Cybersecurity has been a topic of discussion among IT professionals for quite some time, but a managed service provider's, or MSP's, responsibility to maintain secure environments has increased rather dramatically over the past decade as threats have become more commonplace.
According to the Anti-Phishing Work Group's Q2-2018 report, the total number of phish from the second half of 2017 to the first half of 2018 increased by 33%. Today’s cybercriminals are continuing to leverage social engineering emails as the top attack vector. In addition to the rise in phishing, ProofPoint’s “The Human Factor 2018” report states emails with malicious attachments exceeded those with emails containing malicious URLs by 28%, putting the hostile code within a single click from the user. However, even an email redirecting an unsuspecting user to a fake website will eventually lead to downloading and executing a file that will exploit a vulnerability.
Security professionals all agree that a comprehensive security strategy is multi-faceted, incorporating perimeter hardening, end-user education, software patch management, and disaster recovery planning. It is also becoming more complex to proactively prevent attacks from occurring. Threats, like strains of ransomware, adapt as prevention measures mature and new technologies emerge making it difficult for businesses, especially smaller ones with limited resources, to remain ahead of the criminals.