search.noResults

search.searching

saml.title
dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
Security Within EMEA, supply chain attacks are also something to be aware


of, highlighting the need for businesses to do their due diligence and properly vet suppliers and their associated supply chains. Unfortunately, external threats are not the only vector that


MSPs need to be wary of. Insider threats accounted for 35% of all unauthorised access threat incidents in the third quarter of 2022. Tese types of attacks pose significant danger to MSPs as the insider already has access to internal systems. Tis allows employees to potentially steal, disrupt or share sensitive data - not always intentionally - without the detection of security measures. Te consequences of any breach, accidental or intentional, can be


catastrophic; especially if the Information Commissioner’s Office (ICO) feels the victim has not taken adequate steps to secure their business. It can incur heavy financial costs, in-depth regulatory investigations, significant reputational damage, and a loss of customer trust.


Building a strong foundation A robust cybersecurity setup is vital to mitigating risk. When it comes to fighting external attacks, cloud backup and recovery solutions can help MSPs against ransomware by offering more protection to their own data as well as their customers’. If an MSP’s business environment is thoroughly protected, their clients’ data is also less likely to be breached. When a ransomware attack occurs, MSPs can quickly recover backed-up information within seconds of the attack and MSPs can continue operating with clean data. Although new threats will most likely come from AI in the future, it’s


important to note that we are currently dealing with the same threats, which are simply becoming more powerful through AI. It is also important to highlight the role of AI in fighting cybercrime. AI can be an amazing force for good; for example, security solutions use machine learning to run millions of possible scenarios to flag potential malware and new threats. Of course, there is merit to not being breached in the first place.


In terms of current and rapidly evolving cybersecurity threats


MSPs need to be aware of, one of the most pressing challenges is credential threat. Since the launch of ChatGPT in November 2022, vishing, smishing, and phishing attacks have increased by 1,265%. Once stolen, credentials can be used many times to break into systems, perform social engineering and facilitate many other scams and crimes. MSPs must ensure clients understand the significance of this


threat. Tey should insist that clients use password managers, set up multi-factor authentication (MFA) on all systems, and consider going further with single sign-on (SSO) or biometric-controlled systems. Spear phishing and phishing are the number one attack vectors that cybercriminals use to gain credentials, and yet we still see a lot of businesses without sufficient knowledge or protection. Although AI itself, and platforms such as ChatGPT, is not the


threat in and of itself; it does add fuel to the fire. AI helps make phishing emails completely believable, enables deep fake videos and voice calls in social engineering, and allows criminals to exploit soſtware vulnerabilities faster. Te cyberthreats themselves will not change, but AI will make them more efficient, accessible, and believable.


www.pcr-online.biz


With robust endpoint protection, MSPs can prevent cyberattacks altogether. Solutions such as threat intelligence automation and Endpoint Protection and Response (EDR) allow for the detection of more advanced threats such as file-less malware attacks, deflecting them away from endpoints. To minimise insider threat, MSPs need to regularly conduct audits


and reviews to detect and mitigate potential internal threats. As with most organisational challenges, education is key to reducing cybersecurity risks - both internally and externally. Specialised training for end-users on understanding threats and learning how to spot signs of an attack will better equip MSPs to prevent risk altogether. Most internal threats result from employees opening phishing emails


and according to Statista, the soſtware services industry was the second most targeted sector for these types of attacks in the fourth quarter of 2022. Implementing email filtering is a simple, yet effective, solution to deflecting any unwanted emails and can play an important role in preventing attacks. Te rising complexity of cyberattacks has only increased the risk


to MSPs. By going back to the basics, implementing measures such as password management tools, cloud backup solutions, and specialised training, MSPs will become more secure, paving the way for a brighter, safer future.


July/August 2024 | 29


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52