PCR Tech and IT retail, distribution and vendor news
Following the release of the 2023 UK Forrester cybersecurity study, Guy March, senior director channel sales EMEA of Tenable talks about how the findings pertain to the channel.
The key takeaway is that, for far too long, security has been treating the symptoms of cybercrime rather than curing the disease. The current approach is reactive and relies heavily on post-event data to find the origin of an attack and clean up the mess.
According to a commissioned survey of 100 U.K. based cybersecurity and IT leaders, conducted in 2023 by Forrester Consulting on behalf of Tenable, 48% of the cyberattacks U.K. organisations experienced in the last two years were successful. This forces security teams to focus time and efforts on reactively mitigating cyberattacks, rather than preventing them in the first instance. With just 60% of U.K. organisations confident that their cybersecurity practices are capable of successfully reducing the organisation’s risk exposure, there is obviously work to be done.
If we take ransomware which is prolific currently, the days of old where threat actors indiscriminately encrypted systems for a fraction of a bitcoin are over as today’s cyber criminals will cripple operations and negotiate a sizable fee for the return to normal. Once sensitive data has been stolen in an attack the confidence of confidentiality is lost forever – you can’t put the data genie back in the bottle – that’s why a proactive approach is so important.
The study also revealed that nearly three-quarters of respondents (74%) believe their organisation would be more successful at defending against cyberattacks if it devoted more resources to preventive cybersecurity. For MSPs it’s imperative that they understand the risks their customers face and offer services and counsel that will help them to move from a reactive stance to a proactive security program.
What does the increased complexity of the attack surface and vulnerability of organisations mean for the channel demand over the coming year?
When we think of the modern attack surface it is a mix of on-premises and multiple cloud systems, numerous identity and privilege management tools and multiple web-facing assets. The challenge with this complexity is it affords numerous opportunities for misconfigurations and overlooked assets.
From an attacker’s perspective this creates the perfect storm. We know that threat actors’ attack methodology is not advanced or even unique but opportunistic. Attackers see many ways in and multiple paths through environments to do damage and monetise their nefarious efforts. When evaluating an organisation’s attack surface, they’re probing for the right combination of vulnerabilities, misconfigurations and identity privileges.
For the channel, offering organisations a way to see where they’re most at risk is pivotal to successful defence. Seeing all assets, interconnections and user privileges holistically helps piece together the intelligence needed to determine what matters most and what is most at risk. This helps determine where to focus efforts for greatest impact.
The report focuses on the virtues of preventative cybersecurity, why should MSPs be prioritising this type of security going forward?
The study revealed that, in the UK, nearly three-quarters of respondents (74%) believe their organisation would be more successful at defending against cyberattacks if they devoted more resources to preventive cybersecurity.
The study also revealed that important context about users and access privileges is hard to come by — seven in 10 respondents said that their siloed systems form a barrier for obtaining user data. The siloed nature of the thousands of point solutions offered by cybersecurity vendors makes it nearly impossible for security and IT leaders to understand the full depth and breadth of an organisation’s exposure.
Those MSPs that can offer organisations solutions that can bring these siloed systems together in one holistic approach, and work with organisations to help them achieve a proactive stance, will be best placed to succeed in the coming months.
What preventative measures should MSPs be taking?
Preventive cybersecurity requires the ability to assess and prioritise vulnerabilities and misconfigurations in context, wherever they reside, alongside user data, asset value and awareness of likely attack paths so that IT and cybersecurity employees can make the right decisions about which systems or classes of users and assets to remediate first.
MSPs should be looking to offer a unified and contextual view of the customer’s environment. By focusing resources on the vulnerabilities that are exploitable and understanding how attackers chain vulnerabilities and misconfigurations, delivers a more complete strategy for reducing overall risk exposure. Organisations that can anticipate cyber attacks and communicate those risks for decision support, will be the ones best positioned to defend against emerging threats.
The report mentions a communication breakdown between business leaders and cyber teams, how could this be affecting the channel?
While attackers are continuously assessing environments, in most organisations, meetings about business-critical systems take place monthly — at best. The study found that just under half of respondents (47%) say they meet monthly with business leaders to discuss which systems are business critical, while 25% hold such meetings only once per year and 3% say they never hold such meetings.
Infrequent meetings leave both parties unfocused on what matters most — reducing risks to the business, and that affects the service delivered by channel partners who are also impacted by this lack of focus.
Cyber teams and the third party suppliers that support them must work closely together, but also with business leaders, to establish how to incorporate cyber risk metrics into all decision-making processes, ensuring security is considered in all aspects of the business and managed by everyone in the organisation.
