Protecting your digital ecosystem requires teamwork, coordination and communications
As the pace of digital transformation and technology adoption continues to increase, most businesses have rightly decided that there is no way to manage the complex needs of a modern connected organization without 3rd party assistance. The old argument of in-source versus out –source has been replaced with right-source and the highest performing organizations are increasingly finding themselves reliant on a web of both full time employees and external parties working together to extract every ounce of productivity out of unprecedented technology based tools.
Recently in The Monitor, we’ve started exploring the differences between MSPs (Managed Service Providers) and MSSPs (Managed Security Services Providers).
Our guidance has been simple and direct: Where at one time all you needed for your IT operations and infrastructure was an MSP with a Help Desk to deal with network, connectivity, software, and user issues; today, with barbarians at the gate 24/7/365, you need to make an additional investment in MSSP services whose mission is the safety and cybersecurity of your entire digital ecosystem. In doing so you put the needs of your organization in the hands of those most qualified to protect and optimize its technology investments.
There is seldom a “one size MSP+MSSP fits all” solution. We urge you to be cautious if approached by a vendor offering both operational and cybersecurity protections under one roof.
The Most Important Actions You Can Take to Leverage Your IT Investments
There are, however, opportunities to leverage investments that you’ve made (or should be making) in both an MSP and MSSP, and in the process, secure better ways to operate, protect and manage the entire scope of your digital ecosystem.
The single most important action you can take to leverage your investment in IT services is to have active plans, processes and policies in place that ensure that your MSP and MSSP are in constant communication and on the same page when it comes to responding to cybersecurity threats.
While these two different types of organizations have different missions in terms of how they participate in your IT program, those missions intersect when a cybersecurity alert detected by your MSSP escalates to the point where a remediation action is required. That action should be built on a remediation plan with clearly identified roles and responsibilities that you, your MSP and your MSSP agreed to use as a roadmap.
This is particularly true for a zero-day event, where the possibility of needing to disinfect hardware, take critical servers offline, or even shut down your entire IT operations may be required to prevent a disaster. In this situation, the MSSP provides notification of the event, its criticality, updates, and follow-ups after patches from a vendor are published, while the MSP executes quick response tactics, including interfacing with users, to shut the doors against the possibility of further damage.
Managed Service Providers/Managed Security Service Providers Common Denominators
Leveraging the investments you make in MSP and MSSP services starts with making sure that each vendor’s scope of services share the following common denominators: (1) a commitment to protect the profitability of your company or organization resulting from cyberthreats or attacks, and (2) an obligation to protect output of your network and the digital interactions you have with internal and external stakeholders.
Given the variety of different technologies and applications you use to operate and manage your business, putting these assurances into effect is not an easy task, but in today’s environment, a fundamental one.
4 Keys to Leveraging and Aligning Your Investments in Managed Service Providers and Managed Security Service Providers Services
There are four actions, spearheaded by your IT Department or company senior management, for aligning your investment:
1) MSP and MSSP Communications – on a continuing basis, your company, and both your MSP and MSSP need to communicate and discuss the cybersecurity threats that have been identified via continuous monitoring and standards based assessments; which of those has been escalated to a remediation action, proposed solutions and patches for gaps in cybersecurity defenses, potential upcoming threats, and best practice based recommendations from each the MSP and MSSP.
2) MSP and MSSP Planning – instead of reacting to cyber threats, a plan should be in place that at a minimum, defines the roles and responsibilities of you and your providers. This is especially important when it comes to Incident Response as the worst time to plan for a crisis is when you’re in the middle of one.
3) MSP and MSSP System monitoring – a key function of your MSSP is 24/7/365 monitoring of your digital ecosystem focused on cyber threats to your environment. Monitoring and the communication of monitoring results is one of the most critical keys for early identification and response to cyber threats.
4) Adherence to planned remediation processes – a key part of the panning process is to have planned remediation processes in place, along with training about how to initiate, manage and monitor those processes.
Connect with Us to Start Better MSP and MSSP Coordination Efforts
We welcome a chance to discuss your cybersecurity posture and how your cybersecurity efforts are being coordinated with your IT managed services program. Let’s schedule a no cost, no obligation discussion to identify the strengths, weaknesses, and threats present in your digital ecosystem and opportunities for achieving better levels of protection and effective, efficient, and rapid response and remediation in the case of a cybersecurity event.
Call me at 716-847-2651 today, or submit a contact form, here. Let’s put something on your calendar.
View full article
How to strengthen one of the weakest links in your cyber defense
In my role as the VP of Strategic Development and Security Officer at DataSure24, it’s my responsibility to protect my company, our employees, and the thousands of customers we have from the unprecedented wave of cyber attacks that are an agonizing part of doing business.
Today, dealing with the threat of cyberattack is an issue that keeps every C-suiter up at night.
