Chris Loehr — executive vice president of Solis Security, an incident response firm — has personally dealt with many of these MSP breaches. Speaking of GandCrab, Loehr says, "They certainly hit some MSPs in 2018, but the ransoms were relatively small: $10,000 to $25,000. In 2019, MSPs became more of a target, with increasing ransom demands and the threat actors leveraging MSP tools with greater efficiency to affect clients. GandCrab never required the MSP to pay up. It wasn't until GandCrab evolved into Sodinokibi in mid-2019 threat actors began to say: 'We ONLY want the MSP to pay. You can pay for ALL the customers or you get NOTHING at all.'"
Now more than ever, leading MSPs are re-engineering their cybersecurity offerings. "The new normal has begun, and the line in the sand of minimum cybersecurity requirements have changed for the SMB," says Andrew Morgan, host of the CyberCall, a free online community of 2,000 security-focused MSPs. "We're leading the charge for all MSPs, helping them understand that what they were doing for security in the past is no longer sufficient. And explaining this to their clients is a core competency that all MSPs must have in order to survive."
Founded in 1982, Castle Computer Services provides accounting and financial management software, business intelligence solutions, managed IT & cloud services throughout the UK, across a wide range of industries. Virtualization, CRM, Cybersecurity, DaaS, Data Storage, Dynamics 365 ... VMware, Veeam, Microsoft Gold, Fortinet, Citrix Andrew Cruickshank
Managed IT services allow businesses to delegate their IT operations to an expert third-party organization that specializes in handling these responsibilities. These third-party organizations, known as Managed Service Providers (MSPs), are responsible for the entirety or portions of a business’ IT systems, as agreed upon in a Service Level Agreement (SLA). IT equipment is typically procured by the client, and depending on the SLA, Managed Service Providers may provide round-the-clock monitoring, issue resolution and reporting, and more.