Attacks on MSPs - managed service providers - and their customers have almost doubled in the last 18 months, while security remains a top growth opportunity.

Research conducted by an independent research firm and commissioned by N-able has found that managed services providers are quickly overtaking their customers as a primary target for cybercriminals. The findings also reveal that, while 90% of the surveyed MSPs suffered a cyberattack in the last 18 months, the number of attacks these MSPs are preventing has almost doubled, from 6 to 11.

The report, 'State of the Market: The New Threat Landscape', reflects the responses of 500 participants - sourced from the US and Europe by an independent research team -about their security experiences before the COVID-19 pandemic and today to discover what had changed. There has been an assumption that the increase in hybrid working has meant a shift in how threat attackers are operating. N-able's research has been looking at that shift and what it means for MSPs.

"MSPs have worked tirelessly throughout the pandemic to ensure that the businesses they support can stay online and connected as circumstances changed," comments Dave MacKinnon, chief security officer, N-able. "But the cybercriminals they're protecting against are working equally as hard to make use of these shifts against their targets. MSPs need to understand how the threat landscape continues to evolve, and make the changes needed to protect both their customers and themselves, and make the most of the enormous opportunity that enhancing security provides."

The N-able research reveals:

• Almost all (90%) MSPs have suffered a successful cyberattack of some sort in the last 18 months and the same amount have seen an increase in the number of attacks they are preventing each month. On average, the number of attacks being prevented has risen from six to 11
• 82% of MSPs have also seen attacks on their customers rise, though not quite at the same rate, with an average of 14 attacks prevented per month
• While some progress is being made on important security processes, such as automating backup, many basics are still not in place. For example, while most MSPs offer two-factor authentication to their customers, only 40% have implemented it in-house
• DDoS and ransomware are among the main attacks MSPs are detecting, but the top attack remains phishing
• The effects of cyberattacks are wide ranging. Over half of MSPs say that financial loss and business disruption resulted after a cyberattack, but many said they have lost business (46%), suffered reputational effects (45%) and even seen their customers suffer a loss of trust (28%). While MSP budgets are only increasing at an average of 5%, they are focusing this extra investment on key areas, including data security, cloud security and infrastructure protection.

There's good news, too. The majority of SMEs, seven in every 10, are planning to increase their security budget. The one outlier is France, but, even there, six in 10 SMEs are increasing their budgets, according to the report. "Of the rest, most are maintaining the same budgets, with only 2% looking to decrease budgets. The increases are substantial, an average of 7%. Given recent circumstances, this is a solid investment by businesses in security. For MSPs, this means there is a big opportunity available. For many customers, they do not have to work hard to convince them that security is important and needs investment; rather, the conversation needs to be about where the money should be spent and how to make the most of this increase.

"SMEs are keen to spend this increase on data security and cloud security, with identity access way down the priority list. MSPs should follow their customers' lead to an extent when offering additional and improved services, but should also remember that they are the experts."

WHERE ARE MSPS SPENDING THEIR MONEY right now? The most common security tools receiving this extra investment include data security, cloud security, and infrastructure protection. Identity access is the least common investment. "The toolsets MSPs are implementing include data encryption, antivirus and multifactor authentication. There are also some interesting regional variations, with French MSPs investing heavily in VPNs, while the UK and Germany are putting money into email filtering solutions."

"Automating key functions is critical to making headway against cybercriminals," adds N-able. "Automated backups are the most common form of automation used by MSPs to keep their customers' businesses secure, used by 85% of all respondents."

LAST LINE OF DEFENCE
Backup is seen as crucial - the last line of defence - and MSPs must be able to recover customers' data and systems, no matter what. "In general, backup is provided to most customers, but of major concern is the fact that only 40% of businesses are backing up workstations every 48 hours or less."

THREAT GROWS GREATER
Lee Robinson, co-founder and director, Meta Eagle, is equally alarmed by the way in which MSPs are being singled out. "As this report reveals, the threat among the MSP community is becoming increasingly real.

"And now we're seeing our customers becoming more aware to exploits and vulnerabilities out there in the world. They want to actively engage in conversation, so they can understand how best they can be protected," he points out.

"The industry has a major role to play in guiding businesses down the right path. This includes a cultural shift from having an IT partner that is simply looked at as a bottom-line cost, but more of an investment into your business. Strong IT support, while empowering you to work from anywhere, should also secure your data, mitigate risk and put contingences in place, should the worse happen."

MUTI-FACETED PROBLEM
Lisa Niekamp-Urwin, CEO, Tomorrow's Technology Today, points to the "shocking statistics" within the report regarding the very real cyber threat for the MSP community and says it "speaks to the need to address the issue from many sides".

In particular, she says hygiene becomes a critical factor - "removing admin rights, MFA, EDR, MDR, backup, log retention, monitoring, hardening, the list goes on and on. When I joined this MSP twenty years ago, I didn't anticipate having a security engineer on staff full-time. Yet, here we are - it's a huge priority".

In today's climate, she adds, the industry needs to step up its game. "MSPs need to do their research, understand and listen to what is happening to their community; interrogate their stack and make sure there are no holes. And follow the golden rule…. MFA [multi-factor authenticate] everything!"