Cyber Geniuses: How can you mitigate security risks in a fast-changing world?

How have pandemics impacted the cybersecurity threat landscape What are the best practices for moving forward? At a recent UK Business Technology Community meeting, several cyber-savants shared their expertise. Here’s what they discovered. MSPs and solution providers can all agree that it’s been a busy year in managing customers’ cybersecurity requirements. MSPs assisted customers in moving servers, hardware and applications from premise to the cloud as a result of a global pandemic. As more people worked remotely, solution providers increased their ability to secure endpoints. Secure platforms were in high demand because of the virtualization of customer communications, collaborations, and meetings.
How have these changes affected the cybersecurity threat landscape. What are the best practices for the future? Andy Bogdan, head UK SMB Channel at Kaspersky and Ian Thornton Trump, chief information security officer at Cyjax were among the cybersecurity experts who spoke with MSP partners at a Genius Cafe session at a recent CompTIA UK Channel Community Virtual Meeting. The geniuses offered their best security advice and strategies for success to attendees, who sought it out from them. Here are the top takeaways from the conversations by Bogdan and Thornton Trump
Perfect Storm
COVID-19 caused a social and economic crisis that allowed malicious users to launch attacks on small and medium businesses (SMB) customers.
Bogdan says that smaller companies without basic security awareness and training are more vulnerable to hacks, attacks, and breaches. “Security awareness in organisations is the common denominator of many [SMBs] weaknesses. It is still a mystery to many that they will not be affected or targeted by cybercriminals. He explained that SMBs are now more at risk than ever before.
Old Tactics with a new twist
Cybercriminals used COVID-19 themes to re-invent old tricks.
Phishing emails disguised to appear to be from company, government, or health authorities
Malicious domains that exploit the need for COVID-19 products or information
Ransomware and distributed denial-of-service (DDoS), malware targeting healthcare providers

Many MSPs and solution providers no longer use the same excuses for failing to implement cybersecurity measures. Thornton-Trump stated, “In 2015 in the early days CryptoLocker [a type ransomware], common excuses were ‘This is new, and this is sophisticated.'” In 2020 ransomware is neither sophisticated nor new. It’s delivered in the exact same manner as it was in 2015, usually via phishing emails.
Bogdan agreed that “With the reemergence legacy threats like ransomware and an increase in sophisticated Phishing attacks, threat actors could leverage SMBs or remote workers as a steppingstone for seeking out and entering enterprises.”
Configuration Oversights & Unpatched Vulnerabilities
Cybercriminals found a fertile ground in 2020 to exploit security configuration oversights, as cloud collaboration services were quickly deployed following the pandemic.
Common targets were also unpatched vulnerabilities in popular software programs. CompTIA’s Information Sharing and Analysis Organization, (ISAO), alerted members in September about a privilege vulnerability within Microsoft’s Netlogon, a remote protocol which authenticates users and machines. This vulnerability could be exploited by threat actors to gain domain administrator access if it is not fixed.
Take Action to Reduce Risk
Thornton-Trump and Bogdan shared concrete steps for MSPs to strengthen cybersecurity defenses and reduce their risk.
1. A multi-layered security strategy should be implemented.
Multi-layered security is made up of components that work together to provide the necessary protection and coverage against attacks. These components could include:
Email security
Antivirus software
Web protection and filtering
Assessment of vulnerability
Endpoint detection response
Firewalls
Privacy controls
Backup of data
Management of patches

2. Maximize your network security.
Enterprise firewalls can be expensive. Thornton-Trump advised MSPs to make wise investments. “I’m seeing too many old kit still being used that offers minimal network protections.” We must be honest about which countries we send or receive packets to and fro to protect our exposed services.
3. Allow remote control and users to use network-level authentication
Remote desktop protocol (RDP), and virtual private network services (VPN) were needed as the number of remote users increased in Q2 2020. For limiting risk, network level authentication is key. “If you require RDP or VPN services to your network core, these services should not be available across all of the in