The amount of discussion in the channel (and outside) concerning the targeting of managed service providers by cyber criminals has increased in the last year. While this is an important topic, I fear that the true meaning of this discussion has been lost and must be regained by the professional managed services community. Here are my reasons for saying this.
MSPs Being Targeted
It was a matter of time before MSPs became vulnerable to the cyber attacks which have been affecting the global marketplace for the last several years. As a matter of statistics, randomized malware attacks were bound to impact MSPs eventually.
Customers Are the Real Target
But, let us not forget that when MSPs are attacked or breached, it is the underlying customer which is the real target. MSPs stand in front of their customers to protect them from bad people and organizations. Protecting end-user organizations is a very important, but also a risky place to be.
MSPs consult, advise, and monitor their customer environments. This proximate activity with customer organizations makes the MSP both a potential victim of collateral damage, as well as the prime target for getting to the customer.
Customers Are NOT Better Off Without MSPs
However you view this relationship, the customer is always the target and is much better off with the MSP than without one. It would be like saying your front door was kicked in by an intruder; therefore, get rid of your door. This is a patently ridiculous analogy, but you get my point.
Most customers would be far more vulnerable to cyber attacks without an MSP monitoring and protecting them. To the extent that we see cybercriminals aiming their sites at the MSP, we must acknowledge this reality and respond to it. Ignoring what is happening is not an option.
MSPs must internally harden their facilities, systems, and networks. Training must be a regular and ongoing occurrence within the MSP organization. As threats evolve, so must the defenses to those threats adapt.
Most importantly, however, is MSPs must talk with their customers and describe accurately what is happening. MSPs being attacked is a symptom of the risk for all companies, not just the MSP community. The sooner we realize this, the quicker we can respond and mount an effective defense.