Those MSPs offering customers solely cybersecurity services to give protection from cyberattack are missing out on an opportunity to strengthen two of their offerings, while improving their customers’ operational availability.
If you’re like most MSPs today, you either already have or are in the process of growing your cybersecurity practice. It’s a necessary step to remain competitive in today’s market. Some MSPs have chosen to make it an add-on to their RMM services, while others have made a more serious investment of time and money into building out a separate cybersecurity offering.
Regardless of how it’s delivered, a cybersecurity offering is preventative and responsive in nature – that is, it’s designed first to stop attacks from happening, and then provide you with enough detail and insight to remediate the problem. In total, a cybersecurity offering is purely about dealing with an attack both before and after it happens.
But what your customers need is a degree of certainty that, when an attack happens (and they’re going to happen, as SMBs are 3.5 times more likely to experience social engineering attacks, which equates to an average of 17 attacks experienced annually!), they know that not only can you help them stop the attack and eradicate the threat, but that you can also get their business back into a productive state quickly.
This is cyber resilience – the ability to prepare for, work through and, ultimately, recover from an eventual cyberattack. Part of cyber resilience is accomplished using the very same solutions you have in place with your cybersecurity offering. But the intent is different – the end goal isn’t preventative and responsive in nature; on the contrary, the end goal of cyber resilience goes beyond the attack and focuses on the ability of the business to bounce back in the face of an attack.
The Role of Backups in Cyber Resilience
Most, if not all, MSPs offer backups today. The opportunity exists to augment your cybersecurity offering by leveraging backups as the means to recover operations. One important caveat here: if your backup offering fits more into the “backup and restore” category and not the “disaster recovery” category, cyber resilience is going to require that you elevate your offering. Cyber resilience requires that a DR plan be in place – complete with recovery time objectives (RTO) and recovery point objectives (RPO) for all critical workloads and data sets – that you have tested and are ready to put into action the moment a cyberattack occurs.
Further reading Securing Your Digital Data: Achieving Cyberstorage Today
So, backups have a place but, to get to cyber resilience, it’s absolutely essential that you shift the focus from the presence of backups to the ability to recover, augmenting cybersecurity response plans to include the recovery process, so that your customer knows that, should a cyberattack occur, you are able to get them back up and running. This means evaluating your backups from a “how quickly can I recover?” perspective and determining whether you need to modify how you back up (e.g., VM vs. file or application level), when you back up (based on RTOs and RPOs), where backups should be stored (on-prem vs. the cloud), and where you plan on recovering (on-prem or to a virtual recovery environment in the cloud).
Further reading Local, Cloud and Hybrid Network: Which One Should You Opt to?
Getting from Cybersecurity to Cyber Resilience
The good news is that you have the core services already in place to shift from cybersecurity to cyber resilience. Much of the work is going to be in shifting from a backup/restore to a disaster recovery mindset – all in the context of a cyberattack.
The benefit to you is an ability to sell the combined offering to those customers who have either service, as both sets of customers have demonstrated that they value the final result – be it responding to a cyberattack or being able to recover. You’re just offering them each a better version of your service by combining the two.
By offering cyber resilience, you win by increasing service revenue and making yourself “stickier” with your customers, and the customer wins by having confidence that they will be able to bounce back from a cyberattack