Interview
looking for security awareness training, vulnerability, and device management tools, which led them to us. We started out providing Virtual IT with our cyber risk management platform, including Active Protect and compliance with Government standards, and our relationship has grown from there.
How has your relationship developed over the years working together? JS: Back in 2019, Cyber Essentials certification started becoming mandatory for many of our clients. Te CyberSmart Dashboard and its easy-to-use CE Q&A framework proved invaluable. Many clients not only want to achieve certification but also maintain their security posture throughout the certification period. CyberSmart supports this by providing regular updates, including a concise Monday morning report, allowing our clients to see at a glance that their security is in check—or flagging issues if they arise.
JA: James told us recently that CyberSmart has become ‘the backbone’ of Virtual IT’s cybersecurity offering to clients. We’re delighted to hear that as our goal has always been to provide partners with everything they need to deliver cyber confidence to their clients, and in turn, protect more and more small businesses. As our relationship with Virtual IT has grown, they’ve become
one of our most valued partners. James and the team are always a great sounding board for new solutions and product development, they strongly believe in CyberSmart’s mission.
What are the specific challenges both of your organisations face when attempting to support SMEs with their cybersecurity infrastructure? JS: Te primary challenge is that many SMEs have varying levels of knowledge around IT security and compliance. Tis oſten requires us to provide continuous support and alerting, as well as offering swiſt, cost-effective remediation options. Importantly, these solutions need to be both compliant and minimally disruptive, allowing our clients to continue their day-to-day operations without unnecessary interference.
JA: In our case, it’s probably getting SMEs to think about their cybersecurity holistically. We use a framework called Complete Cyber Confidence. In essence, it means an organisation trusts its ability to protect digital assets, data, and systems from unauthorised access, cyberattacks, and data breaches. Tis approach goes beyond compliance with regulations to
include continuous monitoring, risk management, staff awareness training and breach response and recovery. Educating SMEs and their partners on the importance of proactive security measures is crucial.
How and why has the role of an MSP changed to incorporate more cybersecurity-focused support? JA: Customer demand has driven this change.. Awareness of cyber threats has increased significantly, leading small business leaders to seek more cybersecurity support from their managed service providers (MSPs). Indeed, a survey we conducted recently backs this up. We found that 65% of MSP customers we surveyed now expect their provider
62 | November/December 2024
to manage either their cybersecurity infrastructure or both their cybersecurity and IT infrastructure. We view it as a huge growth opportunity for all MSPs ready to
take it. JS: In March 2020, when the pandemic hit, our role as an MSP with MSSP enhancements became even more critical. With everyone working remotely, we faced the challenge of securing thousands of devices that were suddenly exposed to higher security risks. CyberSmart’s MDM (Monitor Device and Manage) solution
played a vital role by continuously monitoring and flagging vulnerabilities—like improper use of admin accounts, phishing threats, and ransomware risks. Tanks to this, we have evolved into a ‘Security First’ MSP, with cybersecurity being at the forefront of our services.
Has the cybersecurity market historically failed MSPs? And what improvements have you both seen in recent years? JS: I would not say cybersecurity failed MSPs, but perhaps the reverse. Many MSPs failed to place IT security and compliance at the forefront of their offerings. Tere is an old saying: “Evolve or die!” It is a bold statement, but it is true. If you are not incorporating cybersecurity to proactively protect your clients, you are not a true MSSP. Instead, you are just reselling technology without adding value.
JA: MSPs form the backbone of the UK IT ecosystem. According to DSIT, MSPs were worth £52.6 billion to the UK economy in 2022 alone. Unfortunately, cybercriminals know this too. MSPs, due to the levels of privileged access they will have to
multiple companies, have become a key target for cybercriminals. In fact, our research revealed that 87% had experienced at least one data breach in the past 12 months, with 16% indicating they had experienced more than 5 incidents in the same timeframe. Tis, coupled with the fact they are responsible for the IT
infrastructure of companies without IT or security resources, suggests that more needs to be done to help MSPs protect themselves and their customers. It’s paramount that security providers work closer with them to protect the £ 5.5 million SMEs who in many cases turn to MSPs to keep them safe. Failure to do this could be existential for many of their customers.” However, while there’s a large role for security platforms like
CyberSmart to play, we can’t do it alone. We’d like to see greater state support for MSPs and their customers alongside the efforts of security providers.
How do you see the future evolving? JS: Te threat landscape is evolving rapidly, both in the physical and digital worlds. From threats like ‘exploding pagers’ to AI- driven deep fakes, security challenges are growing in complexity. Compliance requirements are also expanding, as we are seeing with frameworks like Cyber Essentials, DORA, and ISO27001. Tese mandates emphasise the need for incident response,
security awareness training, and services like PTaaS (Penetration Testing as a Service). But none of this is achievable without a solid foundation. Tat is where CyberSmart excels—it offers daily monitoring and ensures our clients remain compliant with evolving standards like Cyber Essentials and CE Plus.
www.pcr-online.biz
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42 |
Page 43 |
Page 44 |
Page 45 |
Page 46 |
Page 47 |
Page 48 |
Page 49 |
Page 50 |
Page 51 |
Page 52 |
Page 53 |
Page 54 |
Page 55 |
Page 56 |
Page 57 |
Page 58 |
Page 59 |
Page 60 |
Page 61 |
Page 62 |
Page 63 |
Page 64
