The Gately Report: N-able Says Business Resiliency Key to Thwarting Attacks

Ensuring business resiliency is key to preventing cyberattacks and minimizing the damage if an attack is successful.

That’s according to Dave MacKinnon, N-able’s chief security officer. We caught up with him at last week’s N-able Empower conference in Frisco, Texas.

During Empower, N-able introduced Cloud Commander, a multitenant solution with Microsoft for the cloud. The company also recently rolled out its new managed detection and response (MDR) solution.

“Security is not a checkbox,” MacKinnon said. “What we're really looking at is business resiliency for MSPs’ customers. So how do we ensure that you're coming up with solutions to understand the risks that are impacting those businesses, designing solutions to help protect those businesses and ensure that, if a security event occurs, they're in the best possible situation to recover from that event.”

One of the challenges is that people don’t want to spend money on cybersecurity, he said.

“But I think when you start to tie security to a risk and then you tie that risk to your business resiliency, that naturally becomes a pathway for those customers to understand exactly the value you're adding to their business by having that resilient solution,” MacKinnon said. “So that's one of the things I really hope customers take away from Empower.”

Related:N-able Empower: N-able Broadens 'Ecoverse' Vision with New Integrations

Business Resiliency Addresses Threat Pathways

There are three pathways for cybercriminals to target MSPs and their customers, MacKinnon said. Those are email phishing, some level of missed patching and an exposed surface to the internet.

“Fortunately for MSPs, they're primed with solutions to help identify opportunities for patching or surfaces that are exposed to the internet, additional controls for monitoring, etc.,” he said. “So some of it is if you do the basics, and that's really when we talk about that business resiliency, how do we come up with a very resilient pathway for those customers to keep them protected? The basics will help everybody.”

N-able's Dave MacKinnon

The challenge is there are commodity markets for attackers, MacKinnon said.

“If you talk about ransomware, if you want somebody who's selling identities, you can buy those on the underground,” he said. “ If you want somebody who's selling phishing kits, you can buy those on the underground or you can just use a different ransomware. So that commodity market has simplified for threat actors to get into that space. It's not like 15-20 years ago where you had to be this tall to ride this ride. Now it's a lot easier to get in. And the challenge is everybody's a target and how quickly you see these threats move.”

Threat actors continue to evolve their tactics, and when it comes to ransomware, as long as customers keep paying, they don't have a reason to stop, MacKinnon said.

“It’s a cash cow,” he said. “And whether it's the customer pays or they have their cyber insurance pay, there's no reason for them to stop running those attacks against any size business because at the end of the day, they're in it for the cash.”

Scroll through our slideshow above for more from MacKinnon and more cybersecurity news.