Share this article on:
Managed Service Providers (MSPs) are attractive targets for cybercriminals. They typically have privileged access to their clients’ networks, so a cyberattack on a single MSP can see the attacker gain access to the systems of many, if not all, of their clients.
The recent Kaseya supply chain attack showed just how serious such an attack can be. An REvil ransomware affiliate gained access to Kaseya systems, through which it was possible to access the systems and encrypt data of around 60 of its customers, many of which are MSPs. Through those MSP customers, ransomware was deployed on up to 1,500 downstream businesses.
Small- and mid-sized businesses often do not have staff to manage their own IT systems or may lack the skills or hardware to store sensitive data and support sensitive processes. Many turn to MSPs to provide that expertise. It is often more cost effective for SMBs to scale and support their network environments using MSPs rather than manage their resources themselves.
Outsourcing IT or security functions to an MSP introduces risks, which need to be mitigated by SMBs. MSPs also need to implement safeguards to prevent their networks from being accessed and to limit the harm caused to their customers should their perimeter defenses be breached.
On July 14, 2021, The DHS’ Cybersecurity and Infrastructure Security Agency (CISA) published guidance to help MSPs and SMBs strengthen their defenses to improve resilience to cyberattacks and limit the harm caused should such an attack succeed.
The CISA Insights report provides mitigations and hardening guidance for MSPs and SMBs, outlining important steps that should be taken to protect MSP network assets and those of their customers to reduce the risk of successful cyberattacks.
The guidance document – CISA Insights: Guidance for Managed Service Providers (MSPs) and Small- and Mid-sized Businesses – is available for download here.(PDF)