Ransomware Grabbing More Headlines, But Other Cyber Threats Loom
The magnitude and amount of threat vectors is perhaps more alarming than ransomware.
![Cybersecurity Headline Cybersecurity Headline](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/blt96c6b7a3d87c13d8/65242bc2173989546ae58d28/Cybersecurity-Headline.jpg?width=700&auto=webp&quality=80&disable=upscale)
Shutterstock
Netenrich’s Justin Crotty said ransomware tends to be what commercial businesses worry about.
“I don’t know if it’s a bigger threat because ransomware is pretty big and it’s disruptive, but what we see … is a lot of threat vectors, the magnitude of threat vectors and the amount of threat vectors from out-of-state actors, things like that have us maybe more concerned than some of the commercial ransomware stuff we see,” he said. “So the scale and scope, and severity of some of the threats that are emerging out of state, and recently with Ukraine, the amount of chatter around cyber warfare happening and the threats we see around have us a little more concerned than ransomware-type stuff because it’s typically against nation-state, it’s typically against infrastructure, things like that. So I don’t know if it’s a bigger problem. People that get hit by ransomware, that’s a big problem. But that’s what we view as a potentially order-of-magnitude problem that is is ramping up in our opinion.”
Trellix’s Kristi Houssiere said nation-state threats are operating after hours, building ransomware practices because that’s where the money is.
“There are companies building ransomware as a service and doing that on their off hours,” she said. “So I think the lines are blurring a bit with nation-state and ransomware, cybercrime and cybercriminals. A ransomware attack happens every 11 seconds; it’s 21 days on average to recover from it and the cost of recovery is an average $1.85 million. It’s a big problem. And those attacks are going down-market to companies that don’t have highly sophisticated teams of security professionals to eradicate that. They’re not only doing lockup, but double ransomware of extortion and maybe even a little bit further hitting the reputation of those companies. So it’s a big problem.”
NTT Application Security‘s Matt Lantinga said if your solution can help customers with ransomware and other attacks, “then you’re in a good space right now and it can help with your channel relationships because they’re going to want it.”
“They’re going to partner with you and sell it,” he said. “I think ransomware is obviously a huge problem. There are a lot of security problems out there and that’s one of them that gets a lot of attention. Also, supply-chain management recently because of log4j, that’s getting a lot of attention. There are a lot of different ways that you can get breached. There are a lot different ways you can get attacked. Ransomware, of course, being a really important one. But if I’m thinking how it impacts the channel, if you can truly provide value to that security problem, then it’s going to help all your channel ratios. It’s really the quality of, do you have a solution for their customers? And then that’s going to impact the relationship you’re going to have.”
Sophos’ Scott Barlow said a lot of access brokers are out there selling access to customers. Therefore, the conversation for an MSP is becoming a lot easier.
“That mentality that it’s not going to happen to me has evaporated because it’s happening to them day in and day out,” he said. “I still think MSPs need to focus on their own environment and their own network. We still see a lot of MSPs being very lackadaisical in securing their own environment. And if you are in ransomware protection or some kind of next-gen security, you need 24/7 monitoring of your infrastructure, your customers’ infrastructure and with hands-on keyboard because just having solutions out there for either email or just endpoint protection still isn’t enough.”
A lot of MSPs don’t have the capabilities to do that themselves and its harder to find the right tech talent to help, Barlow said.
“Hiring those people at a much higher salary is very difficult, especially when all of the vendors are paying top dollar for these security operations center (SOC) analysts,” he said. “So it’s worrisome.”
Proofpoint’s Joe Sykora said all cybersecurity providers are struggling with the talent shortage.
One of the things we did was we actually bought a partner [InteliSecure] to help with that last year because there wasn’t expertise for the solution that we rolled out,” said Sykora. “So we have a partner that makes sense and we could give partners blueprints and say, ‘Here, let us help you build the practice around it and/or let us be your hands if you need it.’ So we let them white-label our service, if you will. That’s one way we’re approaching it because if we can’t find people for what we’re paying, we know our partners aren’t going to do that. So that was one of the things and it’s worked well.”
Fortinet’s Jon Bove said all partners need to make sure they have a plan.
“The skills gap is a massive problem,” he said. “Fortinet established our network security expert program with the goal of enabling 1 million individuals and taking that into universities and building out academic programs to help fill that gap. We think that’s one element. But the other thing is making sure that our partners have the ability to bring that platform approach to their customers because it’s a matter of when, not if. And when it happens, are you putting your customer in a situation to be able to respond in a timely fashion and protect as much as they possibly can? So that’s what I would worry about. For them, ransomware is really an outcome, so prepare as much as you can for both yourself and also for your customer. And it needs to be repeatable in fashion. You can’t just go pick one product over here and pick another over here. And if private equity is trying to buy into a platform, then hopefully our partners are trying to establish their own security posture, one that provides them a platform that can orchestrate an automated response.”
Malwarebytes’ Brian Thomas said when it comes to threats, his company looks at it more from an SMB perspective.
“Forty-three percent of SMBs don’t even have a cybersecurity game plan whatsoever,” he said. “And then you couple that with if there’s a ransomware attack, the average payout for an attack is $4.2 million. It’s a check that SMBs can’t cash. And I think that’s the reason why we exist. That’s why the channel program and the MSPs that we support really exist. It’s that low security maturity market that simply cannot afford a ransomware attack like that in that particular space.”
Malwarebytes’ Brian Thomas said when it comes to threats, his company looks at it more from an SMB perspective.
“Forty-three percent of SMBs don’t even have a cybersecurity game plan whatsoever,” he said. “And then you couple that with if there’s a ransomware attack, the average payout for an attack is $4.2 million. It’s a check that SMBs can’t cash. And I think that’s the reason why we exist. That’s why the channel program and the MSPs that we support really exist. It’s that low security maturity market that simply cannot afford a ransomware attack like that in that particular space.”
Ransomware may be grabbing most of the headlines, but other cybersecurity threats and issues are keeping partners and their customers up at night.
Evolving attack methods, the blurring of lines between attackers and the ongoing shortage of cybersecurity talent are all adding to partners and customers’ stress.
So beyond the ransomware headlines, what threats are facing partners and their customers?
Our cybersecurity roundtable at the 2022 Channel Partners Conference and Expo addressed this topic. This is the second in a series of articles highlighting various topics addressed by the roundtable. The first was on partner stress from the M&A frenzy.
Panelists included:
Scott Barlow, Sophos‘ vice president of global MSP and cloud alliances.
Jon Bove, Fortinet’s vice president of channel sales.
Justin Crotty, Netenrich‘s senior vice president of channels.
Kristi Houssiere, Trellix‘s senior director of global channel strategy and operations.
Matt Lantinga, NTT Application Security‘s vice president of sales and global strategic accounts.
Joe Sykora, Proofpoint’s senior vice president of worldwide channels and partner sales.
Brian Thomas, Malwarebytes’ vice president of worldwide MSP and channel programs.
See our slideshow above for more from the roundtable about the biggest threats facing partners and customers.
Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn. |
About the Author(s)
You May Also Like