Finding the right MSSP for securing your business and training employees

Over the past year, small businesses have had to navigate the pandemic’s many challenges — from changes in business models and supply shortages to hiring and retaining employees. On top of these pandemic-driven challenges, SMBs also faced a growing business risk: cybersecurity incidents.

Cybercriminals often target SMBs due to the limited security resources and training that leave these businesses vulnerable. According to a study, Verizon found 61% of all SMBs reported at least one cyberattack during 2020, with 93% of small business attacks focused on monetary gain. Unfortunately, this leaves many SMBs forced to close after an incident due to the high costs incurred during a cyberattack.

Cybersecurity is no longer just “nice to have” for SMBs, but many business owners don’t know where to start. And while measures like a VPN or antivirus system can help, they aren’t enough by themselves. Managed security service providers (MSSPs) are a valuable resource for SMBs, allowing them to bring in the expertise needed to secure infrastructure that they might not be able to afford in this highly competitive labor market.

When looking for an MSSP, hundreds of options often leave businesses overwhelmed. To learn more about the value MSSPs should and can bring to the table, I spoke with Frank Rauch and Shay Solomon at Check Point Software Technologies.

Koziol: What should small and medium business owners look for when selecting a cybersecurity MSSP? What are the must-haves and the nice-to-haves?

Rauch: We are living in a time where businesses, SMBs especially, cannot afford to leave their security to chance. SMBs are a prime target for cybercriminals, as SMBs inherently struggle with the expertise, resources and IT budget needed to protect against today’s sophisticated cyberattacks. We are now experiencing the fifth generation of cyberattacks: large-scale, multi-vector, mega attacks targeting businesses, individuals and countries. SMBs should be looking for a true leader in cybersecurity. They should partner with an MSSP that can cover all customer sizes and all use cases. To make it easy, we can focus on three key areas:

  1. Security. The best MSSPs have security solutions that are validated by renowned third parties. They should prove their threat prevention capabilities and leverage a vast threat intelligence database that can help prevent threats at a moment’s notice.
  2. Capabilities. MSSPs should be offering a broad set of solutions, no matter the size—from large enterprises to small businesses, data centers, mobile, cloud, SD-WAN protection, all the way to IoT security. Having this broad range of expertise will ensure that your MSSP is ready to cover your business in all instances.
  3. Individualized. This may be one of the most critical areas. Your MSSP should be offering flexible growth-based financial models and provide service and support 24/7 with real-time prevention. Collaborative business processes and principles will ensure success and security in the long run.

Koziol: How can SMBs measure the value of bringing in an MSSP? Or, the risks of inaction?

Rauch: The biggest tell-tale sign of a match made in heaven is if you’re receiving your security needs through one single vendor. If not, those options are out there! Getting the best security through one experienced, leading vendor can reduce costs, simplify, support and ensure consistency across all products. This ranges from simply protecting your sensitive data all the way to ensuring you can secure the business through a centralized security management platform. How can you protect what you can’t see?

It makes sense to keep an eye on how many cybersecurity attacks you’re preventing each month. How long is it taking you to create, change and manage your policies? Are you scaling to your liking? Can you adapt on the fly if need be? Are your connected devices secure? These are just some examples that you should be able to measure with simplicity.

Koziol: How has the shift in remote/hybrid workforce changed how cybersecurity MSSPs support SMBs?

Rauch: The shift to a larger work-from-home practice has caused attackers to shift their attacks outside of their network. It is more important now than ever for MSSPs to be providing their SMBs with a complete portfolio — endpoint, mobile, cloud, email and office — that allows them to connect reliably, scale rapidly and stay protected, no matter the environment.

The best MSSPs should have been ready for this day. At any moment, day or night, your organization can be victimized by devastating cybercrime. You can’t predict when cyberattacks will happen, but you can use proactive practices and security services to quickly mitigate their effects or prevent them altogether. The shift to a hybrid workforce exposed the holes in the existing security infrastructure.

On the bright side, security incidents present an opportunity to comprehensively reevaluate and improve information security programs. They show threat vectors that we previously overlooked and raise awareness across the organization to enhance existing or implement new controls. So at the very least, this shift has been an eye-opener for MSSPs.

Koziol: Should MSSPs offer security awareness and training as part of their offering? Why?

Solomon: Absolutely, yes. At the end of the day, knowledge is power. Cyberattacks are evolving and training can help keep SMB employees protected and educated. According to a study from VIPRE, 47% of SMBs leaders reported keeping data secure as their top concern. At the same time, many SMBs lack sufficient skills and capacity to drive improved security on their own.

The only way to fight cybercrime effectively is by sharing experiences and knowledge. Due to the cyber shortage, Check Point Software, along with 200 global training partners, recently announced a free cybersecurity training program called Check Point Mind. It offers many training and cybersecurity awareness programs to give SMBs (or any business) the chance to extend their skills with comprehensive cybersecurity training programs led by world-class professionals.

Koziol: How can working with an MSSP on security awareness education improve a business’s overall security posture?

Solomon: Raising awareness with employees is a crucial step that’s often overlooked. Employees need to be able to identify a phishing attempt and know how to react. In our experience, we see a majority of employees attacked using emails. They receive an email that looks like an official email from someone with authority, asking them to open attachments or click on a link that contains malicious intent.

If employees go through a training course that teaches them what to look for in an attack, this will surely reduce the chance of that employee falling victim to the phishing attempt.

Koziol: What questions should SMBs be asking their current or future MSSPs about cybersecurity?

Solomon: Building on what was mentioned earlier, it is never too late to reevaluate and improve information security programs. Asking questions and investing in a better security posture shows us threat vectors that we previously might have overlooked and raises awareness across the organization to the need to improve existing or implement new controls. SMBs must proactively approach their MSSPs to ensure they are getting the best bang for their buck—security solutions that require minimal configuration and simple onboarding. In addition, they need to ensure they are taking the proper steps when evaluating security architecture, advanced threat prevention, endpoint, mobile, cloud, email and office.

Koziol: What’s ahead for MSSPs in the cybersecurity space? What should SMB owners expect to see next?

Rauch: One of the key areas we’ll see continuously growing is the need for a next-generation cybersecurity solution that enables organizations to proactively protect themselves against cyberthreats: incident detection and response management. As attacks continue to evolve and grow in numbers, unified visibility is a must-have across multiple vectors that a cyberthreat actor could use to attack a network.

A common challenge we see is an overwhelming volume of security data generated by an array of stand-alone point security solutions. What’s needed is a single dashboard, or, in other words, unified visibility, that enables a lean security team to maximize their efficiency and effectiveness. SMBs should take the opportunity to check security investments. The highest level of visibility, reached through consolidation, will guarantee the best effectiveness…[…] Read more »….