Guest Column | July 22, 2021

3 Ways MSPs Can Leverage Insider Threat Expertise To Boost Revenue And Deliver Better Service

By Isaac Kohen, Teramind

3 Three

The recent pandemic enhanced or expedited rapid digital adoption as businesses turned to online ecosystems to connect with customers, empower employees, and maintain operational continuity.

Unfortunately, now that companies are more reliant than ever on web services to deliver critical objectives, they face a fraught online landscape. As one particularly incensed headline asked, “Are we waiting for everyone to get hacked?”

Most obviously, new ransomware attacks are occurring every eight minutes, disrupting everything from critical infrastructure to small businesses. However, while high-profile hacking groups continue making headlines, their efforts are often predicated on actions much closer to home. According to a recent industry report, 85 percent of all data breaches are attributable to a “human element” as malicious and accidental insiders repeatedly put sensitive data and IT infrastructure at risk.

Meanwhile, companies are struggling to fill cybersecurity vacancies. The U.S. has nearly 500,000 unfilled cybersecurity positions, making it difficult for them to defend their data in an increasingly scary digital scenario that puts their bottom line at risk.

Manager service providers (MSPs) should be prepared to capitalize on this moment, providing critical insights and cybersecurity capacity that protects companies from insider threats. This includes raising awareness, advocating for change, and focusing on the future. When these facets work together, they can help MSPs increase revenue as they provide in-demand services at a critical time.

#1 Raising Awareness

Trusted insiders, including employees, vendors, and third-party partners, represent a significant cybersecurity risk for today’s companies.

Powered by multiple motivations, malicious insiders often enact shocking damage on their employers. For example, a Tesla worker sabotaged internal systems before sending sensitive data to third parties. A Facebook engineer used his network access to stalk women. A Suntrust Bank employee stole the personal data of 1.5 million customers, ultimately providing that information to a criminal organization.

In April, a federal grand jury in Cleveland returned an indictment on Davis Lu, a software developer. He placed malicious code on his employer's computer servers, resulting in a denial-of-service attack that cost the company at least $5,000. The employee used his work computer to search the internet for information on escalating access privileges, hiding access, and deleting sizable digital assets.

Of course, many insider threats are accidental as employee negligence, ignorance, or indifference puts data privacy at risk. Phishing scams, ransomware attacks, and web app vulnerabilities have each increased during the pandemic, and businesses will need the tools to respond accordingly.

This is especially true in a post-COVID-19 operational environment. For example, one report found that 85 percent of employees are more likely to compromise sensitive information than before the pandemic, reflecting the urgent need for companies to adopt comprehensive insider threat detection and prevention.

MSPs should be prepared to help businesses understand this shifting threat landscape while advocating for change to protect valuable digital assets.

#2 Advocate For Change

In many cases, IT personnel are aware of the risk associated with insiders but have, to date, been ignored by c-suite executives and board members. A 2020 study found that 97 percent of IT leaders view insiders as a “significant concern.” In contrast, two-thirds of CISOs say they are unprepared for a cyberattack, while more than half are more concerned about the consequences of a breach than they were a year ago.

To effectively engage clients, MSPs are speaking to more than just an organization. They are addressing the people that comprise these organizations and the fears, anxieties, and concerns that accompany each person. More specifically, MSPs should ensure that c-suite executives are united in their efforts to prevent data breaches, but this unity isn’t achievable until leaders understand the implications for their specific teams or departments.

Furthermore, MSPs will strive to earn trust by instilling confidence, not fear, with practical responses that empower companies to address insider threats. In many cases, insider threats are preventable and controllable. User behavior analytics give companies a wide-ranging view of their employee activity, and comprehensive algorithms can help detect threats before they become cybersecurity disasters.

What’s more, employee monitoring solutions can achieve oversight and accountability for cloud or on-site premises: providing:

  • real-time user activity monitoring
  • security systems for sensitive data
  • behavior analytics and anomaly detection
  • policy and rules enforcement
  • IT forensics and investigative capacity
  • risk analysis and vulnerability identification

When these insights are applied to industry-specific pain points, MSPs can drive revenue, making it imperative that representatives maintain a deep understanding of insider threat trends across various sector verticals. MSPs must speak to latent security needs rather than obvious wins, developing trust in expertise along the way.

#3 Focus On The Future

Compliance mandates are often a powerful motivator for private-sector change. However, compliance standards often lag operational realities and real-time risk analysis. For example, 2016 contractor requirements issued by the Department of Defense were widely understood to be outdated and ineffective, and companies that used these guidelines to inform their defensive posture put their data at risk. Today, companies should understand that Europe’s General Data Protection Regulation (GDPR) and California’s Consumer Privacy Act (CCPA) will inform their efforts but shouldn’t restrict the response.

That’s why MSPs need to speak to the present while focusing on the future, helping clients navigate a dangerous digital landscape with excellence by responding to today’s challenges and anticipating tomorrow’s pitfalls.

Notably, MSPs can lean on rapidly shifting consumer sentiments regarding data privacy and cybersecurity. One in four Americans won’t do business with a company after a data breach, and hard to quantify reputational damage will follow organizations even after a cybersecurity incident is resolved. In addition, data breaches have never been more expensive and consequential, including systems recovery, regulatory penalties, public relations, and opportunity costs.

In other words, these elements can prompt companies to take appropriate action when lagging indicators, like compliance measures, fail to appropriately guide organizations.


Especially when attracting and retaining top cybersecurity talent is incredibly challenging, today’s organizations are not an island. They cannot operate securely without the support of information security organizations taking the initiative to raise awareness, advocate for change, and focus on the future to keep them secure in the weeks and months ahead.

MSPs that help clients understand the risks will reap the reward of helping them defend against them. Boosting revenue in a post-pandemic landscape requires developing the capacity to help companies respond to the overwhelming cybersecurity and data privacy vulnerability posed by their employees. Stay up to date on the latest vulnerabilities and best practices, ensuring that clients have a readily available security solution that meets the challenges and opportunities of this unique moment.

About The Author

Isaac Kohen is VP of R&D at  Teramind, a leading global provider of employee monitoring, data loss prevention (“DLP”), and workplace productivity solutions. Follow on Twitter: @teramindco.