The Cybersecurity & Infrastructure Security Agency (CISA) released an alert last week, May 11, advising MSPs “of recent reports that observe an increase in malicious cyber activity targeting managed service providers (MSPs) and [we] expect this trend to continue.” They also released guidance for MSPs and their customers to reduce the risk of falling victim to a cyber intrusion.
So what does all that mean for you? It simply means that the IT company you pay to manage your technology (like CBTech) is a target, and by extension so are you. Why? If the IT company is compromised, the attackers will most likely have full access to all the clients; that’s a lot easier than trying to infiltrate each client individually and is potentially a much bigger payoff (after all, money is usually the end goal).
What can/should you do? The best place to start is to have a conversation with your IT company. Understanding how your business operates can help the IT company recommend the right security measures. You also want to make sure the IT company has measures in place to protect themselves. Here are a few of the recommendations from CISA:
- Prevent initial compromise
- Enable/improve monitoring and logging processes
- Enforce multifactor authentication (MFA)
- Apply the principle of least privilege
- Deprecate obsolete accounts and infrastructure
- Apply updates
- Develop and exercise incident response and recovery plans
For the complete list, along with explanations, you can read the CISA notice here: https://bit.ly/3yFSXV2.
Do you want to have a deeper discussion about this? You can contact us here: https://bit.ly/CBTech-contact.
Sign up for our monthly Timely Tech Tips: https://bit.ly/CBTech-Tips