Even though cyberattacks are hitting the news nearly every day, many businesses still aren’t taking cybersecurity seriously, which is bad news for them, but good news for MSPs.
The number of cyberattacks continues to rise. For example, there has been a 62 percent increase in ransomware globally since 2019, and a 158 percent jump in North America, according to the 2021 SonicWall Cyber Threat Report. There’s an ample amount of opportunity for MSPs to capitalize on selling managed security services.
Here are five blog posts on cybersecurity you may have missed in 2021.
When we think about risk, we treat risk with mitigations controls and safeguards, but a safeguard has differing levels of effectiveness. Strength of control needs to be much different depending on the risk. Understanding their behavior and emulating it. Are your controls operating effectively? Strength of control needs to map the capability of your threat actor. Using threat profiles is one of the top ways to figure out how your enemies operate.
Ask yourself this question: Who’s responsible for your customer’s cybersecurity? You or the customer? Does your customer expect that since they have you as their MSP, they won’t have a security incident? If so, you may have set very unrealistic expectations.
We added a new content track to our FormulaWon training portal called MSP Cyber Security. We’ve been talking here at TruMethods about having defined delivery areas and functions about process and metrics for a long time. Now, you can’t secure yourself or your customers without this level of command and without having a concrete MSP framework. This is a great opportunity for every TruMethods member.
MSPs are getting creative with their sales conversations. For example, some MSPs are offering qualified prospects free risk assessments in an attempt to move their sales discussions along. While this is a potential strategic tool to use with qualified prospects, be careful making assessments a part of every sale, as there could be unintended consequences.
With enough information gathered freely online or via low-level breaches of email accounts, criminals can craft email messages that are convincing enough to trick even somewhat skeptical employees. That means security awareness training must be part of a holistic security offering. This ensures that the investment the client has made in advanced security technology will pay off and generates revenue and business opportunities for the MSP.