TubbTalk 143: How to Navigate the Cybersecurity Landscape: A Comprehensive Guide for MSPs - Tubblog: The Hub for MSPs

TubbTalk 143: How to Navigate the Cybersecurity Landscape: A Comprehensive Guide for MSPs

TubbTalk 143: How to Navigate the Cybersecurity Landscape: A Comprehensive Guide for MSPs image

This podcast episode was originally recorded live as a chat between Richard Tubb, Dray Agha and Joe Burns on the topic of cybersecurity. Dray is UK manager for threat operations for Huntress, a managed cybersecurity platform.

Joe is the owner of Reformed IT, an MSP based in the East Midlands. He’s also a Huntress customer, using their outsourced SOC services. They both generously gave up their time for this TubbTalk Live show.

An Interview with Dray Agha and Joe Burns

 

Watch the Video of the Interview

The Huntress Approach to 24/7 Cybersecurity Support

If a business decides to outsource their SOC (security operations centre), then having 24/7 support is essential. It’s impractical for a company to provide this just with local staff.

So, Dray explains: “We have people in the UK, Australia and North America. And what’s cool is we don’t let anyone work outside of 8-4 hours. We don’t want analysts experiencing burnout, so we try to follow the sun and let them do normal hours.

“For me, I don’t want anyone working until 3am to resolve a problem. So international staff is key. But I also want customers to get the Huntress experience regardless of where those analysts are. And we achieve that by immersing employees in the team culture so it’s consistent.

How to Assess Your Cybersecurity Systems

Joe explains that because cybersecurity is a priority for Reformed IT, they make sure that everything they use for their clients they also use. “So our stack is made up of those same tools. We’ve been able to use them to resolve major breaches for clients.

“Of course, nobody is 100% secure, but it’s in our best interest to look at all the potential risks. And then work out how you can mitigate it. Which tools do you need, and what control measures should you put in place?

“But you have to really understand the risk before you can defend against it. Personally, I want to work out how hackers get in. Because once you know that, you can control risks. It’s an evolving cycle of checking and testing.”

How can #MSPs assess their own #cybersecurity systems? Joe Burns of Reformed IT shares his tips with Richard Tubb. Click to Tweet

How Huntress Support Their Clients to do Cybersecurity Better

Firstly, Dray says Huntress encourage MSPs to protect their own internal assets. One way to do this is through the free Neighbourhood Watch tool that they have. This allows them to quickly identify problems.

“We’re quite good at figuring out when something’s misconfigured. During an intrusion we’ve often pointed things out to a partner and suggested they fix it. And offer support to do that, too.

“We always try to iterate and become better. Sometimes that means coming up with a solution at the point we notice a threat. For instance, we spotted adversaries looking for passwords.

“So we reverse engineered our agent to collect password files and secure them. We didn’t look at them, but we told the partner about it. We want them to be proactive with their defence.”

Understanding Session Hijacking

Joe says that session hijacking is a big thing that the MSP community is seeing at the moment. “I’ll give you an example to help you understand it. One of our clients is based in Nottingham.

“We got a notification to say that they had just signed into Office in Switzerland. We contacted them to make sure they weren’t using a VPN. They had, however, received an email which they clicked on. So the hacker had used it to gain access to their Microsoft mailbox.

“I always recommend multi-factor authentication (MFA). But imagine you go to a festival, they scan your ticket and give you a wristband. As long as you wear it, you can come and go all day. The same applies when you sign into a website, even with MFA. So MSPs need to help clients to lock things down.”

Want to be better with your own #cybersecurity? Dray Agha of @HuntressLabs says the key is to be proactive and iterative. Click to Tweet

The Importance of Conditional Access Policies

Dray and Joe both agreed that conditional access policies are essential, and the more complex the better. Dray explains: “Say you only use Chromebooks. You can create a policy that only lets Chromebooks access your networks.

“They’re great for frustrating adversaries, but not enough people are using them. One reason they’re so good is because even if the hacker has the right password, they’re still denied access.

