How MSPs Can Avoid Cyberattacks with Patch Management

IT professionals have been discussing cybersecurity for quite some time, but a managed service provider's, or MSP's, responsibility to maintain secure environments has increased dramatically over the past decade as threats have become more commonplace.

Author: Michael Bienvenue, product marketing manager, Datto
Author: Michael Bienvenue, product marketing manager, Datto

According to the Anti-Phishing Work Group, the total number of phish from the second half of 2017 to the first half of 2018 increased by 33%. Today’s cybercriminals are continuing to leverage social engineering emails as the top attack vector. In addition to the rise in phishing, ProofPoint’s “The Human Factor 2018” report states emails with malicious attachments exceeded those with emails containing malicious URLs by 28%, putting the hostile code within a single click from the user. However, even an email redirecting an unsuspecting user to a fake website will eventually lead to downloading and executing a file that will exploit a vulnerability.

Security professionals all agree that a comprehensive security strategy is multi-faceted, incorporating perimeter hardening, end-user education, software patch management, and disaster recovery planning. It is also becoming more complex to proactively prevent attacks from occurring. Threats, like strains of ransomware, adapt as prevention measures mature and new technologies emerge making it difficult for businesses, especially smaller ones with limited resources, to remain ahead of the criminals.

When new threats emerge, technology vendors are doing their part to ensure vulnerabilities are fixed as quickly as possible, usually releasing an update within hours of learning about it. But that’s not always enough to prevent an attack. A well-documented case study on this is the WannaCry outbreak of 2017. Microsoft learned of the vulnerability within the Windows Operating System on March 14, 2017, and released security bulletin MS17-010 that same day marked as CRITICAL. The global outbreak transpired two months later, compromising 230,000 computers in 150 countries in 24 hours. The malicious code that exploited the vulnerability fixed by Microsoft was in the wild for almost a month before the attack occurred. When the dust settled, there were at least 300,000 devices that had not received the critically flagged update from Microsoft.

High-profile attacks, like WannaCry, raise awareness among businesses and MSPs are often the ones looked to for providing the strategic guidance and tactical measures to secure the IT environments for their clients. To adequately do this, MSPs need to approach their client security engagements thoughtfully. Failure to do so may establish a false sense of security and potentially expose-clients to costly disruptions.

As Gartner states, “Cybersecurity risk, if not treated appropriately, translates into business risk, reputation loss, regulatory breaches and general disruption of operations.” The cost of disruption is too significant, and often orders of magnitude higher than prevention when responding to an event after it has occurred.

Patch management services provide MSPs tactical measures to secure client environments, as well as an opportunity to further build on their offerings. Check out our eBook to learn how to thoughtfully approach your client security engagements.

Michael Bienvenue is product marketing manager at Datto Inc. Read more Datto blogs here.