ConnectWise’s New TSP-ISAO Program Creates Hub for Cyberthreat Information

Back in August, ConnectWise announced the creation of the Technology Solution Provider Information Sharing and Analysis Organization (TSP-ISAO), with the mission of advancing cybersecurity resilience for TSPs around the world. The TSP-ISAO is intended to serve as the focal point for dealing with all cyberthreats to TSPs.

At IT Nation Connect 2019 last week, founder and former ConnectWise CEO Arnie Bellini, along with MJ Shoer, executive director of the newly formed TSP-ISAO, officially announced the program, created in conjunction with CompTIA and the University of South Florida.

Channel Futures sat down with Bellini and Shoer at IT Nation Connect to get the scoop.

When it comes to cybersecurity, there is a massive gap in education, skilled talent, know-how and resources in the industry. At the same time, as we are all too aware, threats are mounting and becoming increasingly targeted and malicious.

According to Bellini and Shoer, MSPs are fighting a battle that they can’t win on their own, and up until recently, have essentially been left to feel around in the dark.

ISAOs are independent nonprofit organizations sanctioned by the U.S. government that share threat intelligence within a specific community or industry. For example, the financial industry has a threat-sharing organization that it uses to analyze threats and deal with them accordingly.

Sounds great, right? Problem is, one such organization or dedicated database doesn’t exist for the managed service or technology solution provider realm.

MJ Shoer

“There are overarching and market-specific ISAO organizations, but there’s nothing in our space,” said Shoer. “MSPs are overwhelmed by information; they can’t keep up with it. I can’t tell you how many conversations I’ve had over the last two days (at IT Nation Connect) that point to the fact that folks are starving for actionable, real-time information — information they don’t have to weed through to determine, ‘Is this a false positive, or is this something I really need to worry about? Is this impacting me? Is this impacting me and my clients?’ The vision/goal of TSP-ISAO is to take things to a level no one has even conceived of at this point — giving MSPs/TSPs information that they can both consume and act on.”

The key is to bring automation to the table, which is Bellini’s vision.

“The problem is that we’re relying on skilled human beings to solve this [cybersecurity] problem,” says Bellini. “That’s never going to work. There is a talent shortage, skill gaps, a shortfall of cybersecurity professionals … and these gaps are only going to widen. We have to automate this.”

The ISAO initiative plans to accomplish this by creating a security orchestration and automated response (SOAR) language that is open source. The goal, lofty though it may be, is to fully automate things from point A to point Z, with full protection.

ConnectWise’s Arnie Bellini

“Cybercriminals have set their sights on technology solution providers, and it’s time the industry come together to do something about it,” said John Ford, chief information security officer for ConnectWise, in the initial announcement about the initiative. “To that end, the TSP-ISAO will provide services that help vendors of all sizes accelerate the maturity of their cybersecurity and compliance programs. This includes providing information, intelligence and benchmarking information relative to the technology solution provider community, including the effective use of self-­assessment tools.”

The initiative is also an incredible education and empowerment opportunity for TSPs and MSPs.

“It’s a game changer,” said Bellini. “It’s an absolute game changer. We’ve got the right individuals and organizations behind it for the right reasons. And that will absolutely ensure the success of the initiative. No question.”