Creates TSP-ISAO to aggregate, analyze intelligence for MSPs
ConnectWise has announced the creation of an organization designed to act as a hub for compiling and sharing information about cybersecurity threats facing technology service providers at a time when TSPs are increasingly becoming the target of bad actors.
The Lowdown: ConnectWise, which offers an as-a-service professional services automation (PSA) platform, is inviting other companies to join the Technology Solution Provider Information Sharing and Analysis Organization (TSP-ISAO), which will provide members with real-time actionable threat intelligence, analysis of the potential impact of threats, and coordinated responses.
The Details: The TSP-ISAO also will address best practices for cybersecurity and education for members’ workforces. The foundation of the organization will be a threat intelligence platform powered by Perch Security, which offers a co-managed threat detection and response platform that’s supported by Perch’s security operations center (SOC). Perch will automate the sharing of intelligence for all members of the group. More details about the TSP-ISAO will be available Oct. 30-Nov. 1 at the IT Nation Connect 2019 show in Orlando, Florida.
The Impact: According to an alert last October from the Department of Homeland Security, MSPs since 2016 have come under increasing attack from advanced persistent threat (APT) groups that want to infiltrate their networks to steal IP and other sensitive data and conduct cyber-espionage campaigns.
U.S. industries that have been targeted by the bad actors include energy, health care, communications, and manufacturing. Efforts similar to the TSP-ISAO have cropped up to share such information, including the Financial Services Information Sharing and Analysis Center, which aims to reduce the risk to global financial systems.
The attack group dubbed APT10 is an example of the threat facing MSPs. Beginning three years ago, the Chinese hackers have run a series of campaigns known as “Operation Cloudhopper” against at least 45 MSPs and other companies in 12 countries, targeting the trusted access MSPs have to their clients’ networks. The group has stolen IP from hundreds of corporations, with the managed service units of HPE and IBM among the victims.
Background: The TSP-ISAO is seeking to take advantage of a statement by the Federal Trade Commission and Justice Department in 2014 that said the sharing of cyber-threat information – if done properly – won’t violate U.S. antitrust laws.
The Buzz: “ConnectWise is launching the TSP-ISAO and leading the campaign to get companies collaboratively involved with us because we think it’s of the utmost importance for the entire industry,” ConnectWise CEO Jason Magee said. “I’ve already reached out to several of my counterparts to begin these collaborative discussions, and I invite interested vendors to reach out to ConnectWise and get involved as well.”
“Cyber-criminals have set their sights on technology solution providers, and it’s time the industry came together to do something about it. To that end, the TSP-ISAO will provide services that help vendors of all sizes accelerate the maturity of their cybersecurity and compliance programs,” ConnectWise CISO John Ford said. “This includes providing information, intelligence, and benchmarking information relative to the technology solution provider community, including the effective use of self-assessment tools. And leveraging Perch, we have the threat intelligence platform needed to support an ISAO ready to go today.”
“In the five years since the Federal Trade Commission and the Department of Justice issued a statement clarifying that the aggregation and sharing of cyber threat information would not result in antitrust violations, the industry has been slow to respond to the opening that statement provided – in particular, to weaponize the vast trove of threat data technology solution providers amass on a daily basis against would-be attackers,” said Todd Thibodeaux, president and CEO of CompTIA. “CompTIA applauds the goals of the TSP-ISAO to address the information shortfall by creating a real-time actionable platform.”