Cybersecurity Practices

Chris Swagler | September 13th, 2022


Managed service providers (MSPs) want to provide their clients with the best services, including maintaining their data security and updating their systems. Having a complete command of information security fundamentals is the first step in communicating between MSPs and their clients’ teams. Companies have prioritized cybersecurity, however, factors like increasing remote work are speeding up the growth of cyber threats. Our threat intelligence indicates 30% of people working from home disregard basic cybersecurity practices. According to 67% of IT leaders, they receive complaints about the restrictive security policies on a weekly basis. An increase in incidents was caused by careless approaches to security.

More than 80% of reported security incidents involved phishing attacks with Google registering a total of 2,145,013 phishing websites in January of 2021. The United States Treasury reported that it had connected $5.2 billion in Bitcoin transactions to ransomware payments. When it comes to ensuring that clients adhere to basic cybersecurity practices, MSPs play a crucial role. Cyberattacks not only pose a risk to clients’ financial and legal standing but also to their immediate security. MSPs handle their clients’ website infrastructure and general tech support. However, are MSPs providing the best services if their companies are not applying fundamental cybersecurity practices? Here are some fundamentals to consider.

Fundamental Cybersecurity Practices

Cybersecurity Strategy for Each MSP Client

MSPs use on average 45 different tools as a part of their tech stack. Each of the tools may appear to play a crucial role on paper, however, they may not work in practice. Is it possible for the MSPs’ teams to effectively monitor, maintain, and master all the tools at the same time? MSPs need to examine all the tools they employ and analyze how each one benefits their clients to prevent bloat.

To better understand clients’ needs from the outset, numerous companies include cybersecurity assessments in their pre-sales toolkit. The primary objective is to use the appropriate tools with the appropriate clients and without any extraneous additions. MSPs need to anticipate their clients’ needs because 92% of companies have stated that they would use a new IT service provider if they offered the “right solution.”

Know Where Backed-Up Data Is Stored

MSP clients have important data, projects, and assets that if lost, can have serious consequences. It’s important for MSPs to not only back up their data but maintain logs of where all the data is stored so that MSPs have backups in case anything happens.

Keep Clients’ Networks and Devices Protected

Having strong passwords is an essential security practice. Google reports that 52% of American adults use the same passwords across multiple websites. There are numerous apps and websites which allow users to create and remember complex passwords. Multi-factor authentication needs to be used on all clients’ websites and accounts as one of the cybersecurity practices. They will be informed if anyone other than the account owner attempts to log in. Suggest clients use a Virtual Private Network (VPN) and a firewall. VPNs are important because they encrypt clients’ internet traffic and can be used to conceal their identity and location. Employees working remotely often have insecure networks and therefore, a VPN is extremely useful for them. Ensuring MSPs’ clients encrypt all hard drives to protect clients from breaches is another area of concern. The Identity Theft Research Center estimates that there were 17% more data breaches in 2021 than in 2020. Encryption can help MSPs protect client data.

Monitoring Potential Cyberthreats

When the news came out about the vulnerability in the Log4j Java logging package, it became a huge story across the information and cybersecurity industries. There will likely be more news stories as threats continue to evolve, along with lessons that MSPs and end users can apply. The good news is that keeping up with industry news is easy for MSPs due to the numerous tools that are available. MSPs have an automated approach to dealing with any threats when tools can do monitoring for their team. One tool is called “TweetDeck”, which allows MSPs to create organized feeds to track any keyword/subject you want. Additionally, MSPs can configure theirs to not only notify them of newly discovered threats but also track what experts are saying about the threats. Another tool called “Feedly”, like TweetDeck can be configured to track certain keywords. MSPs will receive articles, blogs, and other long-form written content instead of tweets. Even though these resources are a good place to start for receiving regular updates on cybersecurity threats and trends, numerous MSPs need more specialized knowledge to serve their clients.

