3 Things MSPs Can Learn About Cybersecurity from Game of Thrones

Rob Simopolous

Last year, Gartner predicted worldwide spending on information security products and services will reach $124 billion in 2019, growing 8.7% over the $114 billion invested in 2018.

To put that in perspective, HBO spent a whopping $90 million on the final season of Game of Thrones, which successfully hit a new record when 19.3 million people tuned in to watch the series finale. If you took the predicted spend for information security products and services and divided it by GOT’s Season 8 budget, HBO could make 1,377 more seasons of GOT. Think about that.

While George R.R. Martin may run out of plot twists, rich characterizations and moral complexities to fill another 1,377 seasons, the worldwide budget shows the vast opportunity for managed service providers to expand and perfect their security offerings in a market that will only become more opportunistic as cybersecurity threats continue to grow – and the money spent on protection increases.

A 2019 global study conducted by Continuum found some 77% of small- to midsized businesses already anticipate that at least half of their cybersecurity needs will be outsourced in five years. However, these businesses are also looking for the right allies and protection. A recent Vanson Bourne’s report found that MSPs in the U.S. are at risk of losing their small business customers if they don’t provide competitive, comprehensive cybersecurity solutions to their customers.

While MSPs have been working in and around security all along, the cybersecurity landscape and the way small businesses look at cybersecurity have evolved. Even for the most cybersecurity-conscious MSP, it can be easy to fall into bad habits or make common mistakes, ultimately putting clients at risk or negatively affecting their business.

3 GOT Cybersecurity Lessons

To help MSPs along their journey from a Night’s Watch steward to a lord commander, here are three things MSPs can learn about cybersecurity from Game of Thrones to prevent a bad ending:

1. Protect thyself: A number of recent breaches of MSPs shows that even the most tech-savvy businesses are susceptible to attacks. It’s important MSPs get their own kingdom in order to help protect their clients and the entire industry.

MSPs often have privileged access into their clients’ networks; they need to in order to do their job. However, this inside access means that if the MSP is breached, the client is at risk as well — the attacker may be able to pivot to access the client’s network. Additionally, clients are beginning to realize the importance of working with vendors that have a strong cybersecurity posture. They trust their MSP with a lot of sensitive information, and will likely feel more comfortable selecting or staying with a provider who shows dedication to their security.

For an MSP, establishing a holistic approach within their own organization is a first step. Incorporating multiple layers of protection and prioritizing cybersecurity best practices is important in keeping a business secure. MSPs in particular should take care to prioritize security measures that affect their clients, such as using two-factor authentication on accounts that access client networks and information, employing the principle of least privilege and following documented offboarding procedures to remove access when employees leave their organization.

2. Go beyond the (fire)wall: Antivirus and firewalls are important protective measures, but they aren’t enough to protect the whole kingdom. Cybercriminals are getting more creative by the day, employing new techniques, and using social engineering to circumvent even the most advanced technology. MSPs need to make sure their clients have a holistic cybersecurity strategy and multiple layers of protection.

There’s no single silver-bullet technology solution for cybersecurity, and its hard think there ever will be. Indeed, it comes back to people that make up the seven kingdoms; the human element will always be at play. An effective cybersecurity program addresses foundational components and cultural aspects while effectively utilizing the right technology. For MSPs, this means it is essential to …