There is now at least one new constant in our lives.
I’m not referring to the pandemic. And I’m also not talking about our work lives as a result of COVID-19. What I’ve seen over the past couple of years (and even this past month) is the growth of cyberattacks on IT infrastructure.
Our cybersecurity problem is becoming more pervasive and complex. Part of the problem is that our cyber ecosystem has grown so much in the past couple of decades, that maintaining and managing our current footprint is inherently more complex than it once was. With more devices, applications and chances for an exposed vulnerability, your team has less room for error today than they once did.
Creating resiliency within the MSP cyberspace will depend on our collective understanding of rapidly evolving threats and applying best practices and lessons learned to those threats. This will also require trust across your team and the teams of your clients.
In order for MSPs to become more secure, we need a better neighborhood watch program.
Back when I was growing up in rural Michigan, we didn’t have an official neighborhood watch. We—as neighbors—had a general understanding that we all would watch out for each other. When something didn’t look right, we’d check in on people to make sure everything was okay.
In the big city, many of us have official neighborhood watch programs with email lists and people still watching that their street or grid of streets are safe.
I believe we need such a neighborhood watch across our networks and generally helping to identify problems, issues and holes leaving us vulnerable to attacks or breaches.
We also—as an MSP community—need better ways to know the tools we are investing in are actually working. Our community is under attack because we hold the keys. What we’re doing now trusting security vendors is not working.
As I’ve assessed nearly 400 MSP networks this year, there are many issues with a variety of security products. Overwhelmingly these products are not bad, but just poorly configured, monitored, or maintained.
While many of the issues stem to configurations your team controls, there are just as many security issues pervading the MSP cyberspace that you entrust other providers to have set up.
There are no standard settings that you, as an MSP, can have enabled for you across the board—especially if different vendors’ default settings lead to different misconceptions.
There is no one to let you know that you left your trunk open, your door unlocked, or that a package has been sitting on your front porch for too long. There are no eyes making sure that things look as they should. We collectively have no consensus on what “good” looks like and for the most part have not tested whether “good” is working to protect our networks.
Cybercriminals are able to use and reuse malware exploits varying in sophistication simply because they’ve found them to be effective across large populations. These attackers have found vulnerabilities specifically in tools used within MSPs and have actively exploited MSP-centric vulnerabilities.
The main reason? For the large part, these vulnerabilities went undetected or were unmitigated within MSP environments.
There was no neighborhood watch sounding an alarm other than another story about and MSP’s cyberattack or cyberattack on an MSP’s clients. The median time for detecting a compromised network is currently around 4 and a half months!
Can you imagine not detecting a bad guy on your network for even a week or two?
What if we could change that equation? What if we had actionable plans on dealing with threats? What if your team understood your (and their risks) when working on network issues? What if your clients were shown why cybersecurity is a good business decision and investment?
What about you being able to actually see your tools working in action without having to rip out your entire stack and start again? Rather, tweak what you have until it’s working the way you expect (AND your team understands what’s going on)?
Enter your Neighborhood Watch
By establishing a community—inclusive of your entire team—that is on the lookout for security-related problems within the MSP space. A team that understands the importance of testing security. A team that is engaged and vigilant.
