Cybersecurity: A team to fight cybercrime
Published: 05:26 PM, 13 July 2019
People in charge of cybersecurity cannot fight Cybercrime alone. They need help from development teams, business application experts, engineers, compliance officers, and legal professionals. They also need the support of end users. In other words, cybersecurity takes teamwork.
Business representatives of each area contribute to building strong defenses against cybercrime. MSPs in charge of their clients’ security often don’t have coverage in all these areas- so partnering makes sense. If there’s no development team or in-house attorneys, they need help from outside their skills.
In most cases, MSPs can fill gaps by partnering with an MSSP. MSSPs focus on highly specialized areas of security such as remote unified threat management (UTM) and security information and event management (SIEM) services, threat analysis, remediation, and consultation.
MSPs can also help the expertise of their vendor partners. Vendors invest in research and development to build new solutions and technologies, and that shapes their perspective on what to expect next.
Vendors also keep track of developments in the threat landscape through their research and threat-intelligence collection. That information is passed on to MSSPs, MSPs, and all sorts of organizations to help them keep an eye on threats, their origins, and their likely targets so they can update defenses.
The threat landscape never sits still. Threat always finds new ways to break into networks and steal data. Cybercrime is a profitable enterprise that’s estimated to reach $6 trillion by 2021.
Cybercriminals constantly adapt to new conditions and refine their methods to maximize their profits. They are now focusing on other methods, primarily cryptojacking, which consists of taking over machines unbeknownst to their owners to mine for cryptocurrency. The more machines they can turn into cryptobots, the more perpetrators get paid.
Before ransomware, cybercriminals were using financial trolls, but those took a lot of work to deliver a payoff.
Ransomware made things easier- deliver the malware (usually through phishing), lock up the owner’s system, and then demand ransom to restore access to that system.
With cryptojacking, owners don’t realize anything is going on – unless they have the expertise or tools to specifically look for it.
Without threat intelligence, tools, and practices — as well as the necessary research and development — MSPs simply can’t keep up with the threat landscape. That’s why they need a team. An individual who faces off against a team doesn’t stand much of a chance.
And that’s what happens in combating cybercrime. Cybercriminals work as teams too. They develop exploits and botnets and sell them for other criminals to use. On the Dark Web, there are sites where users can order a distributed denial-of-service (DDoS) or ransomware attack against a specific company.
Organized crime is one of the biggest adversaries cybersecurity professionals are up against. Though loosely organized, it’s highly motivated and constantly evolving. Other adversaries include cyberterrorists, nation states, hacktivists, and insiders — and they’re usually working on teams to try to steal client data.
On their own, MSPs can’t stand up to these criminal enterprises, which is why they need help from others to protect their clients. Cybersecurity works best when it’s a team effort.