SlideShare a Scribd company logo

Cybersecurity 101 - A Masterclass in Securing MSPs and IT Pros Secure Your Future: Getting Cyber Ready for 2024

Download as PPTX, PDF
M
MSP360

In this masterclass, Tyler will: Unravel the intricacies of what hacking will look like in 2024 Shed light on the latest techniques and strategies employed by cybercriminals Equip you with the knowledge and tools needed to up your defense game and elevate your clients' security to new heights

Technology
1 of 62
MSP Security Masterclass Webinar 3 of 3 Tyler Wrightson Leet Cyber Security
@tbwrightson
First Week Recap • Hackers Target MSPs • Risk is Bidirectional 1. Admin policy & Training to avoid password reuse 2. MFA Everything (of value) 3. Minimum Necessary & Least Privilege 4. Complacency
Last Week Recap • Strength in Small Business • Foundations – Business Risk – Vuln != Risk – Context Matters
Last Week Recap – Top Five Controls 1. MFA 1. Email & VPN 2. Legacy Protocols 3. “Other” login locations 2. VPN ACLs 1. Minimum Necessary & Least Privilege 2. Isolate what matters 3. Internal Network ACLs
Last Week Recap – Top Five Controls 4. Privileges & Passwords 1. Local Admins Group 2. Credential Reuse (and Pass-The-Hash) 3. Privileged Users 4. LAPS & PAWs 5. MDR – Specifically Managed – Not NSM
Getting Cyber Ready for 2024 What will hacking look like in 2024 and what can MSPs do about it
Know Thyself and... -Sun Tzu
Hackers look to inflict…
Cyber Criminals are like water
“No ones going to touch us, no one knows us”
Spray & Pray
Scan & Slam
Access Brokers
It’s been a tough year…
1. Next Gen Social Engineering • “Synthetic Media” (image, video, audio and text) – AI Image generation – Deepfakes – Voice Cloning – Text
Voice Clone – What do we say? • Anything that works in a phishing email • Get me some gift cards • Funds transfer, credit card payment, bank info • We’re almost done with your loan application, just one more thing • I have a new cell phone number, then “Hey did you get my voicemail” • Text your MFA code to a test • Leave Keys, access tokens, computers, phone, tablet • Someone will be there soon to grab X… • Leave where you are • Go somewhere specific • ANYTHING
Text Cloning • Scrape your blog – Draft an email • Scrape social media – How do you talk to relatives – How do you talk to Spouse • Chatbot / SMS automation – Voice recordings – Romance scams • Perfect English, no more typos • Perfect industry lingo and references
What Can MSPs Do About it… • Awareness & Education • Educate your clients – AI, Voicecloning, Deepfakes • Continue your education – Understand your adversary
Technical Controls?
Questions
Cyber Insurance
• Cyber Insurance Carriers continue to focus on a core set of critical Security Controls as a primary requirement when evaluating a prospective insureds • Prospective insureds should have strong responses for all control areas. • Priority may vary slightly from one insurance carrier to another, based on insured’s industry sector, size, and Cyber profile. • Poor responses in one or more controls may result in declination, refusal to quote, elimination or co-insurance on ransomware coverage 66 Critical Controls for Cyber Insurability MFA EDR PAM Tested Backups Segregated Backups Service Accounts OT Security Cloud & Email Security Vendor Risk Management Tabletop Exercises Network Segmentation # of Domain Admins IR/BC/DR Planning 24/7 Monitoring Vulnerability Management Cyber Awareness & Training

Recommended

Keeping an Eye On Risk - Current Concerns and Supervisory Oversight
Keeping an Eye On Risk - Current Concerns and Supervisory OversightKeeping an Eye On Risk - Current Concerns and Supervisory Oversight
Keeping an Eye On Risk - Current Concerns and Supervisory OversightCBIZ, Inc.
 
Cybercrime and the Hidden Perils of Patient Data
Cybercrime and the Hidden Perils of Patient DataCybercrime and the Hidden Perils of Patient Data
Cybercrime and the Hidden Perils of Patient DataStephen Cobb
 
The only way to survive is to automate your SOC
The only way to survive is to automate your SOCThe only way to survive is to automate your SOC
The only way to survive is to automate your SOCRoberto Sponchioni
 
MSP360 Cybersecurity Master Class part 2
MSP360 Cybersecurity Master Class part 2MSP360 Cybersecurity Master Class part 2
MSP360 Cybersecurity Master Class part 2MSP360
 
Webinar cybersecurity presentation-6-2018 (final)
Webinar cybersecurity presentation-6-2018 (final)Webinar cybersecurity presentation-6-2018 (final)
Webinar cybersecurity presentation-6-2018 (final)AT-NET Services, Inc. - Charleston Division
 
2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-security2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-securityStephen Cobb
 
How Cybercriminals Cheat Email Authentication
How Cybercriminals Cheat Email AuthenticationHow Cybercriminals Cheat Email Authentication
How Cybercriminals Cheat Email AuthenticationReturn Path
 
Module 10 e security-en
Module 10 e security-enModule 10 e security-en
Module 10 e security-enInstitute of Entrepreneurship Development
 

Recommended

Keeping an Eye On Risk - Current Concerns and Supervisory Oversight
Keeping an Eye On Risk - Current Concerns and Supervisory OversightKeeping an Eye On Risk - Current Concerns and Supervisory Oversight
Keeping an Eye On Risk - Current Concerns and Supervisory OversightCBIZ, Inc.
 
