My seven-week road trip is drawing to a close. It started with delivering a couple of presentations in Melbourne, Australia, and is wrapping up this week with a presentation in Washington, DC. In this time, I’ve done a lot of info sec things and had a lot of fun, although I’m regretting missing the all too short Edinburgh, Scotland, summer - where I am based.
Why this much travel in such a short space of time? Like most of my info sec colleagues, I've got a mission: save this thing called the Internet. And again like many of my brethren I get to stand up and talk about the issues. But I have a different audience to most.
My audience is one that is price-sensitive, overwhelmed, and resource constrained, plus their fate is intertwined with their customers to an extent that most internal IT departments’ are not. I'm talking about Managed Service Providers (MSPs) and IT service providers. These guys are the frontline conscripts in battling cybercriminals and they need reinforcements.
As the battle rages, MSPs increasingly find themselves skirmishing with ransomware, phishing scams, and malware infections. From compromised systems, and hacked websites to mysterious internet performance problems, these folks have seen a lot of action.
So given this depressing situation, and the fact that a rescue mission is unlikely and evacuation not an option, what the heck do we do?
The answer is that we need to make ourselves #hard2hack.
MSPs need to not become demoralized in this fight – mid-sized businesses have only MSPs and IT service providers to protect them. Indeed, if businesses are sheep, then MSPs and IT service providers are the sheepdogs keeping the cyber-wolves at bay.
I care about the safety of the Internet for these businesses, and if you care too then I have your back. Of course I get the "bandwagon-jumping" accusations that seem to resonate around social media. However, take a longer look at the situation: MSPs’ and IT service providers’ lives are not going to get better against the cyber bad guys until we start talking seriously about customer security.
However, if you want to be in business for the future, don't make a hasty decision about what tool your going to use to deliver great service and security. I'm on the front line with the MSPs and IT service providers and I’m striving to give them the best tools to defend their customers. That's worth something from my perspective.
We believe we have the best security tools, but so do the other guys. But what matters at the end of the day is not what tools you use, but what you do with those tools for your customers. I think we can all get behind the idea of saving the Internet for mid-sized business.
So don't get confused about the issue. The issue is what the bad guys are going to do next to your customers.
Ian Thornton-Trump, CSA+, CD, CEH, CNDA is CTO at Octopi Managed Services Inc. Ian is an ITIL certified Information Technology (IT) consultant with more than 20 years of experience in IT security and information technology. He enjoys and maintains a strong commitment to the security community. From 1989 to 1992, Ian served with the Canadian Forces (CF), Military Intelligence Branch; in 2002, he joined the CF Military Police Reserves and retired as a Public Affairs Officer in 2013.
You can follow Ian on Twitter® at @phat_hobbit.