As Insider Threats Soar, Code42 Takes Incydr 100% Channel

Written by Kelly Teal
November 24, 2020

MSSPs and their customers needing to fight unintentional – or not – data loss through employees will want to know more.

In 2021, insider threats will make up one-third of the cybersecurity incidents organizations combat, according to Forrester Research. One vendor, Code42, has devised a simple way for managed security service providers to protect their customers – and themselves – from those breaches. And it’s revamping its channel approach to put partners first.

Code42’s Joe Payne

“Insider risk is taking off,” CEO Joe Payne told Channel Futures.

Perhaps that’s what MSSPs need to understand, above all, before looking deeper into Code42 and its Incydr platform.

Insider Threats to Soar in 2021

Starting in just a couple months, the risk of employees leaking data, on purpose or not, will rise from 25% to 33%. That’s what Forrester wrote in its recent report, Predictions 2021. No surprise, that increase stems from the global shift to remote work because of COVID-19. But it won’t just be external bad actors prowling for corporate data who try to put MSSPs and their clients in a bind. More than anything, that problem will come from staff.

Forrester cites three main reasons for the uptick in insider threats. The first, of course, comes from the increase in remote work due to the pandemic. The second results from widespread COVID-19 shutdowns and their subsequent economic fallout. So many jobs are on the line that employees may act out. Third, people can move company data more easily than ever.

“Combined, these will produce an increase of 8 percentage points in insider incidents, from 25% today to 33% in 2021,” Forrester analysts wrote. “The overall number of insider threats will also be pushed higher as firms get better at identifying and attributing incidents to insider activity.”

In fact, this will create a shift within the MSP sector itself. Tech association CompTIA says more MSPs will add security expertise. The MSSP category will get even stronger in 2021 as more MSPs do this, CompTIA says, as they, too, attract the attention of hackers. The essential takeaway, regardless of acronym, is that neither MSPs nor MSSPs can overlook security.

“Cybersecurity, especially during this wave of remote working, is a discipline that is table stakes for all kinds of channel partners,” CompTIA wrote in its Industry Outlook 2021 report. “It’s not a nice-to-have, but a need-to-have. Not having security expertise is a deal breaker for many customers considering whom to work with as a technology provider.”

Employing a zero-trust methodology will prove essential, CompTIA noted.

“Instead of trusting any network behavior or user access that appears to come from a secure location, everything must be verified,” analysts wrote.

Indeed, trusting no one and nothing up front will best protect MSSPs and their customers from insider threats. But doing that without alienating employees, more than anyone else, is tough. The last thing an MSSP or the enterprise’s IT team wants to do is turn workers into malicious insiders, as Forrester noted.

“Considerations for employees’ privacy, company culture and local standards for lawful, fair and acceptable labor practices are key to the success of [an] insider threat program,” the research firm said.

That’s where Code42 comes in. The company believes it has the right solution for both mitigating and addressing insider threats, all through the channel.