https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2020 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2020 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Digital Service Providers
  • Cloud Service Providers
  • CHANNEL PARTNERS ONLINE
 Channel Futures

MSSP Insider


Shutterstock

Insomnia

Counting Threats: 5 Things that Keep CISOs Up at Night

  • Written by Pam Baker
  • January 8, 2019
No matter how tight their battle plans, the fear that something got through haunts CISOs.

… additions to the attack surface:

  1. The building comes alive. “Many organizations operate totally unaware of the threats within their buildings. More and more, IoT devices are slipping into company networks without IT’s knowledge, like smart thermostats,” warns Karl Soderlund, senior vice president of worldwide channels at Palo Alto Networks. “These devices can easily go undetected and thus unmanaged from a cybersecurity point of view. Typically, IoT vendors do not actively manage threats, and even if they did announce a vulnerability with a patch, reaching the individual who would know how or what to do with this information is rare. The biggest threat is not knowing the devices are there, and subsequently not providing patches and securing them.”
  2. The cloud gives cover for bad actors. “Many businesses are moving to the cloud and are expressing increased concern about how they can best protect that data — this includes both infrastructure in the cloud as well as SaaS services,” says Rebholz. “MSSPs are increasingly looking to expand their visibility into the cloud, which helps secure the expanded perimeter organizations are building and address a key concern for CISOs.”
  3. Supply chains deliver the bad with the good. “Much of the cybersecurity conversation in 2018 was centered on the threats posed by the supply chain, and how attackers now identify the most vulnerable partners as the attack vector to exploit their primary targets,” said Dror Liwer, founder and CISO at Coronet, a security provider for cloud applications. Thus the fear that a growing number of threats will be in ready supply from this source.
  4. Professional services bite the hand that feeds them. “As attackers continue to identify vulnerable third parties to fulfill their objectives, evidence and common sense suggest that professional-services agencies are the next big target,” warns Liwer. “As such, the professional-services agencies that brands of all sizes regularly rely upon – including but not limited to PR firms, accounting firms, advertising agencies, staffing firms, actuaries and more – must bolster their defenses before an attack occurs.”
  5. Data growth fills the universe, sets off a cacophony of never-ending alarms, and continuously feeds Godzilla-sized attackers. “One top concern for CISOs – and it will inevitably get worse in 2019 – is the sheer size of data sets that must be analyzed to identify security threats that are constantly emerging and disappearing. Even the most efficient technologies can cause alert fatigue in such a data-heavy environment,” says Simon Whitburn, SVP, cybersecurity services at Nominet, the official registry for .UK domain names and a cybersecurity vendor.

Given the scope and diversity of these sleep-depriving worries, what should CISOs and MSSPs focus on to validate their hard work is making a positive difference — and to ensure their continued employment has value to the organization? In short, skip the bells, whistles and confusing data points — and cut straight to the chase.

“Go beyond automated reporting that provides no value to the customer. Show progress over time on how the company environment is more secure; avoid the traps of showing blocked ‘attacks’ or number of alerts triaged,” advises Rebholz.

The focus, he says, needs to be on reducing business risk, and measurably so, such as in reducing the mean time to detection (the amount of time between security event and detection) or the mean time to remediation (the amount of time between detection and remediation).

“Simply put, MSSPs need to highlight not only how an organization has less risk because of their managed services, but also how they can address additional pain points that the CISO has. MSSPs need to focus on evolving from a security vendor to a trusted security adviser,” Rebholz added.

In short, when CISOs and their MSSPs truly become partners, they both tend to sleep better.

