Three Cybersecurity Mistakes to Avoid in 2019

January 14, 2019

MSPs do not have the luxury of giving up on their cybersecurity resolutions.

On average, about two-thirds of people give up on their new year’s resolutions by February. It is easy to give up on goals like eat less sugar, work out or read more books with little to no consequence. However, when it comes to cybersecurity resolutions, MSPs do not have this luxury. Indeed, with recent reports of hackers targeting MSP networks, it is more important than ever to ensure that your business and your clients are set up for cybersecurity success in 2019. Here are three mistakes you definitely do not want to make this year.

Assume you are not the target.

While you may preach cybersecurity readiness to your clients, many MSPs tend not to consider themselves as viable targets for hackers and other malicious actors. This could not be further from the truth. Many MSPs have unparalleled access to SMB and enterprise networks, which in turn makes any services provider the Costco of network access for cybercriminals. They can easily “buy in bulk” and get twice the haul that they would normally find with targeting just one business.

This trend is more and more of a concern. In fact, the U.S. Department of Justice recently charged two Chinese hackers with breaking into MSPs to hit end-customer networks all around the world. Every MSP and client network could be vulnerable if the proper steps to secure said networks are not taken.

Rely solely on endpoint security for protection.

Many have heard the term “layered security,” and they know how this approach to building out a cybersecurity defense strategy can be effective in curbing hackers’ attempts. Not enough solution providers take this approach seriously, as they worry only about protecting their devices with endpoint security.

Layered security is about creating multiple levels of protection against hackers. A big part of layered security is ensuring not only that targeted machines and networks are protected, but also that the potential attack vectors that malicious actors may utilize to deliver a payload are neutralized.