Small- and midsize-business owners are increasingly turning to resellers and MSPs to contain security incidents and are entering into long-term IT management discussions to bolster their security posture in the wake of several high-profile threats, according to panelists participating in a formal discussion on the future of cybersecurity in Boston on Thursday.
The notorious Cryptolocker ransomware that spread quickly, locking out consumers and businesses from their computer files, and the open-source Heartbleed vulnerability that required businesses to check often-neglected networking gear, helped bolster interest in regional resellers, consultants and managed security services providers, according to industry analysts, customers, resellers and MSPs in a Dell-sponsored discussion about security over the next decade.
Copycat Cryptolocker threats already are emerging and the future holds more uncertainty about data security, privacy and other issues as organizations of all sizes make the transition to cloud-based services. How attackers may adapt their tactics to future technology trends such as broader cloud adoption and an increasing number of Internet-enabled devices is unclear, the participants said.
"What we're not seeing here is the industry helping us get end users to not click on things that people shouldn't be clicking on," said David Wrenn, vice president of sales at Branford, Conn.-based solution provider Advanced Office Systems. "The human factor behind all of these attacks and the sneakiness of bad people out there writing malware used to capture information is one of the biggest challenges that our industry faces, and one [where] I don't see an end in sight."
Advanced Office Systems helped clients hit hard by Cryptolocker and other threats and added new and former clients that dealt with costly aftermath of the ransomware attack, Wrenn said. While high-profile data breaches at Target and other retailers get the most attention, small- and midsize-business owners are realizing tough losses if they aren't addressing basic security best practices, establishing some security measures and policies, and properly maintaining a system backup, he said.
"Our job as resellers is to educate the customers," Wrenn said. "SMBs especially need some guidance because they need to understand that the Linksys router that they just ran out and purchased is not protecting their customers from being compromised."
Resellers and MSPs are in position to help small businesses establish stronger security measures and get more value out of the technology investment that they make, said Laurie McCabe, co-founder and partner at research firm SMB Group. Unless they are under regulatory pressure to meet minimum security standards, most small- and midsize-business owners will balk at security until a breach or serious security incident disrupts the business, McCabe said.
"SMBs are completely overwhelmed," McCabe said. "Very few of small or even medium businesses can possibly have the internal expertise to run an effective security program and that's where MSPs and resellers can at least sell them the peace of mind that security is being addressed."
NEXT: Advanced Threats Prompt New Security Measures