‘Cyber-Security: From Complacent to Critical’ – Atera’s joint Webroot Webinar Highlights

Highlights from Atera’s joint Webroot Webinar ‘Cybersecurity: From Complacent to Critical’

October is Cybersecurity Awareness Month, and to coincide with this important outreach, Atera joined forces with Webroot to provide an informative and educational webinar on the cyber-security shift, presented by George Anderson, Product Marketing Director at Webroot.

Cyber-threats continue to grow in volume, sophistication and effectiveness, and today’s SMBs are struggling against the risk. If you missed the webinar, don’t worry! Here are our highlights, including the essential 8 security offerings for today’s MSPs.

 

Throwing Money at Cyber security is Not a Solution for Today’s SMBs

 

Today’s cyberthreat landscape is growing in complexity and risk, with 71% of ransomware attacks aimed at SMBs, costing $8 billion in 2018 alone. According to Cyber-security Ventures, damages from cyber-crime are projected to hit $6 trillion annually by 2021, much of this down to compliance, as 56% of breaches take more than 9 months just to discover, let alone to report and mitigate.

Many SMBs might assume that budget is one of the largest barriers to protecting themselves and their clients from this reality, but research from Forrester shows that they would be wrong. In fact, companies that spent 21%-30% of their IT budget on security had similar breach results to those that spent 11%-20%, and were not significantly better protected than those who spent less than 10%.

 

 

Despite Not Intending to be MSSPs, Evolution is the Only Way to Keep your Clients Safe

 

The Forrester research also shows that SMBs are spending on services over security products, recognizing that they do not have the expertise in-house to handle the security threat. While SMBs are spending their money on various security solutions from backups and disaster recovery solutions, to cloud security or technical support, it’s clear that this is not protecting their businesses enough. Today’s SMBs recognize that IT Security is the cost of doing business, not merely insurance in case of an unlikely emergency. They would rather be spending the money on a service that provides expertise, products and support.

Enter MSPs, who can take on some of the mental as well as physical load, especially as they already have a lot of the management or documentation tools they might need, as well as a greater breadth of expertise and know-how. This, alongside the increasingly common trend of MSPs themselves becoming the target of insidious attacks means that today’s Managed Service Providers are being expected to up their security game.

 

 

The chart above shows the relationship between up-skilling as an MSP and increasing revenue. The more security offerings you can provide for SMBs, the more valuable you will become for today’s critical security landscape. As an individual MSP, you need to consider what you currently offer, what you would like to offer in the future, and the level of risk you feel is involved in moving from one to the other.

 

Make Sure You’re Covering the Critical Security Needs for your Clients

 

The webinar looked at some of the best practices for MSPs, including the behaviors to avoid, and the tactics that could help your business stand out from the competition when it comes to security. The Australian Cyber security Center’s Essential Eight is a great start for offering mitigation, especially if your MSP is still at the stage of providing basic IT security and looking to up its game.

Creating a platform solution where you can offer these as a baseline, either with your own skill set and resources, or with integrated partners, helps you to move along the maturity model shown above, and simultaneously increase your worth and value to your clients. Top tips include to look for API integrations with SIM/SIEM vendors, MDR integrations, or full partnerships with third-party integrations. Let’s look at the Essential Eight:

 

  • Application white-listing of approved/trusted programs to avoid the execution of unapproved/malicious programs and installers.
    Why: All non-approved applications are prevented from executing, which includes malicious code.
  • Patching Applications. Patch/mitigate computers with ‘extreme risk’ vulnerabilities within 48 hours. Use the latest version of applications.
    Why: Security vulnerabilities in applications can be used to execute malicious code on systems.
  • Configuring Microsoft Office macro settings to block macros either in ‘trusted locations’ with limited write access or digitally signed with a trusted certificate.
    Why: Microsoft Office macros can be used to deliver and execute malicious code on systems.
  • User application hardening Configure web browsers to block Flash (or ideally uninstall it), ads and Java on the internet. Disable unnecessary features in Microsoft Office (e.g. OLE), web browsers and PDF viewers.
    Why: Flash ads and Java are popular ways to deliver and execute malicious code on systems.
  • Restricting administrative access to operating systems and applications based on user duties. Regularly revalidate the need for privileges. Do not use privileged accounts for reading email and web browsing.
    Why: Admin accounts are the ‘keys to the kingdom.’ Adversaries use these accounts to gain full access to information systems.
  • Patching operating systems Patch/mitigate computers (including network devices) with ‘extreme risk’ vulnerabilities within 48 hours. Use the latest operating system version. Do not use unsupported versions.
    Why: Security vulnerabilities in operating systems can be used to further the compromise of systems.
  • Multi-factor authentication including for VPNs, RDP, SSH, and other remote access, and for all users when they perform a privileged action or access and critical repository.
    Why: Stronger user authentication makes it harder for adversaries to access sensitive information and systems.
  • Daily backups of new/changed data, software and configuration settings, stored disconnected, and retained for at least three months. Test initially, annually and when IT infrastructure changes.
    Why: To ensure information can be accessed following a cyber security incident.

 

Make Security Your Next Differentiator

 

SMBs are actively looking for a better solution to their security challenges than buying disparate solutions that have not been shown to markedly reduce the threat landscape. Platforms that integrate as many of their security needs as possible are hugely preferable, taking the hassle of security off their hands.

This is a huge opportunity for today’s MSPs. It’s time to think about how much of this gap you want to fill.

 

If you enjoyed these highlights, make sure you make time to hear the whole webinar, which is a real springboard to success in the security world for today’s MSP companies.