Have an Incident Response Plan for Each Client

Having an incident response plan can provide details on how clients will respond to threats. Breaches and incidents will occur regardless of MSPs having all security measures employed. A proper incident response plan is important because of how quickly problems are identified, and isolated, and informing the proper stakeholders usually determines how much harm they create. The essential elements are:

  1. Post-Breach Activities – MSPs need to contact their clients’ insurance companies to assist with any activities needed for their clients to file a claim. MSP teams need to immediately contact their SOC while conducting an isolated backup of everything, including infected or encrypted computers.
  2. Identification – Review, investigate, and record all details about the incident thoroughly.
  3. Preparation – Use the information from the preparation phase to assess the security perimeter for the incident together with a cybersecurity company’s SOC.
  4. Containment – Identify the attack vector used and neutralized any active threats while preventing the breach from spreading and causing more harm.
  5. Remediation – Go through all isolated machines to identify and remove the breach’s primary source.
  6. Recovery – MSPs need to restore and return affected systems to production environments once all previous steps have been completed. After everything has been restored, but before users are permitted back into the networks, MSPs need to run a new backup operation.
  7. Debrief – MSPs need to determine the lessons learned from the breaches and how to communicate them to the clients by working with a cybersecurity company’s SOC. MSPs need to thoroughly debrief their clients to put a security plan in place to defend against future attacks.

With the security landscape always changing, it’s important for MSPs to utilize the basic cybersecurity practices mentioned above to assist their clients. When MSPs need to help their clients build their security stack to tackle all threats, SpearTip helps MSPs defend their clients’ data networks and move beyond the basics of cybersecurity practices. At SpearTip, our pre-breach risk services allow MSPs to upsell their security offerings into their current catalog. SpearTip’s ShadowSpear Platform, an integrable managed detection and response solution, allows MSPs to focus on their clients’ core IT objectives while providing industry-leading protection against malicious threats. By partnering with SpearTip, MSPs receive a turnkey SOC and a team of certified engineers dedicated to their accounts on a 24x7x365 basis

If your company is experiencing a breach, call our Security Operations Centers at 833.997.7327 to speak directly with an engineer.


Connect With Us

Featured Articles

Security Awareness Training
Security Awareness Training Crucial Role
22 May 2024
Phishing Campaign Assessments
Phishing Campaign Assessments Can Be Effective For Companies
20 May 2024
Incident Response Planning
Incident Response Planning: Why It's Important
17 May 2024
Ransomware Experiments
Ransomware Experiments on Developing Countries
15 May 2024

See ShadowSpear in Action

Identify, neutralize, and counter cyberattacks - provide confidence in your security posture

Frequently Asked Questions

What are some specific examples of common cybersecurity threats that Managed Service Providers (MSPs) should be aware of and protect against?

Some specific examples of common cybersecurity threats that Managed Service Providers (MSPs) should be aware of and protect against include phishing attacks, ransomware attacks, and insider threats. These threats can compromise sensitive data, disrupt business operations, and lead to financial losses.

Are there any industry standards or certifications that MSPs should strive for in order to demonstrate their commitment to cybersecurity practices?

MSPs can strive for certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), or Certified Ethical Hacker (CEH) to demonstrate their commitment to cybersecurity practices. These certifications validate the knowledge and skills necessary for implementing effective cybersecurity measures.

How can MSPs effectively educate their clients about the importance of cybersecurity and involve them in the implementation of foundational cybersecurity practices?

MSPs can consider conducting cybersecurity awareness training sessions, sharing informative materials and resources, and engaging in regular communication to highlight the importance of cybersecurity and encourage client participation. Additionally, implementing ongoing security assessments and involving clients in the decision-making process can help establish a collaborative approach to cybersecurity.

Stay Connected With SpearTip

Inside the SOC Newsletter

View our articles that cover trending topics in cybersecurity with insights from our 24/7/365 Security Operations Center.

ShadowSpear Platform

Cybersecurity actors are working around the clock, shouldn’t your security team be too? Technology solutions and security controls fail for a number of reasons, poor deployment, improper implementation, or just no one monitoring the alerts.

ShadowSpear Demo

Experience ShadowSpear for yourself. Our lightweight, integrated solution will help you sleep easier at night and provide immediate confidence in your security posture.