I’ve installed, maintained and updated the latest technologies and constantly share information and data with my peers on best cybersecurity practices. However, without “human technology” playing a critical role in today’s cyber defense systems, I’m very concerned that we’ll continue to hear horror stories that perhaps could have been prevented.
I’d like to share some of my thoughts and experiences about integrating the human factor in a cyber defense environment.
In the comment section following this post, I welcome any insights, observations and experiences you would like to share with our blog readers.
Employees are a Critical Part of any Cyber Threat Defense
Businesses today understand the importance of securing data, software and hardware against the threat of a breach. The realization that customer account information, internal communications or other critical data could be stolen and sold or locked away and held for ransom has motivated executives to invest in elaborate in-house security systems and state-of-the-art cloud security solutions to protect their organizations from cyber-attack.
These investments are a cost of doing business in a connected economy, but even the best cyber defense system can be short-circuited by the critical weakness that technology can’t eliminate—the click of an employee on a well-disguised hostile link.
Technology solutions are still an important part of cyber security, but a growing percentage of successful breaches now start with a phishing e-mail instead of a direct attack on a firewall. In short, businesses have been successful enough in training their computers to protect against threats that hackers have adapted by focusing on the element in the system that hasn’t been trained as well—employees.
Creating a Security Culture in a Service Economy
Before you can train your people to protect against cyber threats, you need to understand where that training fits into your broader cybersecurity strategy. Leadership needs to be clear about the level of risk the organization will tolerate, and the training needs to reinforce that concept. For instance, many businesses have focused on responsiveness to clients without adequate statements about risk tolerance.
In some cases, this lopsided focus can create a culture where employees work to resolve client e-mail issues so quickly that they don’ evaluate those e-mails for potential phishing links. If your cybersecurity training is going to stress evaluating e-mails for threats, employees need to understand that leadership is lowering its tolerance for cyber risk and leadership needs to understand there will be some tradeoff in response-time efficiency.
Elements of an Effective Cybersecurity Education
The kind of education process that will work best for your business depends first and foremost on what kind of business you run. And “what kind” refers both to what industry or economic sector you operate in as well as the personality of your employees and the atmosphere in your workspaces. That said, there are still certain elements that you should look for to create a program that turns your people into a “human firewall.” These four characteristics should be present in any cybersecurity education program:
- Customized or customizable: No off-the-shelf training module will speak directly enough to your employees. Think of the message you send to employees when you gather everyone together for a mandatory meeting at which some outside consultant or designated employee lectures them from a script with generic statements about the importance of security. If you poll them on the way out, you would probably get a perfunctory response along the lines of, “Yeah, I get it. Security’s a big deal.”
Training should speak directly to YOUR employees about YOUR business and the potential damage that a security failure will cause. To support a healthy culture of cybersecurity, your training needs to go beyond the nuts and bolts of learning how to avoid phishing scams and risky websites to create a sense of shared responsibility among your team for the protection of customer data and co-worker jobs.
- Comprehensive: Your cyber defense is only as strong as your weakest link. Malware and ransomware attacks have become so pervasive that you can’t afford to overlook any of your technology users when it comes to raising awareness about cybersecurity. Even someone who doesn’t have an assigned work computer could still use a personal computer or account to open a malicious e-mail that generates a message to all contacts, including customers and co-workers. Even if an employee’s unsecure practice only affects personal computers and accounts, your business will still suffer lost productivity while that person works to resolve the problems that arise as a result.
- Focus on Creating a Cybersecurity Culture: A lecture with PowerPoint slides is rarely going to be enough to engage employees at the level necessary for success. This type of training benefits from breakout sessions with small groups where participants get a better sense of how much the group’s success depends on the efforts of everyone. The goal is to create habits and routines that employees use to analyze the potential cyber risks in every activity they undertake, then practice using those habits and routines frequently enough that they become part of the fabric of the job. In a way, it’s almost as if you’re trying to train your people to “think without thinking about it.” Education on this topic always needs to focus on taking the time to be safe.
- Monitor to Measure Improvement: Effective cybersecurity education requires much more than an occasional day of training. A business must commit to ongoing monitoring and testing. Information generated from those activities needs to feed into regular updates to staff as well as improvements to the next training. Employees should be encouraged to communicate frequently about cybersecurity and to quickly notify managers of potential threats that they identify. Visible indicators of success should be included around the office, such as whiteboard postings noting “[X number] of threats turned away this week/month/year.”
DataSure24 Offers Cybersecurity Services
The cyber threats that businesses face change so quickly that educating and empowering a workforce to protect against them is an ongoing operation, not just a scheduled training session. Our team of cybersecurity experts can help you build and maintain a sustainable technical and human powered defense system.
For more information on how we can help you strengthen your human cybersecurity firewalls to match your technological ones, please contact us at 716-600-3724 or below.View full article