SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
The Magnificent 7: Critical functions that underpin every cybersecurity practice
Tue, 17th Aug 2021
FYI, this story is more than a year old

Cybersecurity is now a top priority for SMBs worldwide. Indeed, the second annual ConnectWise SMB State of Cybersecurity report found that more than three-quarters of SMB respondents were worried they would experience an attack in the next six months. Meanwhile, 91% would consider moving to a new IT service provider if it offered the ‘right' cybersecurity solution.

With cybersecurity taking centre stage, today's service providers need to dedicate time and resources to deliver the solutions their clients need. But doing so can seem like a daunting proposition.

However, by taking a methodical seven-step approach, technology services providers (TSPs) can build a robust cybersecurity practice that protects their customers' businesses from cybercriminals — and securely lock down their own environment too.

1. Understand your own risk posture

Holding the keys to dozens if not hundreds of organisations that they manage and support, TSPs are increasingly in the line of fire. TSPs will need to have the right cybersecurity tools, know-how, and practices in place to ensure they are not easy prey for cybercriminals.

Conducting an internal assessment to determine potential security gaps is a vital first step for understanding their own security posture — and by implication, that of their customers.

2. Upskill staff and adopt a ‘security first' mindset

In addition to training staff to get them certified in key cybersecurity skills, TSPs need to review and re-architect their systems with security in mind. That means implementing multi-factor authentication and security keys for single-sign-on, eliminating many potential vulnerabilities and enforcing the basics, like good password hygiene.

3. Define a ‘go to market' strategy

Determining which services to monetise and which to outsource can seem like a complex proposition. Ultimately, clients want to ensure their servers, users, and devices are always available, secure and supported.

Foundational cybersecurity services like firewalls and antivirus will likely be within the capabilities of TSPs. But when it comes to providing robust network-level defence, SOC/SIEM is becoming a must-have, as are XDR/MDR/EDR layered tools.

Fortunately, TSPs can now tap into ‘defence in depth' tools and easy-to-deploy managed solutions that feature:

  • Dark web scanning and monitoring
  • Threat detection and response for Microsoft and Azure AD
  • Advanced endpoint protection
  • 24/7 SOC support and cybersecurity risk assessments. 

By making it easy to jumpstart the delivery of advanced cybersecurity solutions to customers, TSPs can scale up their offerings as their cybersecurity practice matures.

4. Start the conversation

After engaging a TSP to take care of their environment, many SMBs often believe they are henceforth entirely risk-free and secure. But their increased reliance on online services and BYOD means they will need to assess everything — from their network and backup capacities to how they secure devices and services.

These discussions clarify everyone's responsibilities and provide a platform for TSPs to identify appropriate solutions for each client.

5. Educate and support clients

79% of SMBs plan to make hybrid or remote working policies a permanent fixture. This gives TSPs a golden opportunity to demonstrate the value of working with a proactive partner dedicated to putting its customers' interests first.

Putting together a plan that helps clients improve their security posture will ensure they have the security in place that's essential for remote working.

6. Initiate frontline monitoring services

Threat detection and response helps clients prevent and remediate cyberattacks fast. Core detection and response services can include

  • Monitoring and analysing logs
  • SIEM management
  • Customising alerts for individual users and devices
  • Dark web scanning to detect stolen credentials and DNS protection. 

Offering threat intelligence as part of a holistic IT management platform will also help proactively identify actions that will shore up technical defences ahead of emerging threats on the horizon.

7. Navigate a growth path

If it can't be measured, it can't be managed. Regular reporting on key metrics that demonstrate the progress of the nascent cybersecurity practice will be key.

Alongside identifying opportunities for growth and articulating the longer-term vision, boardroom leaders will need to analyse the revenue contribution — assessing both profitability and where openings for higher margins lie.

 It's time to get off the sidelines

TSPs will need to get out of their comfort zone fast to capture this significant market opportunity. Feeling intimidated by the investment involved in acquiring the skills, setting up a SOC, or acquiring the marketing prowess shouldn't be a barrier to success.

By partnering with the right vendors, they can fast track their ambitions and build a practice utilising a methodical step-by-step approach.