Reuters recently reported that Cloudhopper, an international hacking ring linked to the Chinese government, has been launching attacks on technology service providers in a campaign to steal data from their clients, according to the U.S. Department of Homeland Security.
While new to the laymen or general IT service professional, many of us in Cyber Security have known for some time that hackers have targeted MSPs and other IT service providers; after all they have unfettered access to their clients’ valuable data. Why you might ask?
Well, a similar question was asked of Willie Sutton, the infamous bank robber when he was arrested for robbing banks. A reported asked why he robbed them, his answer was, “that’s where the money is.” Like Willie Sutton, hackers are targeting MSPs because that’s where the money (in this case very valuable data) is.
Now more than ever MSPs and IT service providers need to step up their game; both for their clients and themselves. Relying on Anti-Virus, Anti-Malware and a firewall is not enough. MSPs and IT service providers need a cybersecurity ecosystem that provides 360-degree visibility and protection.
A comprehensive cybersecurity ecosystem blankets the attack surface with a layer of protection that leaves no hole exposed, nothing left to chance. Cyber Security professionals assemble a suite of purpose-built appliances and applications.
Key technology components of a cybersecurity ecosystem must include:
- SIEM 2.0
- Next-Gen Advanced Endpoint Protection
- Next-Gen Perimeter Protection
- Network Level Monitoring
- Data Loss Prevention
- DNS & Web Filtering
- File and Disk Encryption
- Encrypted Backup
- Multi-Factor Authentication
Additional elements of protection to help round out the ecosystem should include:
- Dark Web Monitoring
- Security Awareness Training
Alongside these should be a comprehensive set of cybersecurity-related policies that define behaviors and expectations, deputizing members of the organization to join in safeguarding valuable data. And, because mistakes happen, round out your protection by adding a cyber liability insurance policy for when an employee accidentally opens an infected attachment or visits an infected website.
The good news is that, as cyber threats have increased so have the companies that have risen to the challenge. This has significantly reduced prices, making it affordable to almost any business.