The worlds of cyber security and cybercrime provide a double-edged sword for managed service providers. MSPs are increasingly being targeted by cybercriminals, according to a joint cybersecurity alert from the US, the UK, Australia, Canada, New Zealand, and the UK published in May 2022. Additionally, the number of cyberattacks on MSP clients, small- and medium-sized enterprises (SMBs), will increase. Another year of more complex cyber catastrophes is in the works. Here are seven themes that will be especially important for MSPs to be aware of in 2023 as they shape the IT security environment.

1. The perimeter is weakened by accelerated changes to hybrid work and the cloud.

Endpoints are becoming more and more mobile and less attached to the “office” network. Nowadays, people work from anywhere (WFA), including their homes, grandmothers’ homes, and soccer games for their children. Servers are simultaneously moving quickly from internal data centers to public (or private) clouds. The old idea of “perimeter” and what is within vs outside the network continues to be weakened by this. Attackers are evolving to take advantage of the updated network diagram and new vulnerabilities. Are your skills for protection and detection working in unison? Can you perform a vulnerability scan remotely? Are you able to identify assaults in the public cloud with your XDR service?

2. Attacks against operational technology (OT) and ransomware will rise.

It is unfortunate to say, but crime does pay. The lesson for criminal groups is that there are several loopholes that may be exploited successfully in the always-on, wealthy Western society. It is anticipated that ransomware would spread from North America to Europe and grow in volume. High-interest targets will include sectors like manufacturing that have been sluggish to adopt security technologies, have a large operational technology and IoT attack surface, or both. Specific industries will also be targeted, including those with more to protect, such as the medical and pharmaceutical sectors, whose income increased dramatically during pandemic.

3. Security professionals continue to face a severe talent shortage.

This pattern has been present for a while and is still going strong. We shall observe the scarcity of seasoned security personnel continuing this trend as Blue Teams expands its recruiting efforts internationally. Selectively and cautiously incorporating services from outside suppliers is one method, from the standpoint of the customer, to increase the scarce abilities on your team. More automation and training for junior staff members are essential for providers of these services.

4. Evildoers complete their assignments. Do you?

Postmortems of successful assaults frequently reveal patient attackers who take their time to entice victims, install malware, map the network, and study patterns to evade detection by even the most zealously secured networks. Do you additionally complete homework to keep abreast of changes to your own network, its map, and its configuration? Do you mention your current detection/protection system’s effectiveness, coverage, and trends? It’s a job in and of itself for medium and big networks, one that seems onerous and has a low return on investment but nevertheless must be avoided. Boards of directors for companies are starting to form specialized, accountable cybersecurity committees.

5. Business transactions will be governed by cyber risk.

More and more medium and big enterprises will consider cyber risk when choosing partners and suppliers since hazards increasingly arise from an organization’s supply chain and extended linked vendor and partner network. In the past, factors like product value, cost, and accessibility mostly influenced vendor choice; the cyber risk now enters the picture. Are you ready to inform a customer about and show your cyber security posture? To your supplier of cyber insurance?

6. More and more endpoints will be covered by data privacy legislation.

More and more users and endpoints will be covered by GDPR-like data privacy rules in nations outside of the EU. Governments are becoming aware that these laws can be necessary to safeguard their citizens and business. In much the same way that legislation for automotive safety evolved in the previous century with the rising hazards of autos on the highways, the goal is to raise the baseline minimum requirements for e-commerce. Despite having good intentions, this will only be implemented sporadically and arbitrarily. The network owner will be accountable. A less expensive method of solving this demand and growing over time is to use external “expert” suppliers. The majority of businesses use legal professionals that specialize in this field to change their legal contracts in order to comply with GDPR instead of doing it themselves. With cybersecurity compliance, anticipate the same.

7. The newest endpoint is identity.

You are who you authenticate as because of the disappearance of the company and network “perimeter” (see number one above). Remote access is more common than not. Attackers are aware and actively trying to compromise users. You will have to cope with an insider attack, which is far more difficult to spot, if they are successful. The solution lies in techniques like requiring MFA, especially for high-value admin accounts, and leveraging User & Entity Behavior Analytics (UEBA) to spot unusual or never-before-seen behaviors. These call for the acquisition of relevant data, machine learning, and a running SOC around-the-clock. Are these detections available from your XDR service provider?

Next Steps for MSPs

MSPs may assist their SMB clients in being aware of changes to their risk profile and new vulnerabilities they need to secure when these trends materialize in the upcoming year. The same goes for MSPs and their security service provider partners, who should stay in regular communication. Make sure your service provider’s skills are improving to match changes in attacker behavior and the IT landscape by not being afraid to ask the difficult questions. Find out more about the Managed Open XDR solution from Netsurion, which improves your risk posture and makes threat detection and incident response simpler.