MSPs 'behind the ball' with cybersecurity and struggling with the pressure

clock • 4 min read

MSP and ConnectWise exec discuss security pressures, readiness and tackling the issue

Cybersecurity is leaving MSPs constantly catching up and feeling intense pressure, according to channel players.

Joy Beland, senior director of cybersecurity education at ConnectWise, told CPI in an interview that MSPs trying to tackle cybersecurity head-on may be finding it "terrifying".

Meanwhile, Courtney Briddes, VP of managed services operations at Royersford, PA MSP Eb Logix, said that service providers are "behind the ball" when it comes to cybersecurity and that the situation is "scary".

"The first key impact is that [MSPs are] learning a new skill set, and not just protecting their own business but learning to protect their clients," Beland explained. "And that is something that is stressful and either can be something that they embrace and take on and reinvent themselves as a cyber superhero, or it can be terrifying and make them feel like they're behind in everything that they're doing, which is…a really stressful time for the engineers and the owners."

Briddes agreed, adding that MSPs are coming to realize that they are very likely behind the curve when it comes to keeping on top of cybercriminals.

"It's scary; very scary," she said. "It's one of those things where you think that you're doing what you need to do and then you find out ‘wow, we really need to step it up'. And…we're all behind the ball - the MSP industry as a whole is behind the ball and we're in a kind of reactive mode, which is not indicative of what MSPs are supposed to be about. We're supposed to be about being proactive and monitoring and taking care of things before they break."

One of the major problems, Briddes notes, is the resources cybercriminals have access to and how MSPs can tackle that.

"These guys have so much money…and I don't know how we can stay on top of it other than putting together a tool stack that helps to prevent these attacks."

Under pressure

When it comes to the pressure MSPs are feeling, Beland notes that MSP owners and in-house engineers are the people who will be feeling the most pressure from trying to get cybersecurity right. "I think that the owner is feeling such tremendous fiscal responsibility and fear behind everything they've built, and having the knowledge that they may be held accountable for something that they haven't clarified in their contracts, while having to rely on their staff who may or may not have the level of education or confidence or expertise [needed]…"

Technicians and engineers, meanwhile, may find themselves having to incorporate security without the time and money to get the proper education, Beland said, describing this as "a tremendous amount of responsibility on their shoulders".

This is all compounded by the pressure the MSP feels more broadly knowing the potential impacts of a customer breach.

"What I hear and what I see when I talk to MSP owners is how hard it is to be in business now, knowing you could lose it any day, knowing that your entire team - every resource you have - might have to be deployed on something and how are you going to be able to effectively manage the needs of all of your other clients? If there's a major breach at one of your clients, your engineers will be expected to do so much more to secure environments without being given a lot of technical training and support in how to do that."

One way MSPs can tackle the issue is by revisiting how they incorporate cybersecurity training into their culture, Beland said. It's important to consider the benefits of increased training, along with more remote working and more self-care initiatives, she suggested.

As an example, Beland noted that during her time as an MSP owner, she involved her entire staff in incident response training, including operations staff, accounting staff, "marketing, interns, the dispatcher - everybody", she explained.

"All of us went through it together so that the whole team could see what kind of burden is on the backs of the engineers when they go through incident response. And they would learn to support the engineers in ways like ordering lunch for them and just giving them the support that they need in whatever way is the most appropriate at the time."

This, she said, gave the engineers a better level of confidence for carrying out live incident response planning.

"I think the entire team was bolstered in a new way with our internal culture to be really all in and all for one. The separation that naturally starts to happen between technicians and marketing or accounting, for example, in any type of a technology service provider needs to be brought back together to really support the mental health of everybody and make them even more of a team in this kind of an environment."

Related Topics

Author spotlight

Jessica Meek

View profile
More from Jessica Meek

'In a week or two it will blow up' - US MSPs on how they're preparing for mass disruption

Partners weigh in on HP's Xerox U-turn: HP's bleeding cash on print and supplies and they need to fix it

More on Managed Service Provider (MSP)

New speakers announced: Inside Track 2023
Managed Service Provider (MSP)

New speakers announced: Inside Track 2023

CPI’s Inside Track is set to go live April 19 featuring leading channel execs who will explore some of the most prevalent trends in the cybersecurity market

Kelsey Rees
Kelsey Rees
clock 20 March 2023 • 1 min read
(From left to right) Guy Golan, Scott Nursten and Mark Overton
Managed Service Provider (MSP)

MSP Transform: 'Our job is to collaborate with each other… I know that's difficult, there's a lot of egos in the room'

CRN’s MSP-led event heard leaders get candid on predicted spending shifts and how best to utilise cybersecurity

Kelsey Rees
Kelsey Rees
clock 20 October 2022 • 2 min read
Hege Støre to take over as CEO of Nordic MSP Advania
Managed Service Provider (MSP)

Hege Støre to take over as CEO of Nordic MSP Advania

She will take the reins in November after joining the group in 2021 following its buy of Visolit

Kelsey Rees
Kelsey Rees
clock 13 October 2022 • 1 min read
Most read
01

Italy's Esprinet takes over Spanish distributor Lidera for €5.6m

21 March 2023 • 1 min read
02

'Microsoft seems further removed from the coalface than they have ever been in my opinion' - partners react to changes in the Microsoft Cloud Partner Program

21 March 2023 • 7 min read
03

4 things we learned from Bechtle's FY22 results

17 March 2023 • 3 min read
04

Germany's Bechtle snaps up UK VAR Tangible Benefit

16 March 2023 • 1 min read
05

New speakers announced: Inside Track 2023

20 March 2023 • 1 min read
06

IBM swaps Irish distributors after review

17 March 2023 • 3 min read

Spotlight on

'Microsoft seems further removed from the coalface than they have ever been in my opinion' - partners react to changes in the Microsoft Cloud Partner Program
Vendor

'Microsoft seems further removed from the coalface than they have ever been in my opinion' - partners react to changes in the Microsoft Cloud Partner Program

CPI has reached out to partners to get a snap verdict on the new Microsoft partner program shake-up now it has become reality as of October 3

Kelsey Rees
Kelsey Rees
clock 21 March 2023 • 7 min read
Italy's Esprinet takes over Spanish distributor Lidera for €5.6m
Distribution

Italy's Esprinet takes over Spanish distributor Lidera for €5.6m

Lidera focuses on cybersecurity solutions, an area Esprinet said is “central” to the company's strategy

Kelsey Rees
Kelsey Rees
clock 21 March 2023 • 1 min read
HPE snaps up ITOM firm OpsRamp
Vendor

HPE snaps up ITOM firm OpsRamp

Gartner estimates IT operations management (ITOM) to be a $39bn market

Kelsey Rees
Kelsey Rees
clock 20 March 2023 • 2 min read
HPE snaps up ITOM firm OpsRamp
Vendor

HPE snaps up ITOM firm OpsRamp

OpsRamp bills itself as specialist in monitoring and automating IT infrastructure workloads and applications

Kelsey Rees
Kelsey Rees
clock 20 March 2023 • 2 min read