  • Page 1
  • Page 2
Tags: MSPs Business of Security MSSP Insider Training and Policies

Related


  • Risk, Threat, Vulnerability Assessment
    Tenable Research: Publicly Known Vulnerabilities Increased in 2020
    Ransomware was by far the most popular attack vector in 2020.
  • SMB cybersecurity
    SMBs’ Cybersecurity Risk Awareness Is Rising
    The majority of SMBs would switch MSPs for the right cybersecurity support.
  • Cybersecurity Roundup
    Democrats to Take Charge of Federal Cybersecurity in Election Aftermath
    Democrats will have their hands full when dealing with federal cybersecurity.
  • DC Capitol Riot
    US Capitol Rioters Pose Cybersecurity Threat Due to Device Access, Theft
    It's not yet known what all the rioters got their hands on or saw.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Is It Time to Switch Your RMM and PSA?
  • Organizations’ COVID-19 Rush to Remote Work About to ‘Backfire’
  • IBM: Cybercriminals Could Disrupt COVID-19 Vaccine Supply Chain
  • FASTCHAT: How Old, Unpatched Technologies Are Creating New Security Threats for MSPs and Their Customers

Galleries

View all

New, Changing Partner Programs: AWS, Tech Data, Avaya, Verizon

January 11, 2021

Industry Perspectives

View all

Help Your Customers Mitigate Malware: Viruses, Worms, and Trojans…Oh My!

January 15, 2021

SMBs’ Cybersecurity Risk Awareness Is Rising

January 13, 2021

Your Cloud Data Is Protected, But Is It Portable?

January 12, 2021

Webinars

View all

Blueprint for a Scalable MSSP Practice in 2021

January 21, 2021

Who’s Behind the Mask? Hacker Personas Explained

January 26, 2021

How Managed Hosting Providers Thrive with the Alternative Cloud

February 24, 2021

White Papers

View all

Why Subscription Business Model

January 15, 2021

The Ultimate MSP Guide to Sales Efficiency

January 14, 2021

Eight Reasons Why MSPs Need IT Industry-Specific Sales Tools

January 14, 2021

Upcoming Events

View all

Channel Partners Virtual

March 2, 2021 - March 4, 2021

Channel Partners Conference & Expo

November 1, 2021 - November 4, 2021

Videos and Fastchats

View all

FASTCHAT: How SOAR Eliminates Security Challenges and Elevates Service Provider Revenues

January 6, 2021

Happy Holidays from Channel Partners & Channel Futures!

December 21, 2020

FASTCHAT: How Old, Unpatched Technologies Are Creating New Security Threats for MSPs and Their Customers

December 3, 2020

Twitter

ChannelFutures

.@IBMServices snaps up #MSP Taos for #hybridcloud expertise. dlvr.it/RqggQR https://t.co/Fy3uPDtLNw

January 16, 2021
ChannelFutures

.@LenovoBusiness launches its thinnest #ThinkPad to date @CES, revamped ThinkBooks and #ThinkReality glasses.… twitter.com/i/web/status/1…

January 16, 2021
ChannelFutures

Help your customers mitigate #malware @Tech_Data #cryptolocker #antivirus #ransomware #cybersecurity… twitter.com/i/web/status/1…

January 15, 2021
ChannelFutures

Advantages of the Subscription business model for MSPs and IT Resellers @kaspersky dlvr.it/RqgDJn https://t.co/ay694fudp3

January 15, 2021
ChannelFutures

Cloud #distributor @Pax8 launches in UK with leadership team in place. dlvr.it/RqfJWx https://t.co/RsKDCowM5V

January 15, 2021
ChannelFutures

bit.ly/3oO2vFY twitter.com/Craig_Galbrait…

January 15, 2021
ChannelFutures

The Ultimate MSP Guide to Sales Efficiency @zomentum dlvr.it/Rqc63q https://t.co/rHIVLkR01K

January 15, 2021
ChannelFutures

Eight Reasons Why MSPs Need IT Industry-Specific Sales Tools dlvr.it/Rqc62k https://t.co/MQDcIYc7G9

January 15, 2021

MSSP Insider

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Channel Partners Online

Want more? Find more channel news and analysis on our sister site, Channel Partners.

Media Kit And Advertising

Want to reach our audience? Access our media kit

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Online
  • Channel Partners Events
  • MSP 501
  • MSSP Insider
  • IoT World Today
  • Webhostingtalk

WORKING WITH US

  • Contact
  • About us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X