Critical Threat Protection Steps MSSPs, Other Partners Must Take Now
In this second installment in our series on threat protection, vendors discuss what partners have to do this year.
![Threat protection Threat protection](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/blt930ab1d2c2e459bf/6524567042f91233a7865ef4/Threat-Protection.jpg?width=700&auto=webp&quality=80&disable=upscale)
Shutterstock
Jon Peppler, vice president of worldwide channels for Bitglass (Bitglass approaches threat prevention from the perspective of secure access service edge. The company uses policy-driven remediation to prevent data leakage or the entrance of malware):
“The consequences of threats include loss of data, loss of resources, damage to brand reputation, and loss of customer trust. Threats evolve continuously, and as new methods of attacks are developed, the number of threat vectors increase. The knee-jerk reaction is to add more layers of security as the threat vectors increase. The role MSPs, VARs and integrators can play is to steer customers toward solutions that are designed to defend against evolving threats and new use cases. MSPs and VARs have never been in a better position to help businesses with security than now.”
David Nuti, head of channel and alliances for North America at Open Systems (Open Systems offers managed detection and response as well as SASE’ thus, its threat protection resides on endpoints, alongside remote users and sites, and on clouds and cloud applications):
“It’s always a good time to ask your customers if they have any concerns or plans for threat protection that you can address on their behalf. Try to learn more about their environment, specifically where applications are and where the users who access them reside. The vast majority of answers around a responsible security strategy and posture lie within a conversation about applications.
There are also business indicators that will lead to a threat protection conversation and opportunity. These include a growing remote workforce; increased use of cloud applications; digital transformation; network expansion; or a new acquisition. Leveraging platforms from solution providers that have management and security at the foundation is a hot topic for 2021.
The unification of the security operation center and the network operations center – recognizing that network monitoring is a critical element to an effective security posture – is also a major trend.
Other hot trends this year include cloud-native security, like Microsoft Azure Sentinel or articulated within the Gartner SASE framework, which will provide the scaling and flexibility businesses need to keep up with constantly changing security requirements; cybersecurity vendor consolidation for customers that want to reduce the number of security providers, consolidate technologies, lower costs and streamline operations; and the rise of managed detection and response.”
Kurt Mueffelmann, global chief operating officer and U.S. president at Nucleus Cyber (this vendor focuses on insider threats by evaluating data and user attributes to authorize access to content and what users can do with it):
“Industry reports continue to show most data breaches and incidents are the result of human error, not malicious users or hackers. It is everyday sharing and collaboration mistakes that pose the biggest risk to enterprise data. Remote work has resulted in increased volumes of data, files, email and cloud storage, as well as the number of downloads of confidential corporate assets, putting both companies and users at risk.
In 2021, MSPs, VARs, and integrators will need to ensure information and applications are protected from the inside out. It is no longer enough to just control who can access your applications; you also need to control who can access the data within them — and control what they can do with it once access is granted.”
Tina Gravel, senior vice president of channels and alliances for Appgate (the vendor treats threat protection from the premise that everyone and everything on the network poses a threat and cannot be trusted until it has been verified):
“The channel partners who will be most successful in this regard will be the ones who can demonstrate to their customers how and why a holistic, zero-trust approach to threat protection can benefit their entire organization, not just the security practice.”
Marcus Conroy, vice president of sales VMRay (VMRay provides automated malware analysis and detection platforms to protect applications and data):
“Because no single security solution is capable of blocking all possible threats, the key to managed threat protection for channel partners lies in their ability to provide multiple layers of defensive threat protection – and better intelligence about the nature of new threats.
By providing overlapping layers of security, channel partners can provide greater assurance that if one layer is penetrated, there are other backstops in place to block an attack. Channel partners should also focus on helping customers improve the efficacy of the tools that they already have in place rather than advising customers to rip and replace their existing systems.”
Bill Dantz, director of channels at Clumio (Clumio offers data protection for public and private clouds, and SaaS):
“Since most companies are diversifying their cloud providers and doing so to contain costs, it is critical for the MSPs, VARs and integrators to align with this trend. They will need to provide data protection solutions that are simple, multicloud, have the ability to protect SaaS and PaaS, and provide data mobility, but do this in a cost-effective manner.”
Faraz Siraj, vice president of channel sales at Code42 (Code42 addresses insider risks and threats from a positive-intent perspective):
“There was mass adoption of remote work in 2020, and as a result, digital transformation greatly accelerated. The collaboration culture was ushered in and now nearly all work involves file sharing and movement in some way. While it can be incredibly effective from a productivity perspective to collaborate and work on files together, it also introduces new threats to data – IP, trade secrets, product designs, customer lists, personnel information and the like.
Code42’s recent Data Exposure Report found that 61% of IT security leaders said their remote workforce was the cause of a data breach since COVID-19 started, and employees are 85% more likely today to leak files than they were pre-COVID. It’s up to the channel to help their customers protect against the growing insider risk threat. The channel must educate their customers that insider risk management solutions need to be a core component of security tech stacks.”
Jabari Norton, vice president of worldwide partners at alliances at Sumo Logic (the vendor views threat protection through a security information and event management lens; it focuses on early detection and response, and user training for spotting phishing attempts and social engineering):
“As customers explore their options for threat protection, they’ll need to ensure that their SIEM solution is cloud-based, scalable, customizable, and provides automated insights without causing alert fatigue. Each organization is unique and faces a different set of issues. As such, companies must make sure that their SIEM solutions can be customized for the types of cyber issues that they face.”
Jim Lippie, CEO of SaaS Alerts (SaaS Alerts’ platform monitors SaaS applications and alerts MSPs to unusual user behavior on Office 365, Google Workspace, Dropbox and more):
“It’s all important. There are a lot of good companies/products in the ecosystem now that protect against viruses, malware, phishing campaigns, network and device vulnerabilities. But we believe that protecting SaaS applications is most important in 2021 because most people don’t realize the risk. If you study many of the recent high-profile breaches you will find that SaaS application access and authentication is one of the glaring issues.”
Corey Munson, vice president of sales and marketing for PC Matic (PC Matic delivers threat protection through zero-trust endpoint security):
“Return to the basics. Too many MSPs, VARs, integrators and other channel partners are preoccupied with the next shiny security object while still overlooking simple blocking and tackling. The majority of breaches/attacks are still exploiting failures in the ‘fundamentals’ (outdated endpoint protection, weak password hygiene, unpatched software).”
Corey Munson, vice president of sales and marketing for PC Matic (PC Matic delivers threat protection through zero-trust endpoint security):
“Return to the basics. Too many MSPs, VARs, integrators and other channel partners are preoccupied with the next shiny security object while still overlooking simple blocking and tackling. The majority of breaches/attacks are still exploiting failures in the ‘fundamentals’ (outdated endpoint protection, weak password hygiene, unpatched software).”
Thanks to COVID-19, and to the increasing sophistication of cybercrime in general, MSSPs and their customers face more challenges to network and data security than ever. As we noted in the first installment in this series on threat protection, vendors have been responding.
Since early January, Channel Futures has tracked an influx of supplier announcements about threat protection products and platforms. From guarding against ransomware and phishing to monitoring employee behavior and activity in SaaS applications, these solutions take aim at different aspects of the technology.
This marks our second segment on the growing trends around threat protection. This time, we ask vendors which aspects of the practice are most imperative for managed security service providers and other channel partners to address in 2021. Click through the slideshow above to find out what they recommend.
Read more about:
MSPsAbout the Author(s)
You May Also Like