One of the most common ways cybercriminals dump malware payloads onto your customers’ networks is via phishing attacks sent through email. Are you doing everything you can to stop this threat?
Whether cyber criminals are seeking passwords, credit cards, or other sensitive information, the fastest and easiest way for them to get past security defenses is by recruiting your customers’ employees to do some of the legwork. More than 90 percent of these types of attacks, called phishing attacks, come in the form of email. It could appear to be an email from a bank, for example, warning the recipient about the need to update their information. Or, it could be a message from a carrier company informing the recipient about an unclaimed package.
Tens of thousands of companies have been infected with ransomware over the past year, and most breaches originated from phishing attacks where unsuspecting employees took the bait.
There are lots of ways companies can protect themselves from phishing attacks. But, the following two tips highlight the most effective, quickest, and least costly ways MSPs can help their customers fight this threat.
Tip #1: Provide Security Awareness Training
Phishing attacks are about cybercriminals fooling employees into providing sensitive company information — either directly or by clicking a link or attachment that launches malware that steals it. A study released last year by CompTIA, based on input from more than 700 executives and business professionals, found that human error accounted for 52 percent of security breaches. According to the same study, only 54 percent of those surveyed said their company offers some form of cybersecurity training. This statistic is both surprising and alarming, especially when one considers that nearly a third (29 percent) of MSPs only discuss cyber security with clients when a breach or failure occurs.
Security awareness training is a great way for MSPs to build a better rapport with their customers, provide a valuable, much-needed service, and add a viable revenue stream to their business all at the same time. There is no downside.
Training can be delivered in a variety of formats ranging from in-person classroom-style to self-paced online training using multimedia presentations. The training should include security basics, such as not writing passwords on sticky notes. But, the most important goal is to instill healthy skepticism about opening attachments or clicking on links from any entity the user did not request information from. It’s also not a bad idea to validate the effectiveness of the training with a quiz and/or through social engineering testing whereby the MSP poses as a cybercriminal to validate whether the customer takes the bait.
Employees who understand their role in cyber security are much less likely to take the bait. According to PwC’s 2014 U.S. State of Cybercrime Survey, companies that train their employees about cybersecurity best practices spend 76 percent less on security incidents than their non-training counterparts.
Tip #2: Use Cloud-Based Anti-Phishing Protection
Traditional email filters have been the bane of many MSPs’ — and their customers’ — existence. These tools often falsely quarantine legitimate emails containing links or attachments. Or, if they are configured to allow emails with attachments and links, they stop only the most obvious spam messages.
Advances in algorithms and cloud technology, however, make it worth taking a second look at email security solutions. Today’s cloud-enabled email security solutions use advanced behavioral and heuristic detection systems that protect against spoofing. For example, a phishing email claiming to be from FedEx can be immediately removed based on the sender’s email not matching up with its claimed identity. Some email security solutions offer domain name validation, too, which provides additional security protection by confirming the email was sent from a reputable source.
Emails that pass the initial spoof tests are then scanned and monitored against anti-phishing databases, which are constantly being updated in the cloud. MSPs and IT admins can create quarantines, exception lists, and blocked sender lists on a per-user or per-organization basis for additional protection. Finally, cloud-based management capabilities give MSPs and IT admins a global view of all installed devices as well as centrally managed policies and configurations, allowing them to make updates and detect and respond to threats more quickly.
The outdated break-fix paradigm was, “I make money when my customer’s IT stops working.” As an MSP, you are a trusted business partner and IT expert who has a vested interest in keeping your customers up and running. What better way can you fulfill this role than by taking a couple of proactive steps to protect your customers from cyber threats that can cause irreparable damage to their reputation and bottom line? They desperately need help. And, with a little effort and a simple technology upgrade, you can give it to them.
By Chris Crellin, Senior Director of Product Management for Intronis
Senior Director of Product Management Chris Crellin leads product strategy and management for Intronis. Over the past 15 years, Chris has developed a strong record of successfully developing product strategy and driving execution from concept to delivery. Chris joined Intronis from Backupify/Datto, Inc., where he was responsible for product strategy and execution of their cloud backup SaaS portfolio. Prior to Datto, he spent 14 years with RSA, the Security Division of EMC. He was the lead product manager for the RSA SecurID portfolio after having started his career as a software engineer.