Posts Tagged :


Investing in channel support to survive the evolving security landscape

960 640 Stuart O'Brien

Security is a growing concern across every industry, particularly now with the growth of dispersed workforces around the world. Cyberattacks continue to increase and become more sophisticated, with businesses of all sizes needing to invest in the right support. This is even more crucial for small and medium-sized businesses (SMBs), who may lack the adequate internal resources and teams to protect themselves against such threats.

But, by partnering with an established Managed Service Provider (MSP) who can act as a trusted advisor to create a solid cyber security strategy, SMBs can benefit from the knowledge, skills and solutions available within the channel. MSPs, therefore, need to ensure they leverage this opportunity to support their end customers, while businesses crucially make the necessary investment to keep their network, data and people secure, as Mike Foster, Channel Manager, VIPRE, explains…

COVID-19 Transforms the Market

With businesses accelerating their digital transformation during the COVID-19 pandemic to ensure business survival and continuity, there has been a knock-on effect on cybersecurity strategies, which now must be prioritised and invested in. Over the past eighteen months, organisations have had to transition to working securely and efficiently from home, and then splitting their time between the office and remote work, in turn, creating new security challenges. This has demonstrated the crucial need for organisations to become more agile and have the ability to scale both up and down when regional rules change.

The importance of a secure and flexible workforce, one which is protected through layers of security and best practice, is key. This can be executed successfully by identifying existing weaknesses or gaps in infrastructure, which can be easily spotted by channel partners who specialise in cybersecurity. By leaning on an MSP, businesses can benefit from having access to the right support and advice, and MSPs, in turn, can offer the correct solutions to combat the challenges their clients face. This has led to organisations questioning issues such as; are the emergency measures put in place during the peak of the pandemic sufficient for long term secure and agile working practices? What tools do customers need to remain secure in the new modern hybrid working environment? It is clear that now is the time for businesses to reassess and build a flexible, future-proof plan.

The Trusted Advisor to SMBs

Smaller and medium-sized businesses often do not have the resources, time or dedicated teams to focus on their IT needs, while ensuring they have the right solutions in place to defend themselves against cyberattacks. They also do not think they are as much of a target for hackers, as they may not have as much revenue or data compared to larger and more corporate organisations, with 66% believing a cyberattack would be unlikely. However, according to Accenture’s Cost of Cybercrime Study, 43% of cyberattacks are aimed at small businesses, and only 14% are prepared to defend themselves.

Instead, by partnering with an MSP who can act as an external security partner for the SMB to help them achieve cyber resilience, the pressure and responsibility of defending the business against cyber threats will lay with the expert in the channel. This creates a unique opportunity for MSPs to guide customers on their cybersecurity journey and ensure they are receiving relevant education and have the right technology and tools in place to protect the business. It also helps the MSP to differentiate themselves from the ever-growing and competitive channel market, enabling them to become trusted IT security advisors for the businesses they support.

Critical Support Partner

Whether a business is big or small, investing in its cybersecurity foundations is not optional – it’s business-critical, especially in today’s threat landscape. By identifying the gaps in their cyber needs, or allowing an MSP to make these judgments, a strong infrastructure can be built upon the businesses existing setup. These solutions can be custom-built and tailored to each individual organisation, including email and endpoint protection, ongoing end-user training, as well as access services, such as ZTNA solutions.

With security breaches showing no signs of slowing down, MSPs must be constantly vigilant and develop cyber resilience approaches that go beyond deploying security solutions. This means having not only the market-leading technology available, but also the technical expertise to support business security plans and growth. MSPs must take a proactive role in understanding the current state of a customer’s ability to protect against, prevent and respond to modern cyber threats when recommending the best approaches to true cyber resilience.

For example, MSPs who roll out Office365 to their client base are not tapping into their customers’ needs for peace of mind when it comes to cybersecurity. Instead, they should add value to the partnership by emphasising good cyber security practices, providing the right tools and technologies and looking at specialist vendors – rather than providing a one-size-fits-all solution. Channel partners can both capitalise and draw on the importance of demonstrating to customers the benefits they bring by continuing their role as trusted advisors – resulting in growing their revenue while ensuring their key partner status.

Investing in Technology

An MSP’s portfolio should provide the correct tools and solutions businesses need to survive and thrive in the new normal. Businesses of all sizes prioritised their move to digital workspaces during COVID-19, including remote teamwork, learning and critical cloud infrastructure, with Microsoft’s Chief Executive saying that they’ve seen two years’ worth of digital transformation in two months. Innovative technologies can form the backbone of a workforce’s security foundations by adding layers of technology protection alongside employee tools and security awareness. Solutions can be embedded to prompt users to double-check their emails before a mistake is about to be made, for example, mitigating the risk of accidental data loss.

Additionally, security awareness training within businesses has become a security necessity. Without peer review or IT supervision, organisations need their users to be empowered to make good security decisions. Rather than a once-a-year cyber awareness course – often used to tick a compliance box – today’s businesses must invest in ongoing training, phishing simulations and solutions to help their employees make the right decisions – wherever they are working.

