ICYMI: What's Buzzing in the MSP Space

ICYMI: What's Buzzing in the MSP Space

By Greg Tavarez

On MSP Today, we often talk about the products and solutions MSPs utilize to help their clients combat cyberattacks. Josys simplified client SaaS management with its new portal. CyberArk took the initiative to strengthen identity security for all,

These solutions are great. But that doesn’t quite give all the insight needed to see how these solutions actually help security teams, if they do at all. It begs questions like "Are security teams confident?" and "Are they pushing back attackers and gaining an edge over the fight?"

With that, we’ll look at reports that give a better understanding of what is happening on the field against cyber threats, and what MSPs can offer to continue to assist their clients.

Let’s find out:

Bitwarden Finds Weak Password Habits are Widespread

Weak password habits are widespread. In fact, according to a recent Bitwarden survey, over a third of U.S. respondents reuse passwords and use personal information in them. Many rely on memory or pen and paper for password storage. The survey also found discrepancy between confidence and behavior. Many feel confident in identifying phishing attacks but still use risky password practices.

Lastly, the survey revealed that password managers show promise. Users with password managers report increased security awareness.

Attackers are More Sophisticated, According to DirectDefense

The DirectDefense 2023 Security Operations Threat Report found that attackers are getting more sophisticated. Abusing the likes of MFA and social engineering are on the rise. Single sign-on and multi-cloud vulnerabilities are also exploited.

And new threats are expected to emerge in 2024.

SIM swapping bypasses MFA, attackers take over phone numbers for access, and Generative AI  (GenAI) personalizes social engineering attacks, making them more believable. Compromised AI tools can be used to gain network access. Attackers avoid endpoints and go directly after cloud environments. Infiltrating incident response hinders recovery efforts.

Use AI to Combat Cyber Risks

Despite feeling confident in their cybersecurity abilities, organizations are struggling to keep up with the increasing threats. A report by ExtraHop found that ransomware attacks are on the rise, with almost half of respondents admitting to using insecure protocols hackers target. The financial impact is significant, with organizations paying millions in ransoms and experiencing lengthy downtime after attacks.

There are several factors hindering effective cybersecurity practices, including outdated technology, lack of skilled personnel, and misalignment between IT and business teams. To address these challenges, many organizations are looking to AI and machine learning as a potential solution for managing and reducing cyber risks.

IT and Business Services Market Sees Moderate Growth

According to the IDC Worldwide Semiannual Services Tracker, revenue grew 4.6% in 2023, slightly exceeding forecasts. Cloud and digital transformation services drove the growth, with managed services leading the way.

The market is expected to continue moderate growth in 2024. Growth is projected at 4.7%, driven by demand for innovative services. To close out, the focus on security, cloud and intelligent automation is expected to continue.

SMBs Spending More on Cybersecurity

Small and medium-sized businesses are putting more effort into cybersecurity, but there are still weaknesses. A survey by LastPass found that many SMBs lack awareness and training, and their employees don't always follow security policies. This is despite a rise in cyberattacks targeting SMBs.

On the positive side, SMBs are spending more money on cybersecurity and using password managers more often. However, there's a gap between how confident leaders are in their cybersecurity and reality. For example, many leaders believe their employees understand security procedures, but there's evidence employees are breaking the rules.

NOVIPRO Group and Léger Reveal Growing Awareness of Cybersecurity Threats

The IT Trends Report by NOVIPRO Group and Léger reveals both growing awareness of cybersecurity threats and a concerning lack of action to address them. While 61% of companies reviewed their data security practices due to cyber breaches, many haven't implemented basic protections or provided employee training. There is a positive shift though, with more businesses planning investments in security solutions and training in the next two years.

The report also highlights a return to growth in IT investments overall, with 80% of Canadian businesses planning significant spending. Companies recognize the importance of AI and data analytics, but there's still a gap between awareness and implementation. Budgetary constraints are a major hurdle, forcing companies to focus on maintaining existing systems rather than investing in cutting-edge solutions or strategic IT teams. This could make it difficult for Canadian businesses to stay competitive in the long run.

Phishing Attacks Soar Nearly 60% in 2023

Phishing attacks are on the rise, with a nearly 60% increase observed in 2023 according to the Zscaler ThreatLabz 2024 Phishing Report. This surge is partly due to the use of advanced AI techniques like voice phishing and deepfakes. The report analyzes data from billions of blocked phishing transactions and offers insights into phishing activity and best practices for organizations to defend themselves.

The report found North America to be the most targeted region, with the U.S. leading the pack. The financial industry saw the biggest increase in attacks (almost 400%), likely due to its reliance on digital platforms. Manufacturing also saw a significant rise. Microsoft was the most impersonated brand, followed by its products OneDrive and SharePoint. The report recommends a Zero Trust security architecture with AI-powered phishing prevention to mitigate these threats.

As many of you can see, there’s a lot going on around the MSP space, specifically when it comes to security. It will be interesting to see how much of a factor AI becomes for defenders and attackers alike.

Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

MSPToday Editor

Related Articles

MSP Expo Sponsor Wildix Launches E-Learning Platform

By: Greg Tavarez    6/24/2024

MSP Expo sponsor Wildix launched its new e-learning platform designed to enhance training and certification processes for MSPs and system integrators.

Read More

Strategizing to Strengthen Asset Intelligence Capabilities, Courtesy of Sevco Security and GuidePoint Security Partnership

By: Alex Passett    6/24/2024

Last week, a new strategic reseller partnership was announced between Sevco Security and GuidePoint Security.

Read More

SUSE Launches Cloud Elevate Program

By: Stefania Viscusi    6/24/2024

SUSE announced a new SUSE One Cloud Elevate Program, designed to empower SUSE One partners to sell SUSE's open-source solutions more effectively.

Read More

What You Need to Know About KnowBe4's New PhishER Plus Threat Intel

By: Alex Passett    6/20/2024

Renowned phishing awareness company KnowBe4 is rolling out additional features for its PhishER Plus offering - PhishER Plus Threat Intel packs one hec…

Read More

DataStrike Acquires MiCORE, Creating SMB Data Infrastructure Powerhouse

By: Greg Tavarez    6/18/2024

DataStrike recently completed the acquisition of MiCORE in a transaction that will form a large MSP specializing in data infrastructure services for S…

Read More