“These are cheap obstacles you can put in the way to make things harder for the cybercriminals. And you’ll also get notifications when an attempt is made, which can help to strengthen weak points.”

Why Government Involvement can Help Regulate MSP Cybersecurity

Joe says that he’s in favour because MSPs are in a powerful position. “For instance, we’ve got clients involved in extensive supply chains. So the more protection they have, the better.”

Dray adds: “IT is a sort of governing entity, and it’s so important. That’s things like national infrastructure – electricity, water and so on. We need to protect against aggressive nation states. And we also need to protect our clients from cowboy IT providers.

“And on top of that, companies, schools and hospitals are being ransomed. The more stringent the IT regulation, the better. The only thing I’d add is that the MSP and IT community need to be involved in defining those regulations.”

How to Connect With Dray and Joe

How to Connect With Me

Mentioned in This Episode

You Might Also be Interested in

RICHARD TUBB

Richard Tubb is one of the best-known experts within the global IT Managed Service Provider (MSP) community. He launched and sold his own MSP business before creating a leading MSP media and consultancy practice. Richard helps IT business owner’s take back control by freeing up their time and building a business that can run without them. He’s the author of the book “The IT Business Owner’s Survival Guide” and writer of the award-winning blog www.tubblog.co.uk

All Posts

You might like:

TubbTalk 151: How to Uncover Cutting Edge Cybersecurity Solutions for MSPs image

TubbTalk 151: How to Uncover Cutting Edge Cybersecurity Solutions for MSPs

Podcasts | By Richard Tubb
TubbTalk Travelogue: MSP Show & SuperOps SuperSummit 2024 image

TubbTalk Travelogue: MSP Show & SuperOps SuperSummit 2024

Events | By Richard Tubb
TubbTalk 150: 25 Years an MSP – Valuable Lessons You Learn from Longevity image

TubbTalk 150: 25 Years an MSP – Valuable Lessons You Learn from Longevity

Podcasts | By Richard Tubb
TubbTalk Bonusode: How One MSP Expert Overcame Imposter Syndrome For International Success image

TubbTalk Bonusode: How One MSP Expert Overcame Imposter Syndrome For International Success

Podcasts | By Richard Tubb
TubbTalk 149: Why You Need to Know the Process of Process for MSP Growth image

TubbTalk 149: Why You Need to Know the Process of Process for MSP Growth

Podcasts | By Richard Tubb
TubbTalk Travelogue: Channel Live & UpLift Live 2024 image

TubbTalk Travelogue: Channel Live & UpLift Live 2024

Events | By Richard Tubb
TubbTalk 148: How High Performing MSPs Leverage People Power for Success image

TubbTalk 148: How High Performing MSPs Leverage People Power for Success

Podcasts | By Richard Tubb
TubbTalk Bonusode: The Cloud & Cybersecurity Expo: What’s New for MSPs? image

TubbTalk Bonusode: The Cloud & Cybersecurity Expo: What’s New for MSPs?

Podcasts | By Richard Tubb
TubbTalk Travelogue: The Cloud & Cybersecurity Expo 2024 image

TubbTalk Travelogue: The Cloud & Cybersecurity Expo 2024

Events | By Richard Tubb
TubbTalk 147: One Woman in Tech’s Remarkable Journey from MSP to Community Manager image

TubbTalk 147: One Woman in Tech’s Remarkable Journey from MSP to Community Manager

Podcasts | By Richard Tubb
TubbTalk 146: Growth and Success Advice from The Wizard of MSP Data Migrations image

TubbTalk 146: Growth and Success Advice from The Wizard of MSP Data Migrations

Podcasts | By Richard Tubb
TubbTalk 145: The Tech Nerd’s Ultimate Guide To IT Career Success image

TubbTalk 145: The Tech Nerd’s Ultimate Guide To IT Career Success

Podcasts | By Richard Tubb

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Share via
Send this to a friend