You only have to turn on the TV or open the morning newspaper to understand the impact that cyberattacks are having on businesses and individuals around the world. In 2021 alone, there were a reported 1,862 successful data breaches, up nearly double from the previous year, and the corporate world was experiencing approximately 925 attacks per week on average.
These attacks are increasing not only in number but also in severity. According to research by IBM and the Ponemon Institute, the average cost of a data breach increased in 2021 to $4.24 million from $3.86 million the previous year. This is the highest reported average total cost in history, and one that would likely devastate many businesses.
Further reading Lessons from MOVEit-Related Breaches: Essential Takeaways for MSPs
This rapid rise in attacks has made it more important than ever for managed services providers (MSPs) to offer cybersecurity services and technologies to their customers. Otherwise, many of these customers would not know where to start. They want to rely on their trusted advisor — their MSP — to support them by mitigating the risk of attack that they face.
The ways an MSP can support its clients when it comes to cybersecurity can range greatly, from just helping to implement the basics to launching a full-scale, 24/7 monitoring and management operation. It is up to the MSP to determine what level of engagement is right for their business and their client base. The only right answer is that, in today’s world, an MSP needs to do something to support their clients in mitigating the risk of attack.
Mastering the Basics of Cybersecurity
There are many basic things that an MSP can do to support its clients in the area of cybersecurity. A logical place to start is to assess their environments, including identifying critical assets, understanding current protections, and detecting any potential immediate risk areas. From there, an MSP can help its client develop a strategic plan to improve their overall cybersecurity posture and thus limit their exposure.
Some of these immediate actions may include ensuring that basic cybersecurity protection is in place, such as antivirus software or multi-factor authentication. It can also mean ensuring that all devices — especially critical ones — are patched for all known vulnerabilities, as well as implementing ongoing monitoring services to identify any suspicious activity on the network. These are just a few common protections that an MSP might put in place for clients of any size and industry.
However, once the basics are in place, the question many clients may have is this: Am I doing enough for cybersecurity? This is a fair question that any business should ask as cyberattacks continue to rise around the world. It’s one that MSPs should be asking themselves, as well, to be confident that they are constantly providing the latest and greatest technology and services to ensure customer security and happiness.
Stepping it up for Cybersecurity
There are a number of things that an MSP can do to help its customers further enhance their cybersecurity protection. In addition to the basics, an MSP can help its customers implement further protection, such as firewalls, DNS filtering, managed endpoint detection and response, SIEM, SSL inspection, VPNs and other tools.
More advanced MSPs can also consider launching their own security operations center (SOC) to further support their clients. A SOC enables an MSP to offer full-scale, 24/7 monitoring and management of a customer’s environment. It is a costly expansion, but one that may pay off in the long run for better protected clients and higher potential for services revenue from clients.
Another area for an MSP to consider is to offer cybersecurity awareness training and education. While cyberattacks are digital, the unfortunate reality is that the vast majority of attacks still enter environments through phishing or human error, such as clicking on a malicious link or downloading an infected file. By training employees and reinforcing their learning on a regular basis, an MSP can help prevent successful attacks.
- Direct-to-cloud recovery
- Recovery with a bootable drive
- File-level and VM restore
- Remote recovery
Preparing for a Breach
While no company anticipates experiencing a breach, the reality is that it’s likely or maybe even inevitable in today’s threat landscape. For that reason, a critical action that an MSP can take is to prepare a customer to respond quickly and effectively in the event of an attack. The unfortunate reality is that the average breach takes approximately 287 days to locate and contain, and it might take up to 316 days for companies that have more than half of their workforce working remotely.
However, organizations can lower their costs by 30 percent or more if they are able to contain a breach to 200 days or less, according to the same study. MSPs can help accelerate this process by implementing careful monitoring processes to spot behavioral anomalies and identify attacks as quickly as possible.
Additionally, an MSP can assist in preparing the business for what needs to happen if a breach does occur. The MSP can help build a playbook for incident response, as well as run “fire drills” with its clients, so everyone on their teams is ready in the event of an attack. This can include tabletop exercises that run through what to do, who to call, and other actions that need to be taken to limit the days it takes from detection to full remediation.
MSPs can also consider helping their clients implement another proactive measure: cyber-insurance. While cyber-insurance won’t help prevent a breach, it can help mitigate the costs associated if one does occur. The coverage varies across different cyber-insurance policies, but in essence it can help reimburse companies for the costs associated with a breach, including remediation costs, new equipment, public relations, identity protection for affected customers, and more.
Cybersecurity: a New Frontier of Opportunity for MSPs
While cybersecurity is obviously a huge risk for every business, it also presents a unique opportunity for MSPs to not only reinforce their reputation as a trusted advisor but also add new streams of revenue to their business through new services or technology offerings. These are alternative revenue channels that an MSP can add to its existing services offerings, or that help it stand out against its competitors as it looks to sign on new customers.
To get a sense of the scale of this opportunity, one only needs to look at the growth in the managed security services market overall. According to research firm Markets and Markets, the global IT managed security services market will continue, and will reach $43.7 billion by 2026, a compound annual growth rate of 13.9 percent.
To begin, an MSP should carefully consult with each of its clients to understand what’s currently being done around cybersecurity, and then assess how it can help. With all that said, it’s unlikely that any MSP – no matter how good or capable it is — can reduce a client’s risk to zero.
But, by carefully crafting a strategy along with its customers, an MSP can help mitigate as much of that risk as possible. That’s an important role for any MSP to play for its clients.
Simple. Reliable.
About the author
Kurt Abrahams is the Vice President of Marketing at MSP360 with expertise in technology marketing, cybersecurity and AI based technology.