Newsletter | October 23, 2019

10.23.19 -- Why Managed Service Providers Must Monitor For Compromised Credentials

 
Why You Should Add Dark Web Monitoring To Your Service Offering
 

A large-scale data breach has the power to cripple any organization, including your customers’ companies. Unfortunately, these data breaches usually start with compromised credentials sold to the highest bidder on the dark web. Right now, all that stands in the way of your customers and a massive, costly breach is a few passwords — unless you’re offering dark web monitoring as a service.

Why Managed Service Providers Must Monitor For Compromised Credentials
 

If your customers are like most organizations, 75 percent of their employees recycle or use a variation of the same password across most of the systems and websites they access — both on and off their employer’s network. And this practice is becoming increasingly dangerous.

You’ve Been Breached: Now What?
 
It can happen to anyone — you’ve taken steps to limit your exposure to a cyber incident. You’ve purchased and implemented top-of-the-line IT solutions. You’ve carefully thought about security best practices and strived to adhere to them. But somehow, you’ve just become the latest victim of a data breach. At this point, the only question racing through your mind is, “What do I do next?”
MSPs: Strategic Security Role In Major Industries
 

The advisor role is a powerful one: MSPs support all parts of the organization while increasing use of cloud and other services by the customer makes the problems of security less directly manageable. The MSP can also provide solutions to enhance security awareness across the organization and make all employees more aware.

The Wipro Breach: A Demonstration Of Third-Party And Supply Chain Risk
 

Advanced phishing and supply chain vulnerabilities — these seem to be the successful attack vectors that hackers have used to compromise Wipro, an Indian multinational corporation that provides information technology, consulting and business process services. The Wipro breach seems to be a textbook case of exactly how not to handle a breach.