MSP+ Cybersecurity Framework designed by former MSP owners
ConnectWise has created a security framework to help MSPs bolster their security skills at a time when they not only are seeing a growing demand from clients but also are increasingly the targets of cyberattacks.
The Lowdown: The managed service platform and portfolio company introduced the MSP+ Cybersecurity Framework and supporting Playbooks this week, one of several security-related announcements made during its IT Nation Explore virtual event.
The Details: With the number and complexity of cyberthreats growing and a shortage of skilled cybersecurity professionals, organizations are turning to MSPs for their security needs. At the same time, MSPs – which have access to their clients’ infrastructure and data through such tools as remote monitoring and management (RMM) – are coming under greater attacks by bad actors.
The MSP+ Cybersecurity Framework was designed by former MSP owners and is a collection of best-in-class guidance resources aimed at MSPs from other frameworks, such as NIST, CSF, CIS 20, UK Cyber Essentials, and Australia’s Essential Eight.
The framework is aligned with ConnectWise’s IT Nation Secure, which includes educational training and other resources, information sharing, engagement, and tools for building businesses. MSPs can use these tools to implement and run a security practice within their business and talk with clients about cybersecurity.
Other security-related announcements from ConnectWise this week include:
> Continuum to ConnectWise: ConnectWise has rebranded products it inherited with the acquisition last year of MSP provider Continuum. Former Continuum products are now called ConnectWise Command, Fortify, Recover, and Assist.
> ConnectWise Fortify for SaaS Security: The product is aimed at MSPs supporting Microsoft cloud environments and is a detection and response solution used to monitor active Microsoft accounts for anomalous user behavior by separating legitimate user activities from potentially malicious ones.
> ConnectWise Fortify for Assessment: The tool is designed to help MSPs sell security to SMBs. In the third quarter, the company will release an advanced version that will streamline the pre-sales process with a vulnerability scanner that will create holistic reports of security, risk, and data.
The Impact: Security is a significant opportunity for MSPs, with the market for managed security services expected to grow from $31.6 billion this year to $46.4 billion by 2025, according to a report from MarketsandMarkets. However, few MSPs offer clients a security plan or resources for end-user education, according to ConnectWise. In addition, the company cited a report from market research firm Vanson Bourne that only 13% of MSPs are talking to clients about cybersecurity as a normal part of their businesses.
Background: ConnectWise over the past several months has made moves to boost the security skills of its MSPs, as well as its own capabilities. The company has come under high-profile attacks in recent months. In January, security vendors discovered vulnerabilities in ConnectWise Control, remote desktop software, and this month ConnectWise warned MSPs and end users about a vulnerability in Automate, its RMM platform.
The Buzz: “We talk a lot about how important it is to know ‘what good looks like’ in your business so you can work towards that in all areas. But the challenge has been that MSPs haven’t had a specialized and standardized framework to work against for cybersecurity and therefore don’t know what good cybersecurity looks like,” ConnectWise CEO Jason Magee said. “We’ve designed the MSP+ Cybersecurity Framework to address that issue, and it’s part of a comprehensive new cybersecurity education and certification program called IT Nation Secure that will position MSPs for long-term success. In a world where there are expected to be 4 million unfilled cybersecurity positions in 2021, the opportunity is now for MSPs.”