The demand for network resilience has reached a critical level. But cyber resilience is not a destination; it is “not a place you can reach by boat or train.” It is the emerald city of a safe world-a place you desire to reach, just to get there and realize that there is still a lot to learn And do. And, just like Dorothy and Toto, managed service providers (MSP) and small and medium businesses (SMB) need to start from scratch: educate their employees, improve their processes, and revisit their security infrastructure. Only in this way can they reach the gold standard of network resilience.
With the increase in cyber attacks, which has increased by 400% compared to before COVID, it is no longer a question of whether an attack will occur, but when it will occur. In fact, 95% of MSPs stated that their businesses are increasingly being targeted for attacks, and 78% of MSPs reported attacks on the SMBs they serve in the past two years. Among these attacks, ransomware (flying monkey) deployed by threat actors (evil witches) is still the most common cyber threat to SMEs today.
Follow the yellow brick road
As the threat situation continues to evolve, MSP and SMB must follow the yellow brick road on the road to network recovery. Cyber resilience is a measure of business strength in the preparation, operation and recovery of cyber attacks. It relies on the ability to protect, detect, respond and quickly recover from adverse events, and combines network security, business continuity, and incident response.
In order to obtain and maintain cyber resilience, organizations must focus on basic frameworks and concepts. Only by combining cyber security, business continuity, and incident response capabilities can organizations build maturity and reduce overall cyber risks. Just like the Tin Man, the Scarecrow, and the Cowardly Lion, each organization is at a different stage on the Yellow Brick Road, and the gaps that need to be filled are different.
The following are three ways that MSP and SMB can address the gaps in their organizations to establish and strengthen cyber resilience:
1. Talent is the core of every organization
Just as the Tin Man needs a heart, MSP and SMB need appropriate talents to complete. They must equip their team with the skills needed to defend against attackers and prepare for possible events. There are two strategies to consider, both of which involve bringing in the right talent to help make smart security decisions.
The first method starts with the recruitment process. MSPs should update their job descriptions and requirements to reflect the need for a basic understanding of safety and safety-related tasks. For example, for the service desk engineer role, 70% of job descriptions can reflect technology-related jobs, while 30% are designated for security-related tasks.
Small and medium-sized enterprises should consider adopting the method of joint management, that is, organizing outsourcing talents to increase the network maturity of the team. Co-managed IT combines the convenience and strategic framework of the internal IT department with the support and comprehensive knowledge of the outsourced MSP. This can be used as a cost-effective way to address the security talent gap, which usually exists in small organizations that lack the appropriate resources and talent to navigate an increasingly complex IT environment.
2. Any operation of the brain starts from the process
Just like a scarecrow without a brain, organizations without proper processes cannot make intelligent decisions related to the Internet. The organization must determine what is effective and what is not in its current security strategy to determine which operations are repeatable, which are not repeatable, which are measurable, and which are not.
There are multiple frameworks that can be used to help companies build their cybersecurity strategy. The most common are the National Institute of Standards and Technology (NIST) cyber security framework and CIS control. The NIST cyber security framework is not a normative framework, but it does help companies determine the results of achieving cyber resilience. From there, organizations can determine what they need to do to achieve these results.
CIS control is normative, telling the organization what to do to achieve cyber resilience. They focus on technologies that primarily map back to identity, protection, and detection. In order to be cyber-resilient, organizations also need to focus on the “right to prosperity”, which is the activities necessary to respond and recover after a successful attack.
solution? Combine the NIST cyber security framework and CIS control, because this provides organizations with the brains to reach the gold standard of cyber resilience.
3. A strong technical infrastructure will naturally bring confidence
Organizations like Cowardly Lion — lacking the appropriate technology to identify, protect, detect, respond to, and recover from attacks — cannot operate confidentiality with a “hypothesis violation” mentality.
Once their hearts and brains are intact, SMB and MSP can gain courage by deploying technology to ensure that they can reach their full potential and resolve technological gaps. This may include adding remote monitoring and management capabilities as well as business continuity and disaster recovery solutions. Since the cost of downtime is nearly 50 times higher than the average ransom required in 2020, the ability to quickly recover from an attack is imperative. By preparing, organizations can rest assured that when an attack occurs, they are equipped with a “legion of courage” that can detect, respond, and recover in time.
Unlike Dorothy’s nightmare, threat actors (evil witches) and ransomware attacks (flying monkeys) are not only present in our nightmares. They are real and will continue to exploit the disadvantaged groups. The MSP and SMB, which prioritize people (heart), process (brain) and technology (courage), will be equipped with the necessary cyber security and powerful functions to achieve the gold standard of cyber resilience and achieve the best detection, response and recovery of current events When it happens.
As the Chief Information Security Officer (CISO), Ryan Weeks is responsible for directing and managing Datto’s information security program. Ryan spent 11 years at FactSet Research Systems protecting enterprise applications, systems, and sensitive customer financial data, where he… View full bio