Cyber attackers capitalized on security vulnerabilities that were created as companies rushed to enable cloud-based, remote operations. Fears of recession further complicated matters. But throughout 2022, internal security teams improved their ability to fight back, as did MSPs, MSSPs and those operating in the channel.
The past two years changed how organizations around the world conduct business, including MSPs/MSSPs and their channel partners. Across countries and industries, employees quit their jobs, leaving organizations vulnerable in their absence. They relocated with little to no notice, creating secure access headaches for IT security teams, and adjusted to digital services that minimize human contact to curb the spread of Covid-19. As 2022 progressed, inflation and fears of recession further complicated the picture.
As the World Panicked...
In 2020, the world panicked, then pivoted to survive (both literally and figuratively). Digital transformations accelerated and expectations evolved. So did threats targeting organizations still transitioning to a new way of working. That includes information security specialists responsible for protecting the systems, networks, data centers, and technologies that fuel today’s economies.
In 2021, the world adapted to a hybrid workforce but struggled to keep up with the expanded threat landscape it created.
In 2022, organizations suffered the headaches that come with this new world and struggled to find the way forward, amid an increasingly cloudy economic outlook.
But with tools and practices like zero trust, XDR and more automated threat intelligence tech to bolster vulnerability management, cloud, email and endpoint security, organizations fought back – and established plans to invest more to secure networks and data in the next two years.
MSSP Alert: The Year in Review
CRA Business Intelligence, part of the parent company of ChannelE2E and MSSP Alert, surveyed security professionals across seven key areas in 2022. The resulting Year-in-Review report examines where security practitioners struggled and, in many cases, made headway.
Topics addressed are:
- Cloud security. Only 39% of organizations had high levels of confidence in their ability to secure cloud data, while only 4% reported sufficient security for 100% of their data in the cloud.
- Zero trust. Adoption was slow, with only one out of four respondents reporting their organization had implemented it.
- Endpoint security. Nearly two-thirds (63%) are managing more than 1,000 traditional and non-traditional devices.
- XDR. While familiarity with XDR is high (70%), current adoption of an XDR platform is relatively low; only 12% of respondents reported using this technology.
- Vulnerability management. More than two-thirds, (69%) said their budget or spending on vulnerability management would increase in the next 12 months, especially for things like automation.
- Email security. A third of respondents experienced up to 25 attacks daily because of email security weaknesses and half reported up to 25 business email compromise (BEC) attacks per day.
- Threat intelligence. Threat intelligence emerged as a useful tool to educate executives. Many credited threat intelligence with helping them protect their company and customer data — and potentially saving their organization’s reputation.
To view “2022 Cybersecurity Year in Review: Everything, Everywhere, All at Once” in full, download it here.