Chris Loehr — executive vice president of Solis Security, an incident response firm — has personally dealt with many of these MSP breaches. Speaking of GandCrab, Loehr says, "They certainly hit some MSPs in 2018, but the ransoms were relatively small: $10,000 to $25,000. In 2019, MSPs became more of a target, with increasing ransom demands and the threat actors leveraging MSP tools with greater efficiency to affect clients. GandCrab never required the MSP to pay up. It wasn't until GandCrab evolved into Sodinokibi in mid-2019 threat actors began to say: 'We ONLY want the MSP to pay. You can pay for ALL the customers or you get NOTHING at all.'"
FRONTEO is a technology and services company specialized in big data, AI, and information governance. FRONTEO is driven by a service-oriented culture that continues to aim higher and brighter to develop state-of-the-art technology and the best services on the market, creating immense value for its customers, employees, consumers, and shareholders. Their focus, defined by their name, is to look to the future and to innovate on how their AI technology can be further applied to legal and other vertical business
From the above, it is clear that a managed service provider does not just help with technology adoption. They also help to monitor the ongoing spending and lessen the danger of introducing new technologies. While the market is already witnessing an increase in capital spending on the cloud and businesses managing IT services, it is evolving by itself.
For over eight years, LME Services has been providing IT support for an accounting firm. They have applied their technical expertise uniformly to their services, including server assistance, hosting, and security. LME Services rapidly responds to mitigate any technical emergencies that arise. The client particularly appreciated the team's consistent reliability. 
Thank you for shining a light on this systemic vulnerability. I don't think organizations realize that, in many ways, they inherit the security of their service providers. As another commenter noted, the RMM is overdue for radical reinvention. Security-minded MSPs may need to think about delegated access to customer environments, privileged access workstations, or other methods for remotely administering customer environments without that big fat one-to-many target that RMM represents. I think the MSP tooling ecosystem is general is problematic - MSPs design for scale and efficiency (making them an economical option for customers as opposed to hiring internally), but do I really want my password manager integrated into my RMM? Maybe not... There's a lot of market share out there waiting for MSPs that can develop real cybersecurity maturity.

Stratosphere Networks develops and implements B2B IT solutions, both on-premise as well as on hosted solutions, while retaining IT infrastructure at all levels. They have a robust and scalable cybersecurity framework that empowers in-house IT to monitor and manage response and remediation to incidents. Their core solutions include SIEM, managed detection and response, SOC services, virtual CSOs, and other managed security services, along with HIPAA and industry regulation compliance

Cyber Duo secured a moving and storage company’s website after it was attacked. They installed firewalls to ensure the site runs well and provided ongoing monitoring to prevent future breaches. The website is running again, and the new security measures performed well in testing, demonstrating that the solution will be effective against future attacks.
You provided clear explanation as to what managed services are exactly, and why a company would need to utilize them. Digital Maelstrom is an example of an MSP that serves as the third-party for businesses to utilize in order to manage their technology duties. Many of our clients are small to medium-sized as stated in the article. Thanks for posting!

At the outset of enterprise computing, information technology services and management was on a break/fix basis, meaning that computer systems were only managed by an expert when they did not work, necessitating a technician to fix it. This technician may also have been the person who built and/or installed the computer system, due to the proliferation of small IT shops that specialized in this small-scale client services at the time.

×