ConnectWise Cybersecurity GM: You Can Never Be 100 Percent Secure
‘When [MSPs] do business with us it’s, ‘What are you doing to protect your platform?’ Then we hear, ‘What does good security look like? What do we have to do? What‘s the minimum we should sell? How do we offer the services out?’ We do whatever we can to make sure we’re secure.’– Raffael Marty, general manager of cybersecurity at ConnectWise.
Raffael Marty, general manager of cybersecurity at ConnectWise, said no one can 100 percent be secure when it comes to cybersecurity. But that doesn’t mean the Tampa, Florida-based vendor isn’t doing everything and anything to help its partners and their customers work in an air-tight environment.
During its IT Nation Secure event in Orlando, Florida this week, ConnectWise unveiled its partnerships with ControlCase, a compliance-as-a-service provider, and FifthWall, a cyber insurance broker, to provide education, automation and assistance to help MSPs prepare for and procure insurance, eliminating dozens of steps they and their customers would otherwise have to take.
“We‘re going to make it a little easier for MSPs to get cyber insurance and show that they actually have done the things that reduce the risk,” Marty said.
ConnectWise is not unfamiliar with cybersecurity risks. In 2020, multiple ConnectWise partners were hit with ransomware through a software vulnerability in ConnectWise Automate. And this past May, security firm Blackpoint Cyber issued a blog post warning that it observed MSP remote control software from ConnectWise being deployed by bad actors in cyberattacks.
“We have a promise to partners to keep the ConnectWise Asio platform secure as cyber threats evolve, keep data privacy on top of mind, adhere to industry and government standards, and comply with the latest regulations across products and services,” a Connctwise spokesperson said in a statement. “Across ConnectWise, we put security first. We also have specific teams dedicated to threat intelligence; we continuously research, detect, and assess potential threats through Cyber Research Unit (CRU). In addition to sharing this information with the community regularly, we’ve built resilient and flexible programs, products, and services to help partners meet their cybersecurity goals that protect their customers and their business.”
CRN sat down with Marty at the show to talk cybersecurity and what ConnectWise is doing to help its partners minimize their security risks now and in the future.
You mentioned during the keynote that you can never be 100 percent secure. Why do you say that?
In cybersecurity, there’s no target hard enough to not break into. If you have enough time and enough money you can get in anywhere, it doesn’t matter. If I had a billion dollars and I go to an insider in an organization, I can probably bribe them to get in. There‘s always a way in. You might have a super-trusted group of people that you just can’t bribe, but if you wait long enough then you infiltrate someone in that group.
ConnectWise launched its ConnectWise research unit a year ago. How has it evolved over the last year?
We’ve added more people and started putting more processes in place, like making sure that we are supporting our existing tools. They have been tightly integrated into the ConnectWise SIEM platform so that they‘re building content for that. They have started building out infrastructure for their tasks and are hooked into all kinds of different threat intelligence sharing communities and 37 feeds that come into their intelligence platform.
We are a Microsoft MAPP (Microsoft Active Protections Program) partner where we get access to some early information when Microsoft sees things.
Why is ConnectWise’s RMM platform better than Kaseya’s?
I don’t know Kaseya’s that well but with the ASIO platform, we’re integrating all the different tools and we are pushing more and more security use cases. We have a partnership with Intel where they have a capability in the chip to find ransomware and so we‘re building that into our RMM. You’re going to see use cases showing up in the RMM, it‘s just natural to add those. Nobody is going to buy RMM or security or EDR or MDR, they’re going to buy use cases. They’re going to say, ‘I want to protect my endpoint.’ We’ll say, ‘This is the price and this is how we’re going to deliver it.’”
You said some MSPs still aren’t taking security seriously, why do you think that is?
It’s a matter of a skill. It’s a matter of prioritization. They say, ‘I‘m not going to be a target. Why would someone want my information? I don’t have important information.’ They don‘t realize that it’s going to have an impact if their customers are down. It’s mostly not understanding the risk and not prioritizing it.
What are you hearing from partners and their biggest concerns when it comes to cybersecurity?
When they do business with us it’s, ‘What are you doing to protect your platform?’ Then we hear, ‘What does good security look like? What do we have to do? What‘s the minimum we should sell? How do we offer the services out?’ We do whatever we can to make sure we’re secure.
What is some of the confusion or challenges around cyber insurance?
The insurance industry has a challenge. They‘re sending out questionnaires and you answer them in some way, hopefully truthfully, but there’s not really a method of giving them real evidence. Sometimes they ask for some evidence, but how do you present that? The process is not there to do it, so the challenge with insurance companies is really making sure that they understand what‘s the current state. The second piece is the insurance company…they’re mathematicians. They look at these actuarial tables and say, ‘Here’s the risk, this is the number that we‘re going to insure you for.’ That’s how their models work. So how do you bring security posture and understanding of what does it mean for having an EDR (endpoint detection and response) deployed? How much does that bring the risk down? That‘s where we are trying to also work with some of these data providers that help insurance companies work that kind of information into their risk models.
What cybersecurity trends are you watching right now? What do you think is going to emerge the second half of 2022 and into 2023?
I‘m looking at what’s happening for MSPs and the regulation coming down that we will have to help them with it. And on the product landscape, where we should extend our offerings. What is most useful for the MSPs to bring on board and bring that into our platform? Because in the end, we don‘t want to be a reseller on the product side. The more we bring into our platform, the more we can make that platform vision a reality.