CS Mar Apr 2022
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
MSP insights<br />
decrease budgets. The increases are<br />
substantial, an average of 7%. Given recent<br />
circumstances, this is a solid investment by<br />
businesses in security. For MSPs, this means<br />
there is a big opportunity available. For many<br />
customers, they do not have to work hard to<br />
convince them that security is important and<br />
needs investment; rather, the conversation<br />
needs to be about where the money should<br />
be spent and how to make the most of this<br />
increase.<br />
"SMEs are keen to spend this increase on<br />
data security and cloud security, with identity<br />
access way down the priority list. MSPs<br />
should follow their customers' lead to an<br />
extent when offering additional and improved<br />
services, but should also remember that they<br />
are the experts."<br />
WHERE ARE MSPS SPENDING THEIR<br />
MONEY RIGHT NOW?<br />
The most common security tools receiving<br />
this extra investment include data security,<br />
cloud security, and infrastructure protection.<br />
Identity access is the least common<br />
investment. "The toolsets MSPs are<br />
implementing include data encryption,<br />
antivirus and multifactor authentication.<br />
There are also some interesting regional<br />
variations, with French MSPs investing heavily<br />
in VPNs, while the UK and Germany are<br />
putting money into email filtering solutions."<br />
"Automating key functions is critical to<br />
making headway against cybercriminals,"<br />
adds N-able. "Automated backups are the<br />
most common form of automation used by<br />
MSPs to keep their customers' businesses<br />
secure, used by 85% of all respondents."<br />
LAST LINE OF DEFENCE<br />
Backup is seen as crucial - the last line of<br />
defence - and MSPs must be able to recover<br />
customers' data and systems, no matter what.<br />
"In general, backup is provided to most<br />
customers, but of major concern is the fact<br />
that only 40% of businesses are backing up<br />
workstations every 48 hours or less."<br />
THREAT GROWS GREATER<br />
Lee Robinson, co-founder and director, Meta<br />
Eagle, is equally alarmed by the way in which<br />
MSPs are being singled out. "As this report<br />
reveals, the threat among the MSP<br />
community is becoming increasingly real.<br />
"And now we're seeing our customers<br />
becoming more aware to exploits and<br />
vulnerabilities out there in the world. They<br />
want to actively engage in conversation, so<br />
they can understand how best they can be<br />
protected," he points out.<br />
"The industry has a major role to play in<br />
guiding businesses down the right path. This<br />
includes a cultural shift from having an IT<br />
partner that is simply looked at as a bottomline<br />
cost, but more of an investment into<br />
your business. Strong IT support, while<br />
empowering you to work from anywhere,<br />
should also secure your data, mitigate risk<br />
and put contingences in place, should the<br />
worse happen."<br />
MUTI-FACETED PROBLEM<br />
Lisa Niekamp-Urwin, CEO, Tomorrow's<br />
Technology Today, points to the "shocking<br />
statistics" within the report regarding the very<br />
real cyber threat for the MSP community and<br />
says it "speaks to the need to address the<br />
issue from many sides".<br />
In particular, she says hygiene becomes<br />
a critical factor - "removing admin rights,<br />
MFA, EDR, MDR, backup, log retention,<br />
monitoring, hardening, the list goes on and<br />
on. When I joined this MSP twenty years<br />
ago, I didn't anticipate having a security<br />
engineer on staff full-time. Yet, here we are -<br />
it's a huge priority".<br />
In today's climate, she adds, the industry<br />
needs to step up its game. "MSPs need to do<br />
their research, understand and listen to what<br />
is happening to their community; interrogate<br />
their stack and make sure there are no holes.<br />
And follow the golden rule…. MFA [multifactor<br />
authenticate] everything!"<br />
Dave MacKinnon, N-able: MSPs need<br />
to understand how the threat landscape<br />
continues to evolve and make changes to<br />
protect themselves and their customers.<br />
Lisa Niekamp-Urwin, Tomorrow's<br />
Technology Today: MSPs need to do their<br />
research, understand and listen to what is<br />
happening to their community.<br />
www.computingsecurity.co.uk @<strong>CS</strong>MagAndAwards <strong>Mar</strong>/<strong>Apr</strong> <strong>2022</strong> computing security<br />
13