A cyberattack targeting News Corp journalists represents the latest stern reminder that MSSPs and MSPs need to audit and safeguard customers' cloud and SaaS services.
In the News Corp incident, hackers had access to the media company's systems since at least February 2020 -- including emails, Google Docs and drafts of articles, The Wall Street Journal reported.
News Corp Cyberattack Disclosure: SEC Filing
A News Corp SEC filing on February 4 shared some general information about the breach. Among the takeaways from the filing:
- News Corp relies on third-party providers for certain technology and “cloud-based” systems and services that support a variety of business operations.
- In January 2022, the Company discovered that one of these systems was the target of persistent cyberattack activity.
- Together with an outside cybersecurity firm, the Company is conducting an investigation into the circumstances of the activity to determine its nature, scope, duration and impacts.
- The Company’s preliminary analysis indicates that foreign government involvement may be associated with this activity, and that data was taken.
- Based on its investigation to date, the Company believes the activity is contained.
- At this time, the Company is unable to estimate the expenses it will incur in connection with its investigation and remediation efforts.
Plus, a Cyber Insurance Warning: In the same filing, News Corp warned that cyber risk insurance has also become more difficult and expensive to obtain, and the Company cannot be certain that its current level of insurance or the breadth of its terms and conditions will continue to be available on economically reasonable terms.
Cloud Security Posture Management for MSSPs
News Corp didn't say exactly how hackers penetrated the company's cloud services. But generally speaking, MSSPs seeking to safeguard customers' SaaS workloads can use a mix of tools that offer cloud security posture management (CSPM), SaaS monitoring and management and Business Email Compromise (BEC) mitigation capabilities.
CSPM tools help MSSPs to ensure that customers have properly configured their Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform (CSP) workloads. The need for such tools is clear: Fully 90 percent of organizations are susceptible to security breaches due to cloud misconfigurations, according to the “2021 Cloud Security Report: Cloud Configuration Risks Exposed” from application lifecycle security company Aqua Security.
With those risks in mind, annual CSPM spending will reach $9 billion by 2026, up from $4 billion in 2020, according to Markets and Markets. That’s a 14.4 percent compound annual growth rate.
On a related note, 41 percent of our Top 250 MSSP survey participants already offer CSPM to their end customers, MSSP Alert research found in September 2021.
SaaS Security Monitoring and Management for MSSPs
Meanwhile, SaaS security monitoring and management tools are also popping up to help MSSPs, MSPs and end-customers protect Microsoft 365, Google Workspace and other SaaS workloads.
Dozens of SaaS protection options are in the market. But two startups -- namely, Augmentt and SaaS Alerts -- most directly promote SaaS application protection tools to MSSPs.
Augmentt is led by CEO Derik Belair and Chairman Gavin Garbutt -- two N-able veterans. Meanwhile, SaaS Alerts is led by CEO Jim Lippie, a veteran of Kaseya and Thrive.
Meanwhile, MSPs and MSSPs also have dozens of business email compromise (BEC) risk mitigation tools from which to choose. Check in with cloud-centric email security providers and ask about multi-tenant service provider options to get started.
