It's commonly understood that smaller businesses have smaller IT budgets, which often does not leave much room for IT security. Even in 2020, many of these companies have never heard of NIST, ISO 27001, or other security frameworks, let alone implemented them. And with more than 30 million businesses falling in the category of fewer than 1,000 employees, small businesses represent a significant part of the American economy. For an attacker, this is a gold mine of potential opportunity, but the key to that financial reward means operational scalability, putting the target squarely on managed service providers (MSPs).
Why MSPs?Many small to midsize businesses (SMBs) rely on MSPs to assist them with cost-effective management of IT infrastructure, monitoring, and general support. Companies regularly put their trust in MSPs to protect their data, but we have to remember that MSPs are often small businesses themselves. And as attack vectors increase by the minute, there seems to be no end in sight to the growing pressures on MSPs.
So, why are MSPs a major target for cyberattacks? The obvious answer is that an MSP may service a myriad of SMBs; having access to one MSP is an easy gateway to all of their supported SMB networks. Not to mention that nearly two-thirds of organizations use MSPs for at least one IT function.
Unfortunately, MSPs are now being used more and more as a pawn for hackers' malicious plans. Recently, Ragnar Locker ransomware hit Portuguese energy gian ..
Support the originator by clicking the read the rest link below.
