Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for Changes in the MSP m ...

 Business

For the vast majority of companies, the global COVID-19 pandemic has caused dramatic changes in working processes. But few sectors were affected quite as much as the MSP market. Businesses of all sizes faced the need to implement new solutions and services. Moreover, they needed to implement them quickly — often   show more ...

doing so without the necessary resources or expertise. Therefore, even those who previously preferred to rely solely on internal staff, were forced to consider employing external assistance — thats where managed service providers (MSPs) came in. MSP and MSSP market growth All this activity has led to an increase in demand and, as a result, growth to the MSP market. Security services were especially in demand, because at the very beginning of the pandemic, after the outbreak of remote services related cyberattacks, it became obvious that to protect the new distributed corporate infrastructure, companies needed to implement new security mechanisms in order to keep their networks secure. According to our MSP market focus in 2021 research, 81% of MSP report an increase in their customer base compared to 2019. Among MSSP, this figure is even higher — 91%. The same trend is noted by Canalys analysts. According to their forecasts, the results of 2021 show continued growth of the MSP market — in Europe alone, they expect an increase in market volume from $79 billion in 2020 to $92 billion in 2021. Expanding cybersecurity services portfolio More and more MSPs are expanding their portfolio with security services. Interestingly, the reason for this isnt due only to an increase of demand from their clients, but also due to the development of MSPs internal expertise in the security field. Worryingly, the growing role of MSPs was noticed not only by market analysts, but also by cybercriminals. Now criminals are increasingly targeting MSPs which allows them to implement supply chain attack scenarios — by compromising the providers infrastructure, criminals are able to gain access to the MSPs clients, thus increasing their potential revenue. The most vivid example of such an attack is SolarWinds. In our MSP market focus in 2021 report we dedicated a whole section to the learnings of this incident. According to Canalys research, attacks on MSPs forced almost two-thirds of market participants to revise their security processes and technologies they invested in. By and large, companies now need to become their own MSSP in order to efficiently and securely deliver services to their clients. Canalys analysts also proposed ten steps an MSP needs for more secure practices. Five steps relate to necessary process changes, whilst the other five require certain technological changes. Analysts believe that from a process perspective, providers need to: Prioritize the security elements of a portfolio Assume they are already under attack Stay up to date with the latest patches Proactive training for employees and customers Audit all internal tools and service level agreements From a technological point of view, Canalys experts advise: Enforce MFA for all remote logins Always use secure network and system infrastructure Restrict admin access during remote logins Create least privilege access for resources Upgrade networking tools for hybrid working For the report on the results of the MSP market focus in 2021 study, please visit a page on our blog. The two parts of the Canalys report, Building managed services for security and Being a trusted advisor', are available here.

 Malware and Vulnerabilities

Symantec has reported a link between Thieflock and Yanluowang ransomware operations. The latter recently picked up its pace to target financial companies in the U.S. Researchers believe that the attackers are highly attack-oriented because the ransomware behavior hasn’t altered since its discovery.

 Feed

Apple reportedly notified several U.S. Embassy and State Department employees that their iPhones may have been targeted by an unknown assailant using state-sponsored spyware created by the controversial Israeli company NSO Group, according to multiple reports from Reuters and The Washington Post. At least 11 U.S. Embassy officials stationed in Uganda or focusing on issues pertaining to the

 Feed

Enterprise software provider Zoho on Friday warned that a newly patched critical flaw in its Desktop Central and Desktop Central MSP is being actively exploited by malicious actors, marking the third security vulnerability in its products to be abused in the wild in a span of four months. <!--adsense--> The issue, assigned the identifier CVE-2021-44515, is an authentication bypass vulnerability

2021-12
Aggregator history
Saturday, December 04
WED
THU
FRI
SAT
SUN
MON
TUE
DecemberJanuaryFebruary