April 27, 2022

What Is Cybersecurity?

By George Rouse
CybersecurityDatto Managed SOC

Last year, cybersecurity experts reported that a single data breach added more than $4 million in costs for companies per incident. By the end of 2023, cybersecurity criminals are expected to hijack billions of confidential records.

It’s important for managed service providers (MSPs) who are expanding their cybersecurity offerings to be prepared to protect IT systems. The tips outlined below will help win the battle against any online threats to you and your customers.

What is cybersecurity?

Cybersecurity involves protecting your business’ online systems against cyberattacks. This means safeguarding any servers, desktop computers, or mobile devices you and your customers use.

At the center of cybersecurity is data security. A hacker will try to access your customers’ data: credit information, email addresses, and other sensitive information. These hackers may even threaten to erase banking information and other confidential files.

Cyber threats can target specific clients, employees, or company executives. The attackers may demand a payment or, just as threatening, attack confidential data which has the potential to halt all of your customer’s operations.

Why is cybersecurity important?

Cybersecurity helps companies safeguard their digital assets. If companies are not actively protecting these assets, they may pay a regulatory penalty. Examples of data set protection requirements include the following:

Confidentiality

“Confidentiality” refers to those efforts a company has in place to grant access to data for authorized employees only. Only specifically authorized employees should have this level of access. These restrictions help ensure that workers can’t steal or misuse sensitive customer data.

Reliability

Data is considered “reliable” when it is both complete and accurate.

Types of cybersecurity attacks

Cybercriminals are constantly releasing new and more advanced internet threats. Most of these threats have similar characteristics that help them enact damage. Some common threats include:

Malware

“Malware” is a term that stands for “malicious software.” Malware is any software that can damage a single network, server, or computer, or device.

Hackers can install malware virtually, or via physical delivery such as on USB drives directly into equipment. They can also set it up by accessing systems remotely as well. Types of malware include viruses, Trojan viruses, spyware, worms, and ransomware.

Computer Virus

A virus is a fragment of malicious computer code that attaches to a legitimate application code. When this happens, the virus infiltrates other applications within the server, computer, or device.

From there, the computer virus continues to spread and reproduce. When the application runs it disperses the virus, which can cause potential damage to the host machine such as data corruption.

Ransomware

Another type of cybersecurity attack is ransomware, which is a type of malware. Ransomware attacks, infects, and restricts access to your network systems. The only way to regain access is to pay a fee or a “ransom.”

 

When a ransomware attack occurs, an online user receives directions on how to pay their ransom, then receives a decryption code that unlocks their system once the ransom has been paid. You can find out more about the global state of ransomware in this comprehensive report.

Phishing

Phishing is a socially engineered email-based attack that often leads to ransomware infections and stolen data. Examples of sensitive data commonly “phished” include credit card numbers or user names and passwords.

In a phishing attempt, hackers will disguise themselves as a familiar or authoritative presence and convince the victim to open their emails, text messages, or even conversations within trusted platforms like Microsoft Teams with a “phishing message.”

The phishing message directs a victim to click a link or open an attachment that contains malware. When users click on a link or download the attachment, malware then spreads throughout their device. There are many different types of phishing attacks, including spear phishing, whaling, pretexting, and more.

Best practices in cybersecurity

As an MSP, what can you do to protect yourself and your clients from these cybersecurity threats? Following is a list of best practices to help ensure that you’re prepared to fight off these costly attacks.

Write a cybersecurity plan

A cybersecurity plan documents your technical cybersecurity strategy to protect your customers’ data assets. This plan advises your customers on what their employees’ responsibilities are for safeguarding the company’s data assets.

This plan should also specify any employee’s or contractor’s level of access. Think of your cybersecurity plan as guidance on how to recognize, stop, respond and recover from cyber attacks.

Your cybersecurity plan can also include steps for responding to security breaches. You should also use your plan to outline preventive measures that stop breaches from ever taking place.

A good way to build a cybersecurity plan is to start with a cybersecurity framework (CSF) or model. There are many to choose from, such as NIST, COBIT, CIS, Zero Trust, and others. Utilizing a framework will help identify security gaps and areas of weakness.

Train your customers on cybersecurity

MSPs can raise their customers’ cybersecurity awareness by reminding them that their employees are the first line of defense against cybersecurity attacks. Start by training your own staff on the cybersecurity plan for your MSP practice, then provide this training to your customers.

Your cybersecurity plan should include the steps that staff members must take to safeguard any company-sensitive data assets. You can also use your plan to describe what kinds of cybersecurity threats currently exist in each customer’s specific industry — although note that this list keeps growing!

There are also many online training resources available that provide helpful cybersecurity plan templates, plus other rules and best practices. The FCC Cyberplanner is one example.

Restrict access

Each employee who has regular access to a company’s sensitive files should have their own unique user account. Any company laptop or mobile device that’s not being used should be securely stored.

Passwords/login authentications

MSPs should instruct their customers to make sure each employee has an individual, strong password. They should also have their own unique login authentication as well. Team members should change their passwords every two or three months.

Employees should also use multi-factor authentications, which require two or more verification factors for secure access to a server, computer, or device. These can include a secure password as well as other log-in factors such as an authenticator app, secure USB key, fingerprint, and/or facial recognition.

Cybersecurity protocols for mobile devices

Add antivirus software on all company mobile devices such as laptops and phones. Antivirus software detects malware on devices and removes it, to help protect confidential information.

As noted above, any personal devices with antivirus software should also have their own unique password, as well as multi-factor authentication where appropriate.

Develop a business continuity plan

Create a Business Continuity Plan for all company devices to ensure that critical data can be recovered and restored in the event of a cyberattack. Business continuity and disaster recovery (BCDR) solutions made specifically for MSPs can help to ensure that your customers’ data is protected.

View this checklist to learn which security measures should be a high priority for MSPs to mitigate the risk of ransomware attacks.

What’s next?

Start drafting your Business Continuity Plan that outlines the necessary goals and steps to protect your customers’ sensitive data assets. Learn about cyber resiliency and advise your team and your customers on the protocols to follow to prevent data breaches, and how to respond if one should happen.

Suggested Next Reads