I know every story in the past week seems like old news. Another data breach. Hackers stole email addresses to more than 200 million Twitter users late last year, and last week the world started to learn of the impact of the breach. Honestly, no one has seen the aftermath of this breach at this point, but 200 million users is a pretty eye-popping number.
It has become clear that if you own any accounts anywhere, you are gambling a data breach and a data leak of some sort of sensitive data.
While cyber experts are pointing at the Twitter leak as one of the “biggest” or “most significant”, the reality is that there will always be a bigger one coming. As our world continues down the track of big data dependencies, digital data will persist as one of the biggest 21st Century risks.
The Twitter attack is the perfect time to start getting executive teams and users aware of where their risks lie. I’m sure someone from one of your clients’ sites is aware of the attack and has an active account on Twitter. I’m also certain that you will have several executives not loving the idea of having any kind of account compromised.
You can really hit home in exposing their risks. How fragile their veil of security is. If you were able to tangibly show them the implications of their actions, you might get them to understand why you’ve been pushing them to improve their security stance.
For clients who have been reluctant to improving — you have an extreme opportunity right now with several visible examples of incidents no one would want to be a part of. This is your opportunity to get them to be more conscious of their security decisions. This is the perfect time to start leading them as their vCSO—virtual Chief Security Officer. Or at very least, this is your opportunity to get them to start thinking about their tangible risks by seeing what is exposed by just one simple link click. A level one penetration test would be the perfect ammunition to get them to start thinking about what is at stake.
For clients who are security-focused — this is your opportunity to take the reigns of their security programs. They may have compliance concerns or are just worried about doing the right things. They need direction on developing and maturing their security programs. As a managed services provider, you certainly have the experience to fill this seat. Talk through the recent security issues on Twitter or companies within their direct supply chains and get them to recognize that they need someone to help address their own security risks. This is the perfect time to help them as a vCSO.
For prospects you plan to engage — get them to see how even the Twitter breach may impact them and their users. Walk through a scenario of how ramped up phishing and ransomware attacks may impact the health of their organizations. Get them to think hard about their risks and show them what a simple link click can expose.
Communicate with your team — get your team to start thinking about recent events in the context of your MSP. Do they think everything is perfect? Nothing is ever as perfect as you think. That’s why we offer a free cyber stack evaluation to the MSP community.
Even if you evaluate your security already, also consider walking through a tabletop exercise of how a data breach may impact your business or that of your clients. Walk through with your team or your client’s executive team how they would respond if someone clicked a link or needed to respond to a data breach.
This is your opportunity to teach your clients that there are serious risks out there. Think about your weakest link client. The one who would NEVER invest in more than just the basics. The one who couldn’t care about anything but saving money. What if I had a way to show them their risks in a way where even they wanted to do something about it. To see the major cracks in their foundation and to give you a clear path to shoring up their security? Galactic enables MSPs to expose risks in a way that decisionmakers really understand.
