Kaseya Ransomware Attack: 10 Things MSPs Must Do To Protect Themselves
From scrutinizing the security of acquired assets and pen testing software development environments to limiting how much access MSPs have to customers, here’s what Black Hat 2021 attendees said MSPs should do following the Kaseya ransomware attack.
Hire And Empower CISO To Drive Internal Security
Customers are increasingly asking MSPs about what security controls they have in place, and while MSPs serving large enterprise customers have typically already invested in internal security, many MSPs in the SMB space have not, according to Netskope Founder and CEO Sanjay Beri. Specifically, Beri said MSPs providing operations and network management services often haven’t invested enough around security.
MSPs need to employ a Chief Information Security Officer (CISO) and should empower them by putting a reporting structure in place that allows the CISO to communicate directly with the board of directors, he said. MSPs need to at least triple and possible quintuple their security investment by building out risk, data protection and vulnerability scanning teams to help keep their customers safe, according to Beri.
MSPs runs on small margins, which Beri said has historically limited how much they invest into security. But the vendors they get PSA and RMM software from also ran on low margins and traditionally did only what was needed from a security perspective, according to Beri. MSPs that want to thrive in the future need to build one of the best security teams out there, Beri said.