NEW ORLEANS -- Managed service providers, regardless of the level of their security expertise, have all been thrust into the cybersecurity arena.
That was the message confronting MSPs at the MSPWorld 2017 conference this week, hosted by MSPAlliance, an organization for managed and cloud service providers. Conference speakers painted an unnerving picture of today's threat landscape, highlighting cyberattacks that ranged from lone criminals distributing Ransomware to foreign governments hacking into U.S. infrastructure. As a result of this precarious environment, the average MSP can no longer ignore its customers' security needs and must recognize the vital role it must play in the cybersecurity market.
"[MSPs] represent the frontline of defense against [the] onslaught of cyberattacks," said Charles Weaver, CEO of MSPAlliance, based in Chico, Calif. "This is a global fight, and [MSPs] are at the thick of it. That is the opportunity that we have."
Security should dominate the MSP agenda
MSPs can implement a number of quick-acting measures to reduce their customers' attack surfaces, Weaver said. In the conference's opening keynote, retired FBI special agent Brent Watkins outlined some of these practical methods, which included deploying firewalls.
"I have learned along the way that firewalls get a bad rap. ... And it can be true that [they are] easy to bypass in some circumstances. Why is that? Because they are not administered well. [But] if you take a next-gen firewall that has all the patches and people configuring and doing the right thing, it's going to be quite effective at the perimeter blocking a lot of stuff," he said.
Watkins emphasized patch management as another critical security measure. "If you keep up on your patches, you are going to reduce your attack surface greatly," he said. He noted that patch management, along with whitelisting, will take care of about 85% of threats.
Additional methods include addressing customers' outdated technology, disabling content in Microsoft Office files, removing local administrator rights and blocking unknown or uncategorized websites.
In a session on the threat of malware and ransomware, Kevin Haley, director of security response at Norton by Symantec, stressed the strategic importance of email security. "The vast majority of [malware and ransomware] is coming through email. ... It's just become so effective, so efficient, so cheap that the attackers are using it," he said. "Email security, which was considered pretty boring for a number of years, is pretty exciting at this point. Or, at least, we've got to be paying attention to it."
Many of the vendors attending MSPWorld 2017 also had a strong security message for MSPs. AVG Business by Avast, which provides remote monitoring and management software integrated with security capabilities, is currently looking to recruit security-minded VARs and MSPs, and it plans to relaunch its partner program this summer.
Sean Sykes, managing director, Americas, at Avast Software, said the company sees a huge opportunity for partners to offer security offerings in the small and medium-sized business (SMB) space. The stakes in the SMB segment can be particularly high, as a costly ransomware infection could potentially put a small company out of business, he said. Many SMBs today recognize that vulnerability.
Cloud distributor Pax8 Inc. also sees a huge opportunity for MSPs that embrace the cybersecurity market. Ryan Walsh, senior vice president of partner solutions at Pax8, based in Englewood, Colo., said security is constantly evolving, which lets MSPs continually find ways to add value for their customers. He noted that Pax8 offers a broad security portfolio featuring Symantec offerings and will remain focused on the cybersecurity market.
Transitioning into MSSPs
Once an MSP recognizes it can't ignore today's cybersecurity trends, how does it build a managed security practice? In the session, "Moving the MSP to MSSP," Martin Caise Jr., partner technical enablement manager at Kaspersky Lab, described various steps that MSPs can take to get started.
"When we talk about managed services and managed security services, we're really talking about two different [philosophies]," Caise said.
When we talk about managed services and managed security services, we're really talking about two different [philosophies].
Martin Caise Jr.partner technical enablement manager, Kaspersky Lab
According to Caise, MSPs can adjust their philosophies and develop security practices by executing the following:
MSPs can start by learning how to secure their own organization and developing security best practices internally. Doing so can make it easier to sell security to customers, he added. "If you are doing it, why shouldn't [customers] be doing it?"
Identify the right security tools, "whether that's perimeter controls, firewall technologies, antivirus [or] identity management systems," and where they can best be used.
Get a risk assessment and assess customers' environments both physically and technologically.
Re-establish trust with customers. "You are changing your philosophy. You are saying, 'No, this is more than you just picking up your phone to tell me your computer is broken. We want to change our philosophy and become more security-minded to protect your data,'" he said.
"From a security standpoint, you have got to make sure you have identified the vulnerabilities and have a way to stop those vulnerabilities," Caise said. He added that data is the most critical component of customers' technology, which "happens to also be the most vulnerable."
Next Steps
Get more tips for building security practices
Large companies emerge as key demographic for IT security services
