There’s a common belief that the phrase “Black Friday” comes from black (as in ink), since the day after Thanksgiving in the U.S. has, for decades, marked a point when retailers turn deficit into profit and therefore, red ink into black.
But the true origin story of Black Friday is not so positive, and the day itself has become difficult and dangerous in the 21st century. Police in Philadelphia probably coined the modern phrase “Black Friday” in the 1950s, referring to the arduous amount of overtime they had to put in to control massive crowds of shoppers descending on the city. One of the major challenges they faced was preventing shoplifting.
Maintaining order during online chaos
In 2024, the shoppers are still there, and so is the shoplifting — but in a different paradigm. A major chunk of holiday retail commerce has moved online, and Black Friday now is more of a season than a single day. As a result, the bellwether period for retail has become increasingly challenging for MSPs trying to maintain order for clients during surges in ransomware, fraud and other cyberattacks.
Black Friday is a prime example of why endpoint protection and network monitoring are so critical. Just as users don’t seem to have learned all that much from Cybersecurity Awareness Month, consumers continue to take the same cybersecurity risks on Black Friday, putting data and organizations in peril.
The irresistible power of discounts
Black Friday and post-Thanksgiving in general have long been a dangerous season for cybersecurity, and it remains a high-risk period for a few primary reasons.
Cyberattackers ramp up activity during the holidays
First of all, cyberattacks really do ramp up from late November through late December, and for good reason. Harried bargain hunters make great potential victims for cyberattackers. TransUnion found that suspected digital fraud attempts increased by 11.6% in the U.S. during the 2023 holiday season compared to the rest of the year. And it’s not just an American phenomenon, either. TransUnion also reported that suspected attempts at digital fraud rose a staggering 116% in the U.K. during the 2023 shopping season.
Consumers will do just about anything for a deal
But the root of the problem is really consumer behavior. Far from being more careful about clicking on unsolicited emails, consumers are opening more of them. Email open rates for retailers increased by 11% in 2023, year over year.
Many eager users set themselves up for classic and fairly simple cyberattacks, such as signing up for a mailing list, answering a survey or liking a post on social media. There is some level of irony, perhaps, that Computer Security Day in 2024 falls on November 30, the day after Black Friday.
The number of endpoints is proliferating
The frenzy of holiday shopping might be a little easier for MSPs to manage if users just browsed on one laptop or phone. But they don’t. In fact, the number of endpoints employees use at work at any time of year is increasing. A TechTarget study on endpoint vulnerability found that 70% of employees interact with four or more devices daily.
It’s no secret that, like most of us, users in your clients’ organizations definitely shop at work, and the numbers suggest that they’re not doing it especially cautiously. Between malware potentially jumping from a home network to a business network via a rogue device or a user simply introducing malware into a network you manage, the risk of a data breach during the holiday shopping season is extremely high.
The downside of endpoint protection
One obvious and ultimately effective way MSPs can fight cyberattacks during the Black Friday season is by implementing endpoint detection and response (EDR) and extended detection and response (XDR) for clients.
After all, as IBM notes, almost all cyberattacks and most successful data breaches begin at an endpoint. Add to that the fact that, once again according to the 2024 Verizon Data Breach Investigations Report, almost 70% of data breaches involve an end-user mistake, and the importance of endpoint protection becomes crystal clear.
But adding endpoint protection can lead to tool sprawl, which is already a major problem for MSPs, as it is for many other organizations. The TechTarget study on endpoint vulnerability revealed that 68% of organizations use 10 or more tools for endpoint management and security alone. That’s a lot of management, expense and resources committed to monitoring endpoints.
Worse, the TechTarget report found that in general, the more tools an organization uses to manage and secure endpoints, the lower the percentage of endpoints it actually manages to monitor. So, more tools lead to bigger gaps in endpoint management. And this also leads to more cyberattacks, with 53% of organizations using more than 15 tools having experienced several attacks due to unmanaged endpoints. By contrast, 60% of organizations using five tools or fewer reported never suffering a cyberattack related to unmanaged endpoints.
The importance of native EDR and XDR integration
What MSPs — and all organizations — need is a solution that integrates endpoint and network protection into a single platform. Cutting the number of tools down is good; cutting it to one is much better. An if that solution can include much more than just EDR and XDR, that’s a major bonus.
That’s exactly what Acronis Cyber Protect Cloud delivers. It gives MSPs a consolidated, comprehensive and natively integrated solution that includes not just endpoint protection and network monitoring but also much more. Acronis delivers a consolidated solution that offers backup and email archive capabilities, security for email and collaboration applications, security posture management, and even a new approach to security awareness training. Of course, it also offers both EDR and XDR to protect endpoints during even the busiest season.
This Black Friday season and complications that surround it will likely become more difficult for MSPs to manage year after year, as there is little evidence that consumers are moving toward more cautious behavior. In fact, the opposite is true. EDR and XDR are critical functions for MSPs during the holiday season, and Acronis Cyber Protect Cloud gives MSPs both the power and simplicity they need to offer a natively consolidated, comprehensive cybersecurity solution to clients while also easing management burdens and cutting costs.
About Acronis
A Swiss company founded in Singapore in 2003, Acronis has 15 offices worldwide and employees in 50+ countries. Acronis Cyber Protect Cloud is available in 26 languages in 150 countries and is used by over 20,000 service providers to protect over 750,000 businesses.