Boris Johnson announced the government's roadmap for lifting coronavirus restrictions for businesses and the general public in early February, and has provided a silver lining for many across the country ever since. However, since the start of the pandemic, the way business is conducted has changed permanently, with many wanting to continue working remotely as lockdowns and restrictions ease over time. So, as businesses loosen up and the rules loosen up, life should return to some form of "new normal." But cybersecurity issues are here to stay, and the throttle shouldn't be eased, especially with the increased risks associated with continuing to work remotely. If anything, security must be stepped up more than ever to ensure that all aspects of a business are secure. But is not the case. About the authors Steve Law is CTO at Giacom
Kelvin Murray is a Threat Researcher at Webroot,
The risk grows
Despite the easing of lockdown restrictions, cybersecurity risks persist and are likely to grow as Covid-19 changes the landscape of work. As indoor spaces begin to open up in the coming months, employees will want to venture into new spaces to work, such as coffee shops and internet cafes, but working on open networks and personal devices creates unlocked gateways for cyberattacks to take place. As this hybrid and remote way of working seems to be here to stay, companies need to ensure they have the right infrastructure in place to deal with cyber threats. For example, research from the National Center for Cyber Security shows that there has been an increase in cyber attacks related to Covid-19 over the past year, with more than one in four hackers in the UK linked to the pandemic. Nor is this trend expected to abate in the short term. And, in the future, hackers could take advantage of keen travelers waiting to book their next vacation after the travel ban is lifted, by deploying fake travel websites, for example. Aside from the bad actors in this broader scenario, part of the problem here is that many IT teams aren't using a holistic, layered approach to data security and recovery; which can have negative consequences when data is stolen from organizations. These issues continue to resonate strongly with companies of all sizes, which is why they will look to their MSPs for a solution.
The importance of a layered approach
Cyber security is not a one stop shop. A complete trilogy of solutions is needed to ensure maximum effect. This includes a layered mix of DNS networks, secure connections to endpoints, and a trained and skilled human workforce. The need for DNS security cannot be ignored, especially with the rise of remote personnel to monitor and manage Internet access policies, as well as reduce malware. The DNS is often targeted by bad actors and therefore DNS layer protection is increasingly considered an essential security control, providing an additional layer of protection between a user and the Internet by blocking malicious websites. and filter out unwanted material. In addition, endpoint protection solutions prevent file-based malware, detect and block internal and external malicious activity, and respond to security alerts in real time. However, these innovative tools and solutions cannot be implemented without educating users and embedding a cybersecurity-sensitive culture across all staff. Humans are often the weakest link in cybersecurity, with 90% of data breaches due to human error. Therefore, by providing the right training and resources, companies can help their employees increase their cyber resilience and position themselves firmly on the first line of defense. This combination is crucial to ensure the right digital solutions are in place, as well as to increase employee understanding of the critical role they play in keeping the organization safe. In turn, these security needs provide various monetization opportunities for the channel, as more companies need the right mix of technology and training to keep employees safe.
The role of the chain
Businesses, especially SMBs, will turn to MSPs to protect their businesses and help them achieve cyber resilience. This creates a unique and valuable opportunity for MSPs to guide clients through their cybersecurity journey, providing them with the right data protection tools and solutions to get the most out of their work-from-home environment. Just as important, MSPs must take responsibility for training their own teams and clients. This includes providing additional training modules on online security through ongoing security awareness training, as well as endpoint protection and everything needed to improve cyber resilience. In addition, cyber resiliency solutions and packages can be customized and tailored to meet customer needs, including endpoint protection, end-user continuing education, threat intelligence, as well as backup and restore. With the right tools to develop and automate various services, complemented by technical, organizational and personal support, channel partners will also have the keys to success in developing new revenue streams.
Conclusion
Hackers are more innovative than ever, and to fight growing threats, businesses must stay ahead. Organizations must continue to recognize the new realities of remote work and a distracted workforce, and must emphasize to employees that cyber resilience is not just the job of IT teams, it is a job, a responsibility everyone shares. By taking a layered approach to cybersecurity, organizations can develop a holistic view of their defense strategy, taking into account the multitude of vectors through which modern malware and threats are distributed. In this evolving cybersecurity landscape, it is critical for SMBs to find an MSP partner that offers a diverse portfolio of security and training offerings, as well as the knowledge and support to protect their business data, workforce, and network.