Life with Log4Shell: Security Guidance for MSSPs

Credit: Getty Images

In our 2022 Predictions blog, BlackBerry Perspectives on 2022, we discussed that many organizations, especially in the SMB space, still have challenges tackling basic IT issues or implementing standard cybersecurity approaches such as multi-factor authentication or patch management. Having worked at a company that excelled at patch management in 2007, it’s very surprising that this is still a challenge for companies. A study by Service Now and the Ponemon Institute shows that most companies still struggle with patching and overall vulnerability management processes. In fact, 52% of respondents stated they still use manual methods while a majority stated they were not even aware they were vulnerable before a breach.

This lack of cyber-readiness presents a great opportunity for MSSPs to offer security services that can protect clients against attack. Future-proof technologies that use machine learning to close attack surfaces and block exploits enable MSSPs to help clients protect themselves even when cyberhygiene and readiness might be lacking. This is the essence of a prevention-first approach to security.

The need for a prevention-first approach was clearly evident after the November 24 disclosure of the Log4j vulnerability. Between December 10 and 16, adversaries exploited the vulnerability by launching more than 840,000 attacks worldwide, before a patch was available. 

Vulnerabilities like Log4j are largely invisible to legacy security products that rely on signatures to detect known malicious files. Fortunately, BlackBerry Cyber Suite solutions are powered by seventh-generation Cylance AI models that can detect the malware payloads used in these exploits and prevent them from executing. They can even detect suspicious activity and behavior when no malware is present!

What’s more, this prevention-first protection is easy to implement and manage.

  • No signatures. Busy security and IT teams no longer have to spend hours every week downloading, installing, and updating signature files.
  • Low resource consumption. BlackBerry solutions run silently on each endpoint, without the frequent intrusive scans that annoy end-users and zap their productivity.
  • Co-existence. BlackBerry Protect runs silently alongside other endpoint tools. Prospects are often amazed to discover how many threats their incumbent endpoint product has missed.

Related: Find out more about BlackBerry and the BlackBerry Cylance MSSP Partners Program.

Author Josh Stegall is director of MSSP Alliances at BlackBerry.  Read more BlackBerry Cylance blogs hereRegularly contributed guest blogs are part of MSSP Alert’s sponsorship program.