3 Tips For MSPs To Handle Cyber Attacks

Posted by Trevagh Stankard on Tue, Sep 28th, 2021

There’s no doubt that MSPs have a target on their backs today from cyberattacks.  Hackers are seeking them out to leverage their reach and strike at their extensive customer base. Many of these clients store valuable data that cybercriminals can extract and/or extort.  This article will focus on prevention rather than the threats facing MSPs.

How MSPs can prepare themselves and their client base from future cyberattacks:

1. Risk Assessments

A risk assessment is not the same thing as a vulnerability scan.  Vulnerability scans are performed using some type of software package such as Nessus by a third-part SME.  Many MSPs offer vulnerability scans as an optional service for organizations that must abide by compliance obligations or require greater security vigilance.  The purpose of a risk assessment is to identify, analyze and evaluate risk to help ensure that security efforts target the risks that make the organization the most vulnerable.  The risk assessment process includes three primary steps.

• Identifying what assets could be most affected by a cyberattack such as intellectual property, customer, financial and HR data, server hardware, application systems and mobile devices
• Identify the various risks that could affect those selected assets
• Prioritize security efforts and ensure that selected cybersecurity solutions, policies and controls are appropriate for the risks at hand. 

The risk assessment is a good method to determine the duty of care that the MSP would be obligated to perform prior to a cybersecurity incident.  Duty of care defines one’s reasonable security efforts.  This means that the safeguards implemented must not pose a higher risk to the organization than the lack of safeguards poses to others.  Obviously, a small or medium size business would not be expected to implement security tools that cost more than the company can possibly afford.  Most MSPs, as well as the customers they serve, are smaller businesses with a finite amount of resources available at their disposal.

It is imperative that an MSP go through this process themselves at least once, if not twice a year to ensure a secure framework from which it can then secure its clients.  Once risks and attack avenues are identified, reasonable measures should be taken to close any gaps that attackers could take advantage of.  This will give MSP personnel valuable experience that they can then use to assess their clients.  Not only are risk assessments a great service to include in your security stack for security and compliant minded organizations such as law firms, healthcare organizations and anyone who processes payment card transactions, they can serve as an added income source for your business.

Read article: How Does a Cyberattack Affect an MSP and Its Clients?

2. Education is Prevention

The plight of an MSP is no different than the customers it serves.  Like any organization, the weakest link is usually the people that sit behind the keyboards.  This means that MSPs are vulnerable to phishing attacks that are used to deploy ransomware and other types of malware attacks.  The ability to leverage the highly privileged user accounts of an MSP global admin is the grand prize for a hacker.  These accounts can be used to disable all security monitoring tools in order to allow attackers to infiltrate a client network undetected.  They can also be used to modify email security settings, local firewalls, and other services.  For this reason, MSP personnel should only use standard user accounts when performing vulnerable tasks such as surfing the web or checking their email. 

While every MSP should have a robust security stack that follows a best of practice multilayer cybersecurity strategy, the best “last defense” against cyberattacks is an educated user.  MSPs should provide some type of cybersecurity awareness training in the form of newsletters, social media posts and online clinics to educate their customers’ users about the latest cyberthreats.  Many MSPs are providing phishing simulations for their customers to best identify users that exhibit poor cyber hygiene skills and tend to click on anything without caution to the wind. Because businesses are clamoring for information to help protect themselves against the infinite wave of cyberattacks they read in the headlines today, a cyber education program is a great tool to not only secure your clientele but establish yourself as an expert in the field.

Read article:  Top Business Priorities for Successful MSPs

3. Finding the Right Cybersecurity Tools

The right toolset can make the job go smoothly while the lack of one can end in frustration and discouraging inefficiencies.  The same is true when it comes to cybersecurity tools.  While the sheer volume of available tools for enterprises and MSPs is overwhelming, an understanding of which ones will best work for your customers is imperative.  While some tools such as a SIEM will only be suited for select customers that have the need and the budget for it, every customer needs email and internet security.   In these cases, it’s best to have everyone using the same tool, allowing you to manage everyone from a single pane of glass.  

At TitanHQ, we understand the unique challenges of MSPs.  We don’t look at MSPs as customers.  We look at them as partners.  Our TitanShield MSP Program allows MSPs to take advantage of our program technology so that they can sell, implement and deliver advanced network security solutions such as SpamTitan and WebTitan to their client base.  These solutions are cloud-based, allowing you to manage them from any location for your geographically dispersed customers. 

Conclusion

These three tips will go a long way in securing your platform that you can leverage to secure your client base.  Talk to us to learn more about our MSP program and the tools we have to offer.

Talk to a TitanHQ MSP Security Expert today and discover how we can protects your orgainsation and clients from cyberattacks. Contact us.