Threat Protection Measures Cybersecurity Vendors Fear You’re Ignoring
This third installment in our threat protection series has channel heads sharing where partners might be remiss.
![Head in the sand Head in the sand](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/blte586a71ea1bb9d0d/652455e44db255842b779088/Head-in-the-Sand.jpg?width=700&auto=webp&quality=80&disable=upscale)
Shutterstock
Jon Peppler, vice president of worldwide channels for Bitglass (Bitglass approaches threat prevention from the perspective of secure access service edge. The company uses policy-driven remediation to prevent data leakage or the entrance of malware):
If channel partners keep selling what was popular last year, they will not keep pace with the evolution of threats. Many channel partners are still leaning on legacy security technology, which is not adapted for securing data in cloud applications. While customers are moving to cloud applications, many channel partners are still selling appliance-based security solutions. This causes additional challenges in scalability, capacity planning and maintaining. Legacy solutions often are not able to incorporate BYOD without forcing some agent on the devices, which for many users is unacceptable.
David Nuti, head of channel and alliances for North America at Open Systems (Open Systems offers managed detection and response as well as SASE. Thus, its threat protection resides on endpoints, alongside remote users and sites, and on clouds and cloud applications):
Partners need to stay focused on service consolidation and avoid rushing to their customers with point threat-protection solutions. Channel partners who find a cybersecurity service provider that offers the entire stack, and then promotes the portion of that stack that applies to the customer’s threat protection requirement, will demonstrate that they’re thinking strategically.
Partners also should consider the entire threat protection chain – including prevention, detection and user training. To allow for this, partners should find solutions that provide security administrators with visibility and insights to simplify threat identification and prioritization. Keeping an eye on policy-driven administration and automation is another best practice. Security teams will be stretched even thinner in the years to come and will want to use services that are all-inclusive, intelligent, unified and automated. Customers will value anything that channel partners can offer to improve threat protection while decreasing the strain on their internal resources.
Kurt Mueffelmann, global chief operating officer and U.S. president at Nucleus Cyber (this vendor focuses on insider threats by evaluating data and user attributes to authorize access to content and what users can do with it):
Address insider threats proactively. Most information security tools are reactive. They alert you to a problem after suspicious activity has been detected, when the damage has already been done. Companies also rely heavily on user training to prevent insider threats. We need to shift to a proactive information security posture to prevent common data loss scenarios such as accidental sharing, data misuse, and even theft, from occurring in the first place.
Tina Gravel, senior vice president of channels and alliances for Appgate (the vendor treats threat protection from the premise that everyone and everything on the network poses a threat and cannot be trusted until it has been verified):
Zero trust is something that everyone wants to discuss but few fully understand. It is a complex and wide-ranging topic and as such, it also represents an opportunity for channel partners to help their customers navigate what it is and how best to practically apply it in their operating environment. But channel partners need to understand that zero trust is not just about technology and tools – it’s as much about having the right methodologies and processes to support this new type of approach to cybersecurity.
Marcus Conroy, vice president of sales VMRay (VMRay provides automated malware analysis and detection platforms to protect applications and data):
One of the greatest challenges that today’s security teams face is that they are overwhelmed by noisy alerts, which means they are unable to effectively triage and prioritize their threat response. Channel partners have primarily been focused on selling endpoint protection and other network monitoring tools but have not dedicated enough resources to threat intelligence and are, in effect, treating symptoms rather than addressing the root cause.
Bill Dantz, director of channels at Clumio (Clumio offers data protection for public and private clouds, and SaaS):
Clumio believes that channel partners may ignore the development community who are developing all the new cloud-based solutions. Data protection solutions are normally not offered to this community since those relationships do not exist or are too hard to convince. This area of the market is critical since these folks are defining the new world but will not be responsible for the ongoing compliance and operations.
Faraz Siraj, vice president of channel sales at Code42 (Code42 addresses insider risks and threats from a positive-intent perspective):
Not prioritizing insider risk is an obvious fear of mine. While it’s a larger problem than ever, unfortunately, we’ve seen that many organizations still only allocate about 10% of their security budget toward insider risk. I fear some of the channel may run away from this opportunity if the budget doesn’t appear to be there. It’s up to us to shift this status quo by better educating the channel on the realities of insider risk. As our Data Exposure Report showed, 59% of IT leaders say insider threat will increase or significantly increase in the next two years, but more than half (54%) still don’t have an insider response plan. The threats are there but most security leaders don’t realize there’s an alternative to DLP to protect from this threat. That is why education is critical.
Jabari Norton, vice president of worldwide partners at alliances at Sumo Logic (the vendor views threat protection through a security information and event management lens; it focuses on early detection and response, and user training for spotting phishing attempts and social engineering):
Hybrid security is, unfortunately, not something that we are seeing our partners address at this point. Many have migrated their workloads and are embracing cloud security. Ultimately, these practices will then complement what they have already done for on-premises security, but few channel partners have the full set of capabilities to address the hybrid of on-prem plus multicloud.
Jim Lippie, CEO of SaaS Alerts (SaaS Alerts’ platform monitors SaaS applications and alerts MSPs to unusual user behavior on Office 365, Google Workspace, Dropbox and more):
I am afraid that channel partners feel that they’re already doing everything they can to help their customers and they will stop being vigilant about staying on top of new threats to their customers.
Corey Munson, vice president of sales and marketing for PC Matic (PC Matic delivers threat protection through zero-trust endpoint security):
Too many channel partners are preoccupied with the next shiny security object, while still overlooking simple blocking and tackling.
Corey Munson, vice president of sales and marketing for PC Matic (PC Matic delivers threat protection through zero-trust endpoint security):
Too many channel partners are preoccupied with the next shiny security object, while still overlooking simple blocking and tackling.
Sources agree: The global shift to remote work due to COVID-19 increased organizations’ potential cyberattack surface. The last year has seen greater need for threat protection than ever. But has the channel complied to take important cybersecurity measures?
Throughout 2020, enterprises added more mobile devices and cloud applications (often haphazardly) to accommodate remote work. At the same time, they lost a lot of control over network monitoring as employees had to turn to home internet connections. On top of that, many workers brought collaboration tools – big potential sources of data leaks – into the environment so they could do their jobs. These factors have all led to one common problem: greater vulnerability to cybercrime.
The problem will go nowhere. In fact, it will only get worse. Sources further agree – and analysts worldwide concur – that remote work is here to stay. As such, bad actors in search of an easy payday will just keep up – if not speed up – their digital extortion efforts. Don’t forget, too, that organizations have to acknowledge the growing reality of insider risk, malicious or not.
This activity places channel partners and suppliers with the responsibility to constantly ensure a mature threat-protection posture for end users. It’s not a simple or easy task to fulfill. Too many security approaches come in siloes, use outdated technology, or address an incident after the fact. A far more effective tactic consists of thoughtful modern protections and best practices, all with a proactive stance. Sometimes there is a reason to silo certain security measures, for instance.
Of course, convincing end users to spend money – or more money – on cybersecurity can be hard. And when customers push back, that can create another problem: complacency within the channel. Don’t fall prey to the temptation to get lazy about cybersecurity, even when clients struggle to understand the importance. Stay abreast of the latest developments and education.
With that in mind, this third installment in our series on threat protection looks at the trends and cybersecurity best practices vendors fear channel partners are likely to ignore or under-address. Click through the slideshow above to read what they have to say.
Read more about:
MSPsAbout the Author(s)
You May Also Like