MSPs 'behind the ball' with cybersecurity and struggling with the pressure

clock
MSPs 'behind the ball' with cybersecurity and struggling with the pressure

MSP and ConnectWise exec discuss security pressures, readiness and tackling the issue

Cybersecurity is leaving MSPs constantly catching up and feeling intense pressure, according to channel players.

Joy Beland, senior director of cybersecurity education at ConnectWise, told CPI in an interview that MSPs trying to tackle cybersecurity head-on may be finding it "terrifying".

Meanwhile, Courtney Briddes, VP of managed services operations at Royersford, PA MSP Eb Logix, said that service providers are "behind the ball" when it comes to cybersecurity and that the situation is "scary".

"The first key impact is that [MSPs are] learning a new skill set, and not just protecting their own business but learning to protect their clients," Beland explained. "And that is something that is stressful and either can be something that they embrace and take on and reinvent themselves as a cyber superhero, or it can be terrifying and make them feel like they're behind in everything that they're doing, which is…a really stressful time for the engineers and the owners."

Briddes agreed, adding that MSPs are coming to realize that they are very likely behind the curve when it comes to keeping on top of cybercriminals.

"It's scary; very scary," she said. "It's one of those things where you think that you're doing what you need to do and then you find out ‘wow, we really need to step it up'. And…we're all behind the ball - the MSP industry as a whole is behind the ball and we're in a kind of reactive mode, which is not indicative of what MSPs are supposed to be about. We're supposed to be about being proactive and monitoring and taking care of things before they break."

One of the major problems, Briddes notes, is the resources cybercriminals have access to and how MSPs can tackle that.

"These guys have so much money…and I don't know how we can stay on top of it other than putting together a tool stack that helps to prevent these attacks."

Under pressure

When it comes to the pressure MSPs are feeling, Beland notes that MSP owners and in-house engineers are the people who will be feeling the most pressure from trying to get cybersecurity right. "I think that the owner is feeling such tremendous fiscal responsibility and fear behind everything they've built, and having the knowledge that they may be held accountable for something that they haven't clarified in their contracts, while having to rely on their staff who may or may not have the level of education or confidence or expertise [needed]…"

Technicians and engineers, meanwhile, may find themselves having to incorporate security without the time and money to get the proper education, Beland said, describing this as "a tremendous amount of responsibility on their shoulders".

This is all compounded by the pressure the MSP feels more broadly knowing the potential impacts of a customer breach.

"What I hear and what I see when I talk to MSP owners is how hard it is to be in business now, knowing you could lose it any day, knowing that your entire team - every resource you have - might have to be deployed on something and how are you going to be able to effectively manage the needs of all of your other clients? If there's a major breach at one of your clients, your engineers will be expected to do so much more to secure environments without being given a lot of technical training and support in how to do that."

One way MSPs can tackle the issue is by revisiting how they incorporate cybersecurity training into their culture, Beland said. It's important to consider the benefits of increased training, along with more remote working and more self-care initiatives, she suggested.

As an example, Beland noted that during her time as an MSP owner, she involved her entire staff in incident response training, including operations staff, accounting staff, "marketing, interns, the dispatcher - everybody", she explained.

"All of us went through it together so that the whole team could see what kind of burden is on the backs of the engineers when they go through incident response. And they would learn to support the engineers in ways like ordering lunch for them and just giving them the support that they need in whatever way is the most appropriate at the time."

This, she said, gave the engineers a better level of confidence for carrying out live incident response planning.

"I think the entire team was bolstered in a new way with our internal culture to be really all in and all for one. The separation that naturally starts to happen between technicians and marketing or accounting, for example, in any type of a technology service provider needs to be brought back together to really support the mental health of everybody and make them even more of a team in this kind of an environment."

More on Research

Former Forrester principal global analyst Jay McBain joins Canalys

Former Forrester principal global analyst Jay McBain joins Canalys

Channel market research firm announces the addition of McBain to lead its North American research program

Nima Green
clock 05 April 2022 • 1 min read
Fewer women now leading Fortune 500 tech companies than five years ago, global report finds

Fewer women now leading Fortune 500 tech companies than five years ago, global report finds

The number of women at the helm of Fortune 500 tech firms has fallen by 14 per cent in the last half decade

Josh Budd
clock 18 February 2022 • 2 min read
Global IT spending to rack up $4.5trn in revenues in 2022 - Gartner

Global IT spending to rack up $4.5trn in revenues in 2022 - Gartner

The analyst also predicts the reliance of external consultants to develop organisations’ cloud strategies will rise

Kelsey Rees
clock 19 January 2022 • 2 min read

Spotlight on

Kyndryl and Veritas Technologies launch joint critical data protection managed service for enterprise customers

Kyndryl and Veritas Technologies launch joint critical data protection managed service for enterprise customers

Kyndryl will serve as Veritas’ Platinum Services Partner, enabling deployment, migration, and delivery of Veritas as a managed service

Kelsey Rees
clock 22 June 2022 • 2 min read
Bechtle doubles warehousing space in Germany with new site

Bechtle doubles warehousing space in Germany with new site

The facility will help ‘dramatically’ cut the German VAR's carbon footprint due to its advantageous location close to a port

Kelsey Rees
clock 22 June 2022 • 2 min read
French vendor Alcatel-Lucent Enterprise chooses Nuvias to grow in the Nordics and Baltics

French vendor Alcatel-Lucent Enterprise chooses Nuvias to grow in the Nordics and Baltics

Alcatel-Lucent Enterprise says it wants to grow its networking solutions business in the enterprise segment of both regional markets

Kelsey Rees
clock 22 June 2022 • 1 min read
Microsoft MSP Avanade expands in the Netherlands with Asysco acquisition

Microsoft MSP Avanade expands in the Netherlands with Asysco acquisition

The Asysco team will focus on Avanade’s core business in Europe and North America

Kelsey Rees
clock 21 June 2022 • 1 min read