Earlier this week, Cyjax CISO, Ian Thornton-Trump, chatted to Phelim Rowe, president and CEO of CTG Intelligence, exploring the business landscape for managed security services (MSS) and managed service providers (MSP), and looking at what the future holds for the channel. The video of their conversation can be found on YouTube, here. CTG is also hosting an online conference with a number of interesting contributors from the industry looking at remote working during the COVID-19 outbreak. Join that on 31 March – here.
The shift to working from home has been happening, slowly, for a number of years. Certainly, in metropolitan centres like London and other major cities worldwide, it has been the norm to take meetings from your dining table at least one or two days a week. This enforced shift for almost the entire workforce, however, may represent a paradigm shift, according to Thornton-Trump, with home working becoming the de facto standard for workers in the knowledge economy.
Evidently, this is a shift in society, as well as a shift in business, with neither apparently sufficiently prepared for the risks that this entails. While many companies are in a good spot to allow remote working, others have failed to build the infrastructure required or have resisted it entirely. It’s unclear if this is through traditional views or simple pig-headedness, but it has left some businesses unable to adapt to the changing times.
Cybercriminals are well aware that the exponential increase in working from home has considerably broadened the threat landscape for business. Malicious coronavirus-themed domains are being registered by the dozen and threat actors are pushing all manner of nefarious schemes targeting business credentials or intellectual property – Cyjax has detected more than 60,000 potentially fraudulent domains registered since the pandemic started. Allowing access to VPNs without two-factor authentication, and other poor security practices – such as password re-use or a lack of password complexity – are easily exploited by cybercriminals. The state of cybercrime is expected to worsen in the weeks ahead.
What do MSS and MSPs do in this time of pandemic? They can’t simply send someone round, given that numerous countries are already in lockdown and there are others sure to follow. Thornton-Trump is optimistic, saying this is an opportunity for growth, particularly since the history of both MSS and MSP is “doing the impossible for next to no money.” Those MSS and MSPs that embraced remote support and pushed their client base to make incremental improvements to their infrastructure will flourish. There is a huge chance to streamline the space by pushing for remote monitoring, deployment, remediation and support.
It seems that this pandemic has created another major shift: it is clear that voters will not tolerate governments making cuts to sectors that will provide support in times of crisis. This most clearly means healthcare at the beginning of 2020, but it also means the internet. Just as Tim Berners-Lee intended, this may actually be a step back towards net neutrality – whether the debate is settled or not remains to be seen. We are currently spending billions reacting to this pandemic when millions could have been spent on prevention and preparation. The same can be said for companies in the MSS and MSP space: proactivity is an order of magnitude cheaper than reaction and recovery.
Our TLP Green Cyber Threat Intelligence Report on COVID-19-related cyberattacks and scams can be found here.