National Computer Security Day: How to Keep Your MSP Clients Safe

As today is National Computer Security Day, following on from Cyber Monday, I thought it would be a good opportunity to share top tips. I’ve pulled together some advice from my TubbTalk guests, who are all experts in their fields.

We’re looking at what you can do to keep your MSP clients safe and encourage them into best practices. We also reflect on the importance of training, and why you need to be proactive.

But first, what is National Computer Security Day? The awareness day was first marked in 1988, after ARPANET, the precursor to the internet, was attacked. This affected 10% of connected computers, so making people aware of security seemed sensible.

As well as raising awareness of cybersecurity and the very real threat of hacking, the day also encourages people to think more carefully about their online security. That includes things like passwords, sharing personal information and credit card details.

Advice on Staying Safe for National Computer Security Day

The Future of CyberSecurity for MSPs

(TubbTalk 78.5 with Rafi Ozick of Privatise)

In the wake of the Covid pandemic, more employees are working from home than ever before. The MSP is responsible for ensuring the security of office and home based staff, as well as those who adopt the hybrid model. The MSP is also the gateway to hackers gaining access to all of their clients, so they need to reduce their own vulnerabilities.

Hybrid working is the future. Rafi explains that remote work and cybersecurity isn’t just a growth area anymore, but a survival factor. “The big growth factor in cybersecurity is really securing people who are not necessarily in the office or software based.”

Privatise offer a full stack network security solution for MSPs.

Why MSPs Fail at Security Before a Breach Even Happens

(TubbTalk 90 with Ian Thornton-Trump)

MSPs work on both preventative and reactive measures when it comes to cybersecurity, but the focus tends to be on reacting. Ian says the sooner you detect a breach, the less it will cost the client.

“Instead of reacting when the customer has a ransomware attack, what can you do to anticipate it and prevent it happening?

“Listen to what’s being talked about, pay attention to how other businesses are getting hurt and don’t let that happen to your businesses.” 

Ian Thornton-Trump is CSO of Cyjax, a threat intelligence and cybersecurity company

How MSPs can Educate Their Clients about Ransomware Security

(TubbTalk 91 with Fabian Wosar)

Education is difficult, says Fabian. “If we could figure out effective ways to do it, then ransomware would be much less of an issue than it is. There are lots of resources you can use and share with your clients.”

Fabian also recommends supporting clients to build a playbook to outline how they would respond to a cyber hack. Having that ready will make things less stressful if the worst does happen. 

Fabian Wosar is CTO of Emsisoft, who provide antivirus and antimalware software.

The Consequences of Bad Password Management

(TubbTalk 94 with Chris Tate)

It’s understandable that people use the same password, because they’re difficult to remember, says Chris. To help your clients,  ensure that people use unique passwords for every application and service. “You’re only as secure as your weakest password.”

Chris says that when it comes to password management, MYKI’s competition is not another tool but no password manager at all. They try to educate MSPs, SMBs and end users that they should use some sort of password manager.

Chris Tate is global strategic alliance director at MYKI. They offer a 2FA and password management solution.

Email Security Trends

(TubbTalk 97 with Olesia Klevchuk)

Email threats are increasing in complexity and succeeding quite a lot of times. Hackers have moved from spam and malware to emails that look genuine. They no longer rely on a spray and pray approach – they target an individual.

They’re organised and have a lot of resources at their disposal. “They research their targets carefully. And, the focus is no long getting inside and causing havoc – the hackers want money, and usually a lot of money.” Detection isn’t enough, because one day the email gets through. Then, you need a quick response to the attack. 

Olesia Klevchuk is the Principal Product Marketing Manager for Email Security at Barracuda Networks, a cybersecurity company. 

What are your thoughts on security? What measures do you have in place in your MSP or what will you introduce after reading this post?

Threat Operations Expert

(TubbTalk 138: How to Become the Go-To Threat Operations Expert for MSPs)

Dray Agha, UK Operations Manager at Huntress, a cybersecurity firm dedicated to protecting against hacker threats, shares valuable insights on becoming a go-to expert in threat operations for Managed Service Providers (MSPs).

Dray highlights the significance of prioritising well-being and reducing “noise” in security notifications to enhance the client experience. He also emphasises the three critical areas MSPs should focus on: endpoints, email security, and employee awareness.

He discusses the advantages of outsourcing threat operations while advising on selecting the right partners to ensure a high-quality service. Finally, he touches on the excitement and challenges of working in defensive security, making it clear that the world of cybersecurity is ever-evolving and offers continuous opportunities for learning and growth.

You Might Also be Interested in

• Have I Been Pwned?
• Powerful Insights from the Future of the MSP and Security Survey
• World Password Day: Advice for MSPs

You might like: