Kaseya Ransomware Attack: 10 Things MSPs Must Do To Protect Themselves
From scrutinizing the security of acquired assets and pen testing software development environments to limiting how much access MSPs have to customers, here’s what Black Hat 2021 attendees said MSPs should do following the Kaseya ransomware attack.
Have Solid Security Fundamentals In Place
MSPs must ensure solid security fundamentals are in place such as multi-factor authentication, robust next-generation endpoint security, and internal personnel dedicated to monitoring and managing those endpoints, according to Sophos CEO Kris Hagerman. MSPs should also conduct regular online backups and retain updated copies of those backups, which he said is a difficult but manageable challenge.
MSPs need to look at their entire supply chain and assess the security profile of each of the different organizations, which Hagerman said creates a substantial additional obligation for MSPs. MSPs should ask important questions about how well-positioned that provider is in terms of their internal security controls and ensure that key cybersecurity best practices have been implemented.
In addition, Hagerman said MSPs themselves need to implement more robust security capabilities to ensure they’re less vulnerable and not promulgating problems in the event of a supply chain attack. MSPs can enhance their security posture by being on the most advanced systems and ensuring those systems are actively patched and monitored.