Content, Americas, Content

MSP Cybersecurity Initiative: NIST, NCCoE Seek Comments

Credit: National Institute of Technology and Standards

The National Cybersecurity Center of Excellence (NCCoE), part of NIST, has announced "Improving Cybersecurity of Managed Service Providers," a project designed to deliver a cybersecurity reference model that MSPs can customize to fit their cybersecurity program needs.

NCCoE's project helps MSPs implement IT architecture that reduces security vulnerabilities, according to the organization. It also provides MSPs with guidance so they can adopt cybersecurity technologies and techniques that result in better security for themselves and their small and medium-sized business (SMB) customers.

What Does NCCoE's Project Mean for MSPs?

NCCoE will build a standards-based, modular and end-to-end example solution(s) to help MSPs address cybersecurity challenges aligned to the National Institute of Standards and Technology (NIST) Cybersecurity Framework v1.1, the organization stated. This approach may include architectural model definition, logical design, build development, test and evaluation and security control mapping.

In addition, NCCoE will use the project to produce a publicly available NIST Cybersecurity Practice Guide. With this guide, MSPs can implement a cybersecurity reference architecture model.

NCCoE is seeking comments to help refine the challenge and scope of its project, and it will accept project feedback until Nov. 8.

MSPs, CSPs Susceptible to Ransomware Attacks

Hackers worldwide have been hitting MSPs of all sizes — not just global technology service providers. The FBI and U.S. Department of Homeland Security have repeatedly warned MSPs and their technology platform providers about such attacks.

Still, the attacks continue. The fallout has included:

Amid those challenges, the MSP industry (spanning technology companies, service providers and more) could soon face a “crisis of credibility” if the market doesn’t take major steps to more effectively mitigate ransomware threats, cyberattacks and associated fallout, ChannelE2E and MSSP Alert believe.

Additional insights from Joe Panettieri.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.