Shutterstock
MSSPs Needed: COVID-19-Fueled Cyber Threats Keep IT Pros on Edge
IT professionals have a lot of security worries on their minds, as the 2020 Cyber Threats Report from Netwrix underscores.
Those concerns stem from the COVID-19 pandemic and the rush to support employee remote work. Bad actors took immediate steps to target organizations that left assets open to attack. And the problems continue, as Netwrix, an IT software security company, has found.
For example, even though more than a third (39%) of respondents clamped down on data security as COVID-19 infiltrated the globe, 24% say their organization remains at greater risk than ever. Along those lines, more than half (64%) say they’re experiencing more frequent cyberattacks. And three in five (60%) have uncovered new security gaps as they’ve moved staff to working from home.
Most of all, 85% of chief information security officers said they sacrificed cybersecurity protocols to get people working remotely as COVID-19 spread.
Each of these findings, among the many others, serves as opportunity for managed security service providers. Channel Futures caught up with Ken Tripp, director of channel accounts at Netwrix, for his thoughts for MSSPs to consider in the wake of the Cyber Threats Report’s findings.
CF: What are the top 3 takeaways from this report MSSPs should consider, and why?
Netwrix’s Ken Tripp
KT: First and foremost, the overall security expertise of an MSSP is needed by the majority of organizations, no matter the vertical or size of business. The findings in this report prove the immense opportunity that exists for MSSPs in the market today.
The second was seeing that the majority of organizations are trying to evaluate their cybersecurity efforts and report the results to the executives, but 41% of them find that they spend too much time on this task. MSSPs can help here by embedding KPIs in their offerings and be diligent in executing quarterly business reviews with their clients. By having this information at hand, management can ultimately better understand security risks and the value brought by the MSSP, which will result in a more protected client base and increased recurring revenues for the MSSP.
The third finding that really caught my eye was that four of the top six most common cybersecurity incidents since organizations went remote are caused by internal users. Those incidents are accidental mistakes by admins (which 27% of organizations experienced), accidental improper sharing of data by employees (26%), misconfiguration of cloud services (16%) and data theft by employees (14%). Even more disturbing, these incidents are among the hardest to detect. Here MSSPs can provide offerings focused on insider threat detection to meet the demand and create new revenue streams.
CF: What surprised you most about the findings in this report, and why?
KT: Well, the largest surprise is obviously that CISOs are willing to admit they cut security corners in the rush to get people productive and working from home — although, in retrospect, this should not come as a surprise. Security has always been an “afterthought” when it comes to ensuring the business is productive. Despite this unique situation, it’s great to hear, based on interest in our solutions for securing a work from home force, that security is quickly catching up.
CF: Any other thoughts you’d like MSSPs to know pertaining to this report?
KT: I’m pretty sure the mature MSSPs know more than I, but in looking at MSPs that are in the midst of transforming to an MSSP, I think this report provides a great road map to making that jump. By identifying the gaps or shortcuts that many organizations have taken, no matter the vertical or size, using this information can provide a strategic talk path to providing value and differentiating themselves amongst the competition.
Netwrix released the 2020 Cyber Threats Report on Tuesday. The vendor surveyed 937 IT professionals worldwide in June of this year to come up with its analysis.