This is an important point for channel partners to take on board, as they have the power to ensure their customers’ end users are sufficiently trained in the threat landscape. Have they engaged in phishing penetration testing? Is sending an email to the wrong person an embarrassing mistake or a data breach? These are just some of the key questions MSPs should be asking when they look to fulfil their trusted advisor role. This is an area where partners will see real growth as businesses have woken up to the idea that with the right solutions, they can switch their employees from IT risks to IT assets, and the channel needs to ensure they have the necessary training and tools in place to help their clients make these decisions.


Organisations cannot be expected to stay one step ahead of cybercriminals and adapt to new threats on their own. Within the evolving cybersecurity landscape, it’s essential for businesses, especially SMBs, to find a partner that offers a varied portfolio of security offerings, as well as the knowledge and support, to keep their business data, workforces and networks secure.

By addressing pain points and providing assurance around the security of their working environments, channel partners can build and strengthen their existing relationship with their customers, while recognising the opportunity of additional revenue streams for their businesses. In turn, businesses can feel confident that they have the right technology, education and tools in place to combat the risk of cyberattacks and a trusted partnership they can rely on to keep them secure and agile.

Americans lost a record $3.5bn to cybercrime in 2021 YTD

960 640 Stuart O'Brien
The wave of cybercrime is plowing throughout America with the biggest damages in history. Atlas VPN extracted data from publicly available government sources and found that US citizens already lost $3.49 billion to cybercrime in the first three quarters of 2021.
You don’t need to bring out the calculator – the damages come out to $12.78 million per day.
Edward Garb, a cybersecurity researcher at Atlas VPN explains the main driving forces behind the surge in cybercrime damages: “Cybercriminals are using the buzz around cryptocurrencies, NFTs, and the metaverse to trick people into investing in bogus projects that disappear after raising a hefty sum of money.”

The data for the analysis is based on reports submitted through the official Federal Trade Commission websites – and Citizens can get help by receiving personal identity theft recovery plans.

Regarding monetary damages – the FTC does not resolve the allegations, but it does disseminate the information to over 3,000 law enforcement agencies across the United States for further investigation.

The analysis reveals that cybercrime damages sky-rocketed by 82.91% in 2021 compared to last year. To be exact, people lost $1.58 billion more (yes, billion) this year than they did in the same period in 2020.

These losses are a result of 1.6 million unique fraud and identity theft reports submitted to the Federal Trade Commission websites mentioned previously.  This means that the FTC has to deal with around 5,869 complaints every single day.
Last year, the number of reports stood at 1.09 million after the first three quarters of the year, which is around a third less than in 2021. Back then, they had to go through 3,981 complaints daily.
To better understand the current cybercrime landscape, Atlas VPN analyzed which crimes caused the most trouble.
It already noted that investment-related crimes are on the rise due to countless projects in the crypto, NFT, and metaverse markets. This year, US citizens lost a staggering $956 million to these types of scams, representing a 277.87% growth YoY.

Half of all phishing attacks originate from EMEA

960 719 Stuart O'Brien

A report published by NTT Security has revealed that over half (53%) of the world’s phishing attacks originated from Europe, the Middle East and Africa (EMEA).

The Global Threat Intelligence Report (GTIR) analysed global threat trends from 1st October 2015 – 31st September 2016 and showed that of all phishing attacks worldwide, 38% came from the Netherlands, second only to the US (41%).

The data also revealed that nearly three-quarters (73%) of all malware globally was delivered to its victims because of a phishing attack.

The report highlights the latest ransomware, phishing and DDoS attack tends and the impact of these threats against organisations, with the UK the third most common source of attacks against EMEA, behind the US at 26% and France 11%.

In terms of top attack source countries, the US accounted for 63% with the UK following at 4% and China 3%.

Some of the biggest regional differences related to brute force attacks, which are commonly used to crack passwords. Of all brute force attacks globally, 45 per cent started in EMEA – more than the Americas (20 per cent) and Asia (7 per cent) combined. In addition, 45 per cent of brute force attacks that targeted EMEA customers also started in the region.

Dave Polton, Global Director of Innovation at NTT Security, is calling for more active collaboration between business, government and law enforcement agencies to tackle global threats and to ensure measures are in place that will have a long-lasting impact on global security.

“While phishing attacks affected organisations everywhere, EMEA unfortunately emerged as the top region for the source of these attacks,” said Polton. “These figures, combined with those for brute force attacks, should be of very serious concern for any organisation doing business in EMEA, especially with the EU General Data Protection Regulation (GDPR) just around the corner.

“Any organisation processing data belonging to EU citizens need to demonstrate that their information security strategy is robust.”

Other key EMEA figures:

In EMEA, over half (54%) of all attacks were targeted at just three industry sectors – Finance (20%), Manufacturing (17%) and Retail (17%)

Over 67% of malware detected within EMEA was some form of Trojan

Top services used in attacks against EMEA – File shares (45%), Websites (32%) and Remote administration (17%)

Frank Brandenburg, COO and Regional CEO, NTT Security, concludes: “We all know that no security plan is guaranteed, and there will always be some level of exposure, but defining an acceptable level of risk is important. Clients are starting to understand that by default every employee is part of their organisation’s security team, and businesses are now seeing the value in security awareness training, knowing that educating the end user is directly connected to securing their enterprise.

“Expanding cyber education and ensuring employees adhere to a common methodology, set of practices, and mind set are key elements. Clients see that assisting and coaching their employees (end users) on the proper usage of technology will only enhance the organisation’s overall security presence.”