In early 2017, SolarWinds® MSP investigated the cybersecurity preparedness, experiences, and failings of 400 SMEs and enterprises, split equally across the US and the UK. Now that the results are in, my anxiety level regarding the state of Internet security has never been higher. I’m also a bit disappointed we (as in the industry) have not made more progress, when it comes to securing our customers.
At one moment, our networks are secure because we are patching diligently and then the next day stuff is exploding all around us. Is there really anything we can do? The answer is yes; there is a lot we can do.
Picking through the cyber wreckage
The news of the WannaCry ransomware attacks targeting companies around the world this last weekend is just the latest in a long line of cyber carnage that has been happening. If the past few months are any indicator the damage inflicted on businesses by cyberattacks will escalate, and as this weekend proves it can all happen very, very quickly. It would appear the bad guys have broken through the front lines and are pushing the cyber defenders to the limit. The new SolarWinds MSP survey provides us with insight and perspective around why and how this is happening.
Let’s recap some of the big stories from the past few weeks:
So, the question is how do you tackle the problem of zero-day exploits? Well it’s a combination of your existing best practices—which you are already doing, right?—and securing what’s being targeted. Many of the exploits dumped by Shadowbrokers assume access to Server Message Block (SMB) and the ability to make an SMB connection over TCIP. The recommended best practices are to disable SMBv1 and make sure you are blocking outbound and inbound UDP ports 137 and 138, as well as TCP port 139 and 445 at the firewall. Since one of the exploits targets Kerberos, we know Kerberos clients need to send UDP and TCP packets on port 88, so blocking that at the firewall would give you a win. Since security researchers have managed to get their hands on the payloads, you can expect antivirus vendors to be issuing updates pronto.
Much needed perspective
The new SolarWinds MSP survey provides some much needed perspective and insight into why we’re in this predicament. There are some really startling revelations within the survey, and my view is that it shows the business arena is ripe with opportunities for Managed Service Providers (MSPs) and IT providers to deliver more security services—even simple things like Patch Management as a Service (PMaaS), user awareness training, and Backup as a Service (BaaS).
This series of stats really hit home for me:
“87% of organizations have complete trust in their security techniques and technology, and 59% believe they are less vulnerable than 12 months previous. However, 71% of those same organizations have been breached in the same period.”
Statistically the belief that “it will never happen to us” simply doesn’t add up.
The survey offers more insights and data around the kind of security technologies being used, and reveals an updated cost for data breaches. Given the revelations of the past few months, it’s an important read. The bad guys have more tools to break into networks now, which means MSPs and IT providers are going to have a lot of victim customers demanding security services.
Ian trump is global security strategist for SolarWinds MSP. You can follow Ian on Twitter at @phat_hobbit
We've tailored the report to reflect your side of the industry, so…
Click here, to find out more about how SolarWinds MSP can help you protect your customers.
Check out Ian Trump's webinars on the survey below. We've done one for the UK and one for North America, so click on the one for your region: