforts, malware has made it past their perimeter defenses. That doesn’t mean they are giving up on firewalls and anti-virus software. Things would be much worse without those capabilities. But thanks to increasingly more sophisticated approaches to cybersecurity attacks using primarily phishing techniques, a lot of malware is now being inadvertently being downloaded by end users.
Threat hunting needs to become a continuous process
Once that malware gets installed, it’s not too long before it starts to move laterally across the organization. That means threat hunting needs to become a continuous process conducted on a 24/7 basis. Most organizations don’t have the skills and resources to continuously hunt for threats.
Of course, once an organization asks an MSP to help them remove malware, there’s an opportunity to have a much larger conversation about the role the MSP might play in helping that organization become more secure. In fact, MSPs might soon come to view threat detection as a free service.
Rather than competing directly against software, MSPs might want to encourage end customers to employ threat monitoring tools as frequently as possible. After all, organizations that are ignorant of the extent to which malware has compromised their systems are not especially motivated to look for help. It’s only when they become aware of the true extent of the problem that they begin to appreciate the expertise an MSP provides.
Photo: Rawpixel.com / Shutterstock.