Many MSPs have turned their attention to cybersecurity, branching out to offer their customers managed security services. However, making sure that their own cybersecurity is always top of mind is just as important as ensuring their partners are protected from adversaries.
MSPs increasingly find themselves the target of supply chain or "island hopping" attacks, as successfully breaching an MSP means gaining access to their customers' networks and data. As such, they are a lucrative target, with 2021 seeing a 650 per cent increase in supply chain attacks.
These attacks can be devastating for both MSPs and customers, leading to data loss, lengthy downtime, and reputational damage.
The importance of the supply chain
The infamous attack on the SolarWinds IT management platform—in which an attacker modified code in SolarWinds' Orion products and then pushed the malicious update to around 18,000 SolarWinds' customers including enterprises, IT companies and government organisations—is a stark example.
While SolarWinds later announced "the actual number of customers who were hacked through SUNBURST to be fewer than 100", it demonstrates how weaknesses in an MSP's security can impact organisations throughout its ecosystem.
A recent joint advisory from the cybersecurity authorities of the United Kingdom, Australia, Canada, New Zealand, and the United States details actions MSPs and their customers can take to reduce their risk of falling victim to a cyber intrusion. It describes supply chain attacks as "amongst the most significant cyber threats facing organisations today."
A range of steps are set out for MSPs and their customers in the advisory, including taking actions to mitigate initial compromise attack methods, improve monitoring and logging processes, enforce multifactor authentication, apply the principle of least privilege, deprecate obsolete accounts and infrastructure, backup systems and data, proactively manage supply chain risk, and promote transparency.
Understanding your security
It is clear that any MSP looking to grow their business must ensure they fortify their cyber security posture. However, many lack the resources to do this alone.
The starting point should be a full audit of your IT environment, as a good level of visibility is vital to understanding and improving your cyber security practices. This includes having a detailed knowledge of the software and hardware within your environment, the cloud services being used, the data and network integrations between these environments, and all the vendors you interact with.
From there it is possible to develop an incident response plan and mitigate the impact of a successful attack.
It is also important to understand what data your organisation and vendors are handling, so you can ensure it is stored securely and can only be accessed by the right people. MSPs must also establish what their vendors are doing to protect the privacy, integrity and availability of their organisations' and customers' data.
Processes and partnerships
Having the right cyber protection measures in place is also essential. This includes creating regular backups, investing in patch management, implementing a zero-trust model, or acquiring autonomous threat detection and response capabilities.
Taking these steps calls for specialised solutions and expertise that may go beyond what an MSP can handle in-house.
For example, MSPs need sophisticated threat detection and response capabilities that fortify their cyber security—including email security, the top vulnerability for supply chain attacks—and this requires advanced technology. Rather than developing the technology internally, MSPs often benefit by partnering with vendors that can provide the right solutions.
When evaluating vendors, MSPs should look for partners that can optimise their cybersecurity without consuming their time, resources, or attention.
Working with a trustworthy cybersecurity partner that is willing to share knowledge, provide the right tools, and be on-hand to offer technical support will help bolster internal security.
MSPs preparing to offer security services should be certain their own cybersecurity strategies and processes have been successfully implemented before they start working with customers.
By staying on top of your own security, you can protect your customers from compromise and begin providing the security services of most value to their business and your bottom line.
By strengthening your own cyber security posture, you prove your reliability as a trusted and credible partner to your customers. They, in turn, can benefit from the same cybersecurity solutions your business is utilising and be confident their own security posture will not be compromised by weak links in the supply chain.
To find out more about MSP cybersecurity, visit here.
This is a sponsored post in collaboration with Vade.
