As the IT needs of businesses continue to grow and evolve, the adoption of managed service providers to oversee and manage these needs is increasing. With that increase is a growing emphasis on hiring MSPs that focus on cybersecurity.
Datto’s recently released State of the MSP Report also notes that “security concerns remain a top priority for MSPs and their clients.” The report points to the near doubling of ransomware and cybersecurity incidents: from 14 percent of MSPs surveyed in 2017 to 30 percent of MSPs in 2019.
In this article, we take a look at how MSPs can address gaps in security and offer their SMB clients increased peace of mind when it comes to cybersecurity.
Among the benefits of hiring managed IT service providers, one of the more commonly cited reasons is network security. In addition to helping small and medium businesses (SMBs) stay on top of critical network and technological updates, MSPs can also work proactively with their clients to prevent cyberattacks and network failure due to ransomware. Contract IT providers can monitor applications, hardware, and various employee endpoints.
Datto’s recently released State of the Channel Ransomware Report noted several key statistics:
- In 2019, 85 percent of MSPs reported ransomware as the most common malware threat to SMBs.
- One in five SMBs report that they have fallen victim to a ransomware attack. (On average, SMBs who don’t outsource their IT services report facing more ransomware attacks.)
- When it comes to ransomware attacks, MSPs say the cost of downtime is 23 times greater than the ransom amount requested. The average ransom demand is $5,900 compared to the average cost of downtime coming in at a staggering $141,000.
The emergence of managed security service providers (MSSPs) has been giving MSPs a run for their money. However, this threat is minimized as long as MSPs add managed security services to their client offerings.
MSSPs are known for providing managed firewalls, intrusion detection, virtual private networks, vulnerability scanning, and antiviral services. They typically offer 24/7 monitored services to clients.
To bridge the security gap, MSPs can and should:
- Partner with an MSSP: This most economical way to increase cybersecurity offerings without having to invest heavily in tools and staff is to partner with an MSSP to expand their offerings.
- Adopt an Improved Alert System: Prevent workflow congestion and delays in responding to critical incidents by investing in and adopting alerting engines and tools.
- Offer VPN: As more businesses are hiring remote workers, there is a need for increased security as employees are connecting to the network from unsecured sites. Setting up a VPN provides clients a secure and encrypted connection for network traffic.
- Offer Endpoint Protection: With more employees using various devices to access secure networks, the need for endpoint protection is critical. Not only should MSPs consider ways to separate endpoint devices from the main network, they should also implement an antivirus endpoint protection solution.
- Consider the Big Picture: Over time, it's easy to create a tech stack of cybersecurity tools that not only overlap but also create gaps in coverage. Review your strategy in addition to the tools you use, and look at how you can consolidate and adopt a more holistic approach.
As the prevalence of cyberattacks on SMBs increases, MSPs need to consider how to remain viable in an environment that will put more and more emphasis on cybersecurity needs.
According to Datto’s Global State of the Channel Ransomware Report, the lack of cybersecurity training is a leading cause of successful ransomware attacks, with the top delivery method being phishing emails, followed by malicious websites, and clickbait. Educating clients should be an ongoing effort for every MSP. Recommending solutions that can help recover from downtime caused by things like ransomware becomes much easier when clients have a solid understanding of how malware works and the disastrous impact it can have on their businesses.
For more statistics and best practices on the current landscape of ransomware, check out the full report today.