Picture this nightmare: you walk into the office the morning after a long weekend, and you are greeted by a red screen with a ransom note. When you turn around, all of the PCs in the office have the same red screen and ransom note. Your phone starts ringing. It’s one of your customers. They also have this red screen and ransom note. The phone keeps ringing. More red screens. More ransom notes. Every system on your entire network is infected. All of your data, all of your customers’ data — it is all inaccessible. The ransomers tell you that if you don’t pay 50 bitcoin by the end of the day, then they will wipe everything. Even worse, they copied everything before they encrypted it. If you don’t pay an additional 50 bitcoin, the ransomer is going to sell their copy of your data and your customers’ data to the highest bidder.
Too often, this nightmare is someone’s reality. Given the existing threat landscape and the lack of defenses available to SMBs, cybersecurity presents dealers with an outstanding opportunity (or tremendous threat) to their business.
The threat landscape
The current threat landscape is scarier than it has ever been. A new high-profile attack dominates the news cycle on a weekly basis. And it’s not just run-of-the mill criminals pulling off these heists. Businesses face threats from nation-state actors and cybercriminal gangs with seemingly unlimited resources and manpower. We have also seen the evolution of a robust hacking industry, including initial access brokers (hackers who can provide you with access to a business network) and ransomware gangs like Darkside (these organizations rent state-of-the-art hacking tools to criminal organizations).
The data suggests that more and more people are going to be subjected to this reality in the future. Cyberattacks will increase in frequency, and the fallout from attacks will become more brutal. According to ConnectWise’s 2021 State of SMB Cybersecurity Report, 32% of SMBs have suffered a cybersecurity attack in the past 12 months, up from 25% in 2020. That same study found that the cost of dealing with a cybersecurity incident is increasing. The average cost of a breach in 2021 was $104,296, almost twice the amount reported in 2019 ($53,987).
Turning MSPs’ tools against them
Attackers understand the tools that MSPs use to manage their clients. Even worse, sometimes they infiltrate those companies and launch supply-chain attacks. For example, with the SolarWinds hack, Russian cyberattackers were able to inject malicious code into the company’s Orion platform, providing a back door into the systems of businesses using Orion.
In the 2021 Perch MSP Threat Report, 43% of MSPs said that one of their service providers reported a security incident in the last 12 months. The tools that MSPs rely on to run their business — to protect their customers — are the very things that are being used to launch attacks.
Ransomware is once again the most pervasive cybersecurity threat facing businesses. Although MSPs are still valuable targets for ransomware attacks, they’re not as soft as they were in the past. MSPs understand just how valuable of a target they are, and are taking the steps necessary to mitigate their increased cybersecurity risks. In a survey conducted as part of the 2021 Perch MSP Threat Report, 82% of MSPs increased cybersecurity spending in 2020. Nearly two-thirds of all respondents said they would increase their budget by over 10%, while 10% of respondents said they would increase their security spending by more than 20%.
The initial results of increased spending are optimistic. Only 25% of MSPs that experienced a breach said it was related to ransomware. SMBs, however, do not fare as well when protecting themselves from these attacks, with 60% of SMB cybersecurity incidents related to ransomware.
Improved security at MSPs is good news for SMBs who are wary about putting their data into the hands of a managed IT provider. While MSPs aren’t invulnerable to ransomware attacks, they understand their value as a target, and are taking the extra precautions to account for that added risk. As more effective stewards of data, MSPs may be the superior choice for housing your data.
Helpless and vulnerable
Almost 80% of decision makers surveyed by ConnectWise are concerned that their organization will be the target of a cyberattack in the next six months. The increase in remote work has also complicated things, with 75% of decision makers reporting that “the added complexity of a remote workforce means that they are less secure.”
Making matters worse, 61% of decision makers reported that they “lack the skills in-house to be able to properly deal with security issues.” The cybersecurity industry is mired down by labor shortages, a problem that predates COVID-19. Even if SMBs can find qualified professionals, hiring and retaining enough of them will cost a king’s ransom.
As a result, many turn to managed IT providers. Research found that just over 80% of SMBs report using a managed IT provider in one fashion or another, with 49% outsourcing “all or a majority” of their cybersecurity needs. But even in those cases, SMBs aren’t optimistic. Only 23% of decision makers are confident in all cases that their organization/IT service provider can protect them.
In other words, SMBs can sense the danger, but feel helpless when it comes to defending themselves.
Cybersecurity providers are in high demand
With inadequate protections in a tempestuous environment, SMBs are desperate for an answer to their cybersecurity woes. In the short term, most SMBs (77%) will increase their cybersecurity budgets. But the long term answer doesn’t appear to be coming from within: 57% of SMBs plan to outsource “all or a majority” of their cybersecurity over the next five years. SMBs seem so desperate for the right answer, in fact, that 92% would use/move to a new provider if they offered “the right” solution, and pay 34% more (on average) than they do now.
The risk of entering the cybersecurity market is also decreasing. Customers are starting to realize that security is a shared responsibility. In the 2020 State of Cybersecurity study, 56% of SMBs said that they would share accountability in a cyberattack, compared to 39% in 2019. Less than a quarter held their MSP solely responsible, down from the prior year’s total of 33%. Customers are also starting to understand that there is no such thing as 100 secure, even if you’re paying an expert. Only 27% of SMBs discontinued their agreements with MSPs because of a cybersecurity incident.
Opportunity or threat?
One way to interpret all this data is to see cybersecurity as an outstanding opportunity — a product that can serve as the pillar of a healthy, growing business. Virtually every business on the planet — your existing customers and prospects you didn’t think you had any business talking to — has a tremendous need for strong cybersecurity protections, and they are willing to pay a premium for it.
Cybersecurity, however, is a 24/7/365 operation that is very different from selling print services or other office equipment. There is a lot of risk, and hiring cybersecurity professionals isn’t exactly the easiest thing to do. Partnering is a popular way to add cybersecurity services, as it provides you with something that you can sell right away, while offloading the more complicated components to a security specialist. There is no need to build and maintain your own SOC or worry about staffing it. You do the legwork of finding customers, and the partner handles the complicated, technical nature of defending your customers’ data. You have something to make you relevant to new and existing customers. As you grow your business you can invest and grow your cybersecurity practice, taking on more responsibilities on your own.
Another way to interpret the data is to view cybersecurity as a tremendous threat. If you don’t sell cybersecurity solutions, you risk losing existing customers to an all-in-one provider, and new business opportunities may be less plentiful as prospects seek out partners who can provide bundled products and services. And of course, cyberattacks remain a threat to your business regardless of what services you provide to customers — what does your threat protection plan look like? Furthermore, what does your recovery plan look like when you are hit by an event?
Regardless of whether you choose to take advantage of cybersecurity as a business opportunity or simply choose to protect your own business, it’s critical that you make a choice, because cybersecurity is the issue of our day. Digital transformation means nothing unless it is underpinned by strong security.
John Schweizer is Vice President — Channels and Business Development, Connectwise. John has had tenured runs in key executive positions at office equipment giants like Alco Standard-IKON, Ricoh and most recently as the CEO of a Xerox owned company. He also had principal ownership in a dealership in San Diego. John currently serves as a member of the advisory board for the cybersecurity firm Fhoosh.