Over the past few years, we’ve seen a major proliferation of compliance regulations. For many years, we saw compliance regulations focusing on specific industries like the Health Insurance Portability and Accountability Act (HIPAA) for healthcare or the Payment Card Industry Data Security Standard (PCI DSS) for payment processors. However, governments are taking notice and responding to increased public awareness of data privacy issues and data breaches. In some ways, it started with the General Data Protection Regulation (GDPR) in Europe, but was soon followed by a data protection law in California, and a Vermont law governing data brokers. Ultimately, we’ve seen a proliferation of data privacy laws and should expect that trend to continue in the next few years.
Compliance often drives investments in security. With the potential for more laws to pass, we could see even more businesses looking for help with security and compliance. As an MSP, this means you’ll have to keep up with the latest laws—but this also represents a strong potential market opportunity as businesses will need even more help.
Customers Will Get Even More Serious about Security
Individuals are more aware of security breaches—cyberattacks are no longer what occurs to other, larger companies and doesn’t have any impact on them. Individuals and small businesses often feel the brunt of a breach when someone attempts an attack and want help.
As a result, more businesses than ever will likely mention security during sales calls. Demand will increase for MSPs with the security chops to handle data breaches. We’ll cover some easy ways to deal with this later, but for now, it’s important to know every step you take to improve your security prowess could pay dividends down the line.
The Threat Landscape Will Continue to Adapt
Cybercrime tactics rarely stay static. Over the past few years, we’ve seen cybercriminals launch major ransomware attacks, siphon processing power for illicit cryptomining, lean on fileless malware attacks to evade antivirus, and launch side-channel attacks like Spectre and Meltdown. We’ve seen cybercriminals hack IoT devices like camera doorbells, grow increasingly sophisticated with social engineering attempts, and bypass two-factor authentication via SIM swapping techniques. The truth of the matter is if there’s a vulnerability to exploit—and there’s always a vulnerability—cybercriminals will likely find a way. So expect the threat landscape to continue its evolution.
In particular, we should see ransomware grow even more fierce, focusing on system-wide events. Criminals launching ransomware attacks will attempt to use techniques to move them across wider networks to maximize their damage. Additionally, ransomware attacks could end up being part of multi-pronged attacks that use other tactics. In short, ransomware itself will evolve.
MSPs Will Partner with an MSSP for Active Monitoring
An ounce of prevention may be worth a pound of cure—but unfortunately, many still get sick despite the preventive steps you take. Instead, as an MSP, you may need to start actively monitoring for threats against your customers’ networks with strong security information and event management (SIEM) tools. However, you may not have the capability in house to do so. Instead, I predict many MSPs will start to join forces with managed security services providers (MSSPs) to provide more comprehensive security services. This will end up being a true win-win for both businesses, and help them both meet the needs of the market.
It can be hard to predict the future, but I believe these trends will become major influences on the industry in 2020 and beyond. Knowing these trends can help you stay prepared and future-proof your MSP business.
Based on my final prediction, you may be interested in partnering with a security provider. SolarWinds MSP offers its Threat Monitoring Service Provider (TMSP) program that lets you partner with one of our pre-approved TMSPs. The TMSPs use SolarWinds® Threat Monitor to actively watch your managed networks for indicators of attacks on your behalf. They handle the back-end, while you keep the customer relationship. Learn more by visiting try.solarwindsmsp.com/tmsp/ today.
Tim Brown is VP of Security for SolarWinds MSP. He has over 20 years of experience developing and implementing security technology, including identity and access management, vulnerability assessment, security compliance, threat research, vulnerability management, encryption, managed security services, and cloud security. Tim’s experience has made him an in-demand expert on cybersecurity, and has taken him from meeting with members of Congress and the Senate to the Situation Room in the White House. Additionally, Tim has been central in driving advancements in identity frameworks, has worked with the US government on security initiatives, and holds 18 patents on security-related topics.