Happy Friday, readers.
On MSP Today, we often discuss the new solutions and technologies being introduced to help organizations with IT operations and high-level security matters. For example, Cyolo PRO was recently introduced as an “AI-powered supervision capability that simplifies the oversight process while enhancing security and operational efficiency.”
Then there is CrowdStrike, which recently expanded its Marketplace to broaden the Marketplace Private Offer program. TD SYNNEX also recently launched a new solution. Destination AI Practice Accelerator helps partners accelerate their AI-focused go-to-market strategies and monetize their solutions more effectively.
And sure, these solutions will be helpful. Still, it’s always a good idea to look from the perspective of organizations who are actually utilizing these solutions. Therefore, let’s look at a few reports that give us a better idea of the state of IT challenges and security events that confront organizations worldwide.
Mass Scanning Attacks Increase
The Fastly Threat Insights Report revealed an increase in mass scanning attacks, with 91% of attacks targeting multiple customers. Bots now account for over one-third of internet traffic, while out-of-band domains have been used to exploit WordPress Plugin CVEs. Attackers are using short-lived IP addresses to evade detection.
The report also showed that the high-tech industry remains the top target for attacks, although slightly down from last year.
AI Adoption Without Security?
The Orca Security 2024 State of AI Security Report showed growing risks associated with organizations' rapid adoption of AI without prioritizing security. The report reveals that many organizations neglect basic security measures, such as disabling default root access and using secure encryption settings. These oversights create vulnerabilities that can be exploited by malicious actors. Key findings include the widespread use of AI packages with known vulnerabilities, the reliance on default settings and the lack of proper encryption for sensitive data.
Microsoft 365 Domains See Increase in Disaster Recovery Events
N-able reports an increase in Microsoft 365 backups and disaster recovery events among its partners. This surge is driven by the rising threat of cyberattacks, which has seen a 46% increase in 2024 compared to the previous year.
N-able's Cove Data Protection solution has been instrumental in helping MSPs address this growing need. The company has experienced a 56% increase in disaster recovery events related to Microsoft 365 domains and has seen a rise in the number of MSPs offering backup services for Microsoft 365. This trend is indicative of the increasing importance of data protection in today's digital landscape.
Cybersecurity an Afterthought for Some?
The LevelBlue 2024 Futures Reports: Cyber Resilience in Manufacturing and Transportation show challenges faced by these industries in balancing technological innovation with cybersecurity resilience. While organizations are increasingly willing to accept risks for the sake of innovation, cybersecurity is often overlooked in corporate-level decision-making. This leads to a lack of cyber resilience, despite the potential for significant financial loss and operational disruption.
The reports also showed that cybersecurity teams are often solely responsible for cyber resilience, while broader enterprise-wide collaboration is lacking. Additionally, organizations are cautious about adopting artificial intelligence and struggling to find external guidance for digital transformation. To address these issues, LevelBlue recommends identifying primary barriers, adopting a secure-by-design approach, aligning cyber investment with business goals, building a support ecosystem and transforming cybersecurity strategies.
Critical Gaps in Non-Human Identity Protection
The Cloud Security Alliance (CSA) and Astrix Security recently conducted a survey to assess the state of non-human identity (NHI) security. The findings found a gap between organizations' ability to secure NHIs compared to human identities. Common challenges include service account management and NHI discovery. Despite these challenges, there is a growing recognition of the importance of NHI security, with 1 in 4 organizations already investing in these capabilities and an additional 60% planning to do so within the next year.
There is also an increasing prevalence of NHI attacks, with nearly 1 in 5 organizations experiencing a security incident related to NHIs. The most common causes of these attacks were lack of credential rotation, inadequate monitoring and logging, and over-privileged accounts.
Additionally, organizations struggle with fundamental security practices related to NHIs, such as auditing and monitoring, access and privileges, NHI discovery, and policy reinforcement.
If you want to understand more about the trends circulating the MSP space (and hear from experts in the industry), don’t miss MSP Expo 2025.
Taking place February 11-13, 2025 in Fort Lauderdale, Florida, MSP Expo is the premier event for MSPs, offering a three-day experience combining conference education focused on growth strategies, networking opportunities, an exhibit hall full of the latest technologies and solutions to help MSPs build their businesses.
Edited by
Alex Passett
