In collaboration with the cybersecurity advisory board, the US government has published a guidance report for Managed Service Providers to strengthen their cyber defenses.
Cyber-attacks are becoming more sophisticated than ever before. While all organizations are under constant threat of cyber-attacks, MSPs have emerged as a prime target for cybercriminals. Fire Eyes has recently released guidance on how and why MSPs should bolster their defense systems. Not only that, but the Biden Administration has also warned against the increased potential of cyber-attacks.
CISA, alongside National Security Agency (NSA), FBI, and cybersecurity authorities from the United Kingdom, Australia, Canada, and New Zealand, have warned MSPs to have strict measures to mitigate the risk of falling victim to a cyber-attack. With inputs from multiple leaders from the UK, Australia, Canada, New Zealand, and the US, the NSA recommends below a few steps that can help bolster cyber defenses, including
- Identifying and terminating dormant accounts.
- Executing and enforcing multi-factor authentication on various accounts.
- Ensuring the contracts are in place highlights who owns what is responsible for securing data.
Not only that, but the joint advisory also recommends several actions for MSPs to enable monitoring, logging and secure remote access applications. Furthermore, the advisory expects the MSPs to develop and exercise incident response and recovery plans and understand and proactively manage supply chain risk.
The joint advisory warns MSPs’ customers to ensure their contractual obligations outline that their MSP apply the measures and controls recommended by the advisory, including implementing resources to protect initial compromise attack methods from vulnerable devices, internet-facing services, brute force, and password spraying as well as phishing.
The NSA believes that the joint guidance from cybersecurity advisory boards will assist MSPs and customers in engaging in a meaningful conversation on the responsibilities of securing networks and data. The recommendations actions also include preventive measures for initial compromises and managing account authentication and authorization.
“The latest advisory on from Five Eyes reiterates the need to protect organizations and MSPs against supply chain attacks,” says Dave Mackinnon, CSO, N-able. He added, “MSPs have already worked tirelessly through a pandemic to protect their customers. Unfortunately, the cyber-criminals they’re protecting against continue to work just as hard to attack them. Our research has found that 9 in 10 MSPs have experienced a successful cyber-attack in the last 18 months with, not surprisingly, some of the most common attacks being phishing, vulnerability exploitation, and credential abuse.”
“I’m sure that MSPs will follow the government’s advice in bolstering their cybersecurity over the next few months, but security is a team sport. The MSP community must communicate with their partners and clients about improving their security internally and share information collaboratively across the space. Supply chain attacks cannot thrive if everyone communicates and understand the role that they can play.”