Last week was a whirlwind of cybersecurity. Outside the routine investigations into updates to the VSS, PrintNighmare, or M365 phishing events (all indicative of the hard to swallow reality that MSP security teams need to be vigilant) were the two big events of the year—DefCon and Blackhat.
While my team left Las Vegas revved up with ideas and angles that no one in managed services is really thinking about right now. We all give lip service to cybercriminal attacks becoming increasingly sophisticated, but what bothers me is they continue to successfully break through defenses. My big takeaway from last week’s events is that our community needs to take hold of an offensive rather than simply defending our client networks.
With damage on targeted attacks the likes of Kaseya or even less reported attacks impacting thousands of managed or co-managed clients, what is clear is that simply doing what we’ve been doing to protect and educate our client base is insufficient in 2021.
The “can’t happen to me” mentality that might have worked ten years ago no longer holds true for long. We need to get our clients to understand why they need to be thinking about cybersecurity—even if they previously had no interest in investing any money in a cyber stack.
When listening to a variety of talks—spanning macOS and bypassing Windows security to hacking software supply chains led me to realize that MSPs need to understand and engage in more offensive-thinking.
As an industry, we’ve been trained to prepare for cyberattacks through defending a variety of layers within network security. I agree that these layers are vital to how we keep clients safe, but without approaching our security from the perspective of a hacker, how will we ever really improve anything?
I get that your team is busy supporting users and keeping their operations running, but if they aren’t putting their roles in the context of how hackers get in and how far they’re able to move if your network was breached, who else will?
By adding offensive tactics to inspect a cyber stack’s performance, enterprise security teams are understanding where their weaknesses lie and get a unified mission to remediate those issues.
As an MSP—who has a team at least as capable as an enterprise team—are you thinking about offensive tactics? Do you know where the most likely way a hacker would bypass your current security measures?
If you were a doctor that was tasked with curing someone’s heart attack, would placing a stint in a coronary artery solve the problem? Maybe, maybe not. Until the doctor understands root causes and maybe even environmental impacts of the heart attack will he or she know the best route of treatment.
Same thing goes for your security. Instead of stacking layer upon layer of security tools and expecting your investments to simply protect, why not put them to the test and see what works and where you need to improve?
Wouldn’t you rather proactively approach your security from an offensive perspective? And prioritize what needs to be done?
Adding an offensive component to your security will not only make sure your controls are capable of withstanding attacks, but also keep your team engaged and understanding why you have policies in place requiring them to do things a certain way.
How to switch to an offensive mindset?
We recommend getting a cyber stack evaluation to see how your team reacts to simulated events on your network.
