DOWNERS GROVE, Ill., Aug. 16, 2023 – A newly released strategic plan to better secure remote monitoring and management (RMM) software against malicious threats includes input from CompTIA, the nonprofit association for the information technology (IT) industry and workforce, on behalf of the global managed service provider (MSP) community.
The Joint Cyber Defense Collaborative (JCDC), a public and private sector partnership, today released its JCDC RMM Cyber Defense Plan. The plan is intended to advance cybersecurity and reduce supply chain risk for small and medium critical infrastructure entities through collaboration with RMM vendors, managed service providers (MSPs) and managed security service providers (MSSPs).
“It is important that the unique experiences and perspectives of MSPs and MSSPs are considered and addressed in the new RMM plan,” said Wayne Selk, vice president, cybersecurity programs, CompTIA, and executive director of the CompTIA Information Sharing and Analysis Organization (ISAO).
“These firms provide information technology and cybersecurity services to approximately 90 percent of U.S.-based small and medium-sized businesses, who themselves account for about half the nation’s gross domestic product,” Selk added.
In January, the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint Cybersecurity Advisory to warn network defenders about malicious use of RMM software. Specifically, cybercriminal actors sent phishing emails that led to the download of legitimate RMM software, which the actors used in a refund scam to steal money from victim bank accounts. Additional types of malicious activity were also a possibility.
The JCDC RMM Cyber Defense Plan is built on two pillars:
- Greater collaboration and collective action across the RMM community to enhance information sharing, increase visibility and fuel creative cybersecurity solutions.
- Greater amplification and education about the dangers and risks to RMM infrastructure, and how to implement security best practices.
CompTIA’s connections to the global MSP community generally, and in cybersecurity specifically, are extensive. MSPs in dozens of countries are participating in the CompTIA Cybersecurity Trustmark program, which details a clear path to achieve foundational cybersecurity hygiene and position themselves as an organization that follows proven cybersecurity best practices. Similarly, the CompTIA ISAO, an initiative that analyzes the latest cybersecurity threats and provides actionable threat intelligence, has members around the world. It is built specifically for the IT channel ecosystem as a go-to resource on cybersecurity.
Have news to share? We want to help you spread the word. Submit your media releases to firstname.lastname@example.org. Please submit releases in Word or text docs or in the body of an email. Please do NOT send PDF documents.