Just about every company with an internet connection is vulnerable to data breaches and attacks; this includes even the smallest organizations you provide managed security services for.
As hackers continue to evolve their tricks and tactics, so too must your threat detection capabilities. New cybersecurity trends are emerging every day—whether it be the latest attack methods or security operations best practices—and in order to protect your SMB clients, you must arm yourself with the latest knowledge.
Read on to learn more about the following trends:
- The shift in hackers’ targets to SMBs
- Increased threats to MSPs and SMBs
- New updates to managed detection and response
- The rise in human-powered threat detection
- Scaling your MSP’s cybersecurity defenses
Who is Being Targeted By Hackers? Your SMB Clients
The shift in how hackers target their victims has fundamentally changed the way cybersecurity is managed. According to the 2020 Verizon Data Breach Investigations Report:
- 45% of data breaches involved hacking
- Human error, such as clicking on suspicious emails, and misconfigurations are on the rise and open the door for hackers to infiltrate
- Brute force attacks account for 8% of the top breach types within large enterprises but account for 34% of breaches for SMBs
And probably one of the more compelling statistics from the report is that 28% of data breaches directly targeted SMBs.
SMBs are the low-hanging fruit that hackers can easily go after. Why? Because they typically don’t have the budget-breaking cybersecurity posture that enterprises have, or they fall for that phishing email due to lack of security awareness training, or they simply don’t enforce strong password policies.
This has a direct effect on you, the MSPs who aim to protect these businesses. Cybersecurity has become a shared responsibility—and when a security incident does happen, you need to determine:
- The extent of the damage
- How it happened
- How to respond
In addition, MSPs are finding themselves under new threats simply because of their position within the industry. As the central node in a network of SMBs, MSPs have become a high-value target. Hackers have recognized this and are even banding together to take advantage of these connections.
If an MSP can be exploited, hackers can potentially gain access to each of the SMBs that depend on them for IT and security services. That opens up the door for a lot of liability.
The Evolution of Existing Threats To MSPs and SMBs
Hackers and other bad actors that threaten us defenders are not a stagnant bunch. They challenge themselves, developing shady new ways to access networks and endpoints.
They're using more sophisticated techniques and tradecraft to bypass preventive security tools and make hunting them down more manual. And the worst part is that many hackers have begun working in concert with other bad actors. This has created a sort of B2B relationship between different groups that increases their odds of success by allowing them to attack targets from multiple fronts and with multiple techniques. In fact, 55% of breaches in 2019 were perpetrated by organized criminal groups.
Plus, it goes without saying that the COVID-19 pandemic has added yet another wrinkle to the existing threat landscape due to the new normal of remote work.
Networks have more external access points than ever before. The shift to working from home has moved employees—and other targeted endpoints—outside of existing security stacks and in-office safety measures. All of these factors combined provide a host of new attack vectors for hackers.
So, how can your managed detection and response strategy account for this evolution?
Fight Back with Threat Detection and Response
There’s no magic wand or silver bullet that’s going to keep threats at bay. In order to have a viable security stack, you have to combine the following managed detection and response measures:
- Network security basics (like antivirus, firewalls, DNS filtering, etc.)
- Email/O365 security
- Access controls
- Credential guards (like two-factor authentication)
- Secure user groups
- Endpoint threat detection
Together, these cybersecurity tools offer a signature-based prevention system combined with the least privilege to help stop attacks before they can do the most damage.
Managed detection and response should be the cornerstone of your offering. However, there are limitations to relying on software alone to do the job.
While an important aspect of cybersecurity, automated threat detection software can only scan for what it’s programmed to look for. And most fully automated solutions will default to letting 'unknowns' operate as usual rather than block or remove something that is potentially legitimate.
On the other hand, human threat hunters have the contextual awareness and know-how to manually differentiate between the good and bad that may be hiding in the depths of an operating system. This is why the human element is so critical to a successful and comprehensive cybersecurity strategy.
The Human Element To Cybersecurity
While cybersecurity automation can scan thousands of files in a fraction of the time it takes a person, it can only look for what it knows. There’s no instinct or situational awareness that allows it to detect new or exotic threats. This is where human threat hunting takes the lead.
Skilled teams like the Huntress ThreatOps team fills in the gaps where your automated security stack is lacking. They continuously study hacker tradecraft so can they investigate new threats and further understand how they work. Using context, experience, and instinct, they can determine what looks normal and what looks malicious.
In addition to threat hunting, the human element also comes into play with security education.
Equipping your SMB clients with cybersecurity training and best practices can cut down on social attacks, such as phishing, which account for 22% of security breaches. Regular security training for your clients’ new hires and seasoned employees should be integrated into their HR processes. On top of that, annual security refreshers can keep employees up-to-date on what they can do to keep hackers at bay.
Scale Your MSP with Cybersecurity Built For Growth
Any good company—whether it’s an MSP or SMB—should be structured so it can scale with confidence. That includes your security operations.
Laying a solid foundation for IT environments starts with ensuring you have proper cybersecurity measures in place. As new threats evolve, you will be more easily able to add more layers of advanced threat monitoring, giving you a more robust and flexible solution that can grow and adapt to meet your needs.
While scaling your business is important, increasing revenue is also a hidden benefit of a solid cybersecurity solution.
For SMBs, it can be difficult to equate cybersecurity with an increase in revenue because there’s no obvious direct relationship between the two. It’s more about understanding the risks involved and the potential impact it can have on their bottom line.
For MSPs, the benefit comes from educating your clients about the ever-present threats to their business. And through that education, you can help them understand the risks involved and guide them to purchasing the security solution they need to best protect themselves.
Need some help in the fight against hackers?
Huntress is one of the most trusted leaders in advanced threat monitoring for SMBs and MSPs. We tirelessly dedicate ourselves to learning from hacker tradecraft and developing the best tools to counter them.
In the market for a better cybersecurity solution for your SMB clients? Take the Huntress Security Platform for a 21-day test drive.