Role of MSPs in Moving from Cyber Security to Cyber Resilience

May 20, 2022
Industry Commentary

When critical business systems become inaccessible after a cyberattack, businesses struggle to return to normal functioning quickly, and at the same time guard against a repeat performance. Recovery from cyberattacks is among the hardest things for a small business to cope with. That is why it is crucial for Managed Service Providers (MSPs) and Small to Midsize Businesses (SMBs) to nurture not just cyber security but cyber resilience.

Since most SMBs neither have the in-house IT staff nor the competence to make this transition on their own, MSPs are a critical part of the equation. 

Understanding Cyber Resilience 

Last year, the SolarWinds Orion security breach spread SUNBURST malware, striking many government agencies and businesses – most of whom weren’t even aware that Orion was a critical part of their infrastructure. Such incidents made business leaders realize that traditional cyber security services wasn’t enough; they needed to safeguard their businesses with a multi-layered approach.

A successful exploit that compromises one part of the business infrastructure should not be allowed to harm other, unrelated parts. This is where cyber resilience comes in: a layered defense that compartmentalizes business infrastructure so that the scope of any one threat is minimized. Even if a bad actor successfully attacks one element, the business can continue running, while remediating the effects of the attack. 

Cyber resilience is thus a gauge of business strength, in terms of continuing to operate and recover from the consequences of a cyberattack. It requires a blend of cybersecurity (keeping out exploits), incident response (reacting to a successful exploit), and business continuity (continuing to run while recovering from the exploit). A cyber resilient SMB can withstand attacks and mitigate potential damage to ensure business continuity. The business will certainly be affected, but at least it will continue to function. 

This requires a holistic approach: rather than put in a firewall, deploy antivirus, or impose two-factor authentication, and then consider the job done, the MSP needs to take a look at the entire business. Without a holistic approach, cyber resilience is not possible.

For example, most SMBs depend on free cybersecurity options, which are point solutions that do little to keep the business running after an attack.

Only 26% of SMBs deploy the required multi-layer security to safeguard users, devices, and networks; and only IT professionals can help them do this. For SMBs, that means relying on MSPs. 

Achieving Cyber Resilience 

Cyber resilience encompasses people, processes, and technology. 

- Educating employees on proper cybersecurity practices is key. Many cyber attacks rely on employees either being unaware of proper security practices (e.g., using strong passwords or MFA), or bypassing them because they are onerous (e.g., not using a password manager). Teaching employees not to click on random links in e-mails is essential because it eliminates a giant fraction of the attack surface. Security awareness training is extremely important. 

- Putting in place processes for reporting issues and limiting the spread of a breach is essential.

For example, when an employee sees a ransomware message on his or her screen, does he/she know what to do and who to call? Is there a policy about employee-owned devices (that could be potential attack vectors)? What can employees access when at home on company-owned laptops? 

- Technology is probably the one element that MSPs are most comfortable with, but cyber resilience requires that technology be applied to secure all areas of the business. Encrypted backups, EDR/XDR agents on workstations and servers, remote security devices, etc. will all help contain cyberattacks and let the business recover quickly. 

MSPs and Cyber Resilience 

Cyber resilience involves a top-to-bottom understanding of the IT needs of a business and the development of a strategy to segment and protect each aspect. The SMB cannot do this; only an MSP can. The MSP needs to persuade the SMB to let him/her take care of what MSPs are good at – keeping businesses safe and running efficiently – and allow the business to focus on what they are good at – making money! 

MSPs should approach their SMB customers with a combination of an IT review, a candid discussion of the threats and vulnerabilities that the customer presently faces, and a proposal to build a cyber resilience strategy for the firm. Without a comprehensive approach, we’re simply going to see a continual increase in the number of SMBs that get hacked. 

About Uplevel Systems 

Uplevel Systems is a security solutions firm with a widespread reputation as a reliable provider of cloud-based IT infrastructures that guarantee near-zero downtime – more go-time. Uplevel solutions are engineered from the ground up for Small and Medium Businesses to be comprehensive, secure, flexible, and easy to deploy and manage.