Cybersecurity for SMBs Is the Herculean Task of MSPs

One of the great things about working at Acronis is the fact we get to collaborate with so many wonderful partners. We love our partners and we love supporting them as they help ensure their clients are protected and productive.

Watching them complete this mission during 2020 has been particularly inspiring, as they empowered their clients to quickly transition to remote work in response to the COVID-19 pandemic.

Yet in an article originally published by DarkReading, Acronis VP of Cyber Protection Research Candid Wüest detailed the significant cyber protection challenges that still lie ahead for small and mid-sized companies. For managed service providers (MSPs) who step up to the plate, they’ll uncover tremendous opportunities in the year ahead.

We’re reposting it here so our partners can benefit from his insights.

When it comes to cybercrime, today's small businesses are easy prey. While most of the world has united in responding to the upheaval of COVID-19, cybercriminals are leveraging the pandemic for their own benefit. There's been a sharp spike in malware attacks, and phishing attempts have gone through the roof as attackers try to exploit remote workers who are outside their company networks — and security.

The recent "Acronis Cyber Readiness Report" discovered that half of all companies (50%) report being targeted by cyberattacks at least once a week since March. Nearly a third (31%) now report daily attacks. In the wake of the pandemic, 92% of companies adopted new technologies to enable and secure their systems for remote work environments.

Budgets and staffing are limited for these small and midsize businesses (SMBs), and finding the right skilled people is difficult, which is why many rely on service providers to manage their IT needs and keep their workloads and systems secure.

MSPs Securing SMBs The good news is that managed service providers (MSPs) were able to step up and help their clients transition to remote work. For their SMB clients, these service providers were heroes during dark days.

The cyberthreat landscape is always evolving, and many MSPs are struggling to stay ahead of new threats. In fact, cybercriminals have successfully attacked the platforms that service providers use to run their businesses to gain access to both the MSPs' data and the clients'.

Because of how lucrative they can be, the frequency of attacks on third-party supplier platforms is increasing. Unfortunately, the traditional stack of single-point solutions that MSPs use is no longer enough to compete with modern sophisticated threats.

Furthermore, the complexity of juggling multiple vendor consoles makes it difficult for administrators to efficiently clear alerts if no automation is provided. Instead, they lose their overview, which causes mistakes or lost time — and when talking about today's sophisticated threats, time is of the essence.

Evolving Cybersecurity for MSPs A new approach is needed — one that efficiently integrates cybersecurity, data protection, and endpoint protection management. Such integration enables the kind of tight control and interlocked automation that legacy solutions lack but which are required to combat today's threats.

What makes integration so critical? Since no single solution can stop 100% of all attacks all the time, it is inevitable that a business will be compromised. Once that successful attack gets through, the focus shifts from prevention to mitigation — the longer an organization's systems and staff are sidelined, the more costly the attack. If its cybersecurity solution does not include native backup and disaster recovery capabilities, the downtime caused by a successful attack is extended. With every hour of unexpected downtime costing an estimated $8,600, ensuring a fast recovery is no minor concern for a small business.

At the same time, cybersecurity needs to become an integral part of an organization's data protection strategy. Backup without integrated cybersecurity capabilities cannot withstand modern malware attacks, such as new ransomware strains whose first objective is to delete backup files, agents, and security software.

By integrating cybersecurity and data protection — dubbed by IDC "the new IT discipline of cyber protection" — organizations become more resilient. The result is self-restoring endpoints, ensuring that organizations experience the fastest recovery times with no data loss following cyberattacks — minimizing costly downtime that could otherwise cripple or kill a small business.

Of course, prevention is also a vital part of a comprehensive cyber-protection strategy. Providing automated patch management beyond Microsoft software can ensure that a client's systems are not compromised by attackers to begin with. In addition, the seamless integration with backup enables fast recoveries should any patches fail.

The integration also ensures that all available information is used to protect the client's system. This makes it possible to react automatically and efficiently, without experts or additional expensive services.

Cyber protection's multilayered approach, which is enhanced by artificial intelligence (AI), ensures more complete coverage and greater security. At the same time, combining automation and integration into a single solution makes managing that protection easier, which enables MSPs and their clients to focus on the success of their businesses.

Future of SMB Security Small businesses are often called the backbone of the economy, yet the security challenges facing them overwhelm most current solutions. Securing the systems and applications these economic engines rely on requires a new, AI-enhanced approach that is purpose-built for the future. Integration and automation are key to reduce the complexity and provide an efficient approach to combat the flood of new threats.

Cyber-protection strategies and solutions successfully unite cybersecurity and data protection to keep businesses protected against all of the threats that will emerge in the future.