Cybercrime and the Hidden Perils of Patient Data
Cybercrime and the Hidden Perils of Patient DataCybercrime and the Hidden Perils of Patient Data
Cybercrime and the Hidden Perils of Patient DataStephen Cobb
 
The only way to survive is to automate your SOC
The only way to survive is to automate your SOCThe only way to survive is to automate your SOC
The only way to survive is to automate your SOCRoberto Sponchioni
 
MSP360 Cybersecurity Master Class part 2
MSP360 Cybersecurity Master Class part 2MSP360 Cybersecurity Master Class part 2
MSP360 Cybersecurity Master Class part 2MSP360
 
Webinar cybersecurity presentation-6-2018 (final)
Webinar cybersecurity presentation-6-2018 (final)Webinar cybersecurity presentation-6-2018 (final)
Webinar cybersecurity presentation-6-2018 (final)AT-NET Services, Inc. - Charleston Division
 
2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-security2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-securityStephen Cobb
 
How Cybercriminals Cheat Email Authentication
How Cybercriminals Cheat Email AuthenticationHow Cybercriminals Cheat Email Authentication
How Cybercriminals Cheat Email AuthenticationReturn Path
 
Module 10 e security-en
Module 10 e security-enModule 10 e security-en
Module 10 e security-enInstitute of Entrepreneurship Development
 
How to protect your clients and your law firm from money transfer scams
How to protect your clients and your law firm from money transfer scamsHow to protect your clients and your law firm from money transfer scams
How to protect your clients and your law firm from money transfer scamsGabor Szathmari
 
Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...
Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...
Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...SurfWatch Labs
 
Unveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureUnveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureLourdes Paloma Gimenez
 
Communication Compliance in Microsoft 365
Communication Compliance in Microsoft 365Communication Compliance in Microsoft 365
Communication Compliance in Microsoft 365Joanne Klein
 
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...Knowledge Group
 
Rothke stimulating your career as an information security professional
Rothke stimulating your career as an information security professionalRothke stimulating your career as an information security professional
Rothke stimulating your career as an information security professionalBen Rothke
 
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party Risk
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party RiskUsing SurfWatch Labs' Threat Intelligence to Understand Third-Party Risk
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party RiskSurfWatch Labs
 
Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...
Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...
Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...Graeme Wood
 
Using Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber SecurityUsing Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber SecurityStephen Cobb
 
ConnXus myCBC Webinar Series: Cybersecurity Risks to Your Business
ConnXus myCBC Webinar Series: Cybersecurity Risks to Your BusinessConnXus myCBC Webinar Series: Cybersecurity Risks to Your Business
ConnXus myCBC Webinar Series: Cybersecurity Risks to Your BusinessConnXus
 
Cyber security
Cyber securityCyber security
Cyber securityAshok Mankodi
 
protecting your digital personal life
protecting your digital personal lifeprotecting your digital personal life
protecting your digital personal lifeNathan Lesser
 
SOD-Presentation-Des-Moines-10.19.21-v2.pptx
SOD-Presentation-Des-Moines-10.19.21-v2.pptxSOD-Presentation-Des-Moines-10.19.21-v2.pptx
SOD-Presentation-Des-Moines-10.19.21-v2.pptxTamaOlan1
 
Webinar Slides: Not-for-Profits Are Not Exempt from Risk: What You Need to Kn...
Webinar Slides: Not-for-Profits Are Not Exempt from Risk: What You Need to Kn...Webinar Slides: Not-for-Profits Are Not Exempt from Risk: What You Need to Kn...
Webinar Slides: Not-for-Profits Are Not Exempt from Risk: What You Need to Kn...MHM (Mayer Hoffman McCann P.C.)
 
TACOM 2014: Back To Basics
TACOM 2014: Back To BasicsTACOM 2014: Back To Basics
TACOM 2014: Back To BasicsJoel Cardella
 
The Cost and Loss of Not using Single Sign-On with Two-Factor Authentication
The Cost and Loss of Not using Single Sign-On with Two-Factor AuthenticationThe Cost and Loss of Not using Single Sign-On with Two-Factor Authentication
The Cost and Loss of Not using Single Sign-On with Two-Factor AuthenticationPortalGuard dba PistolStar, Inc.
 
Michigan Bankers Association Best 2014 enterprise risk management ppt
Michigan Bankers Association Best 2014 enterprise risk management pptMichigan Bankers Association Best 2014 enterprise risk management ppt
Michigan Bankers Association Best 2014 enterprise risk management pptBrian T. O'Hara CISA, CISM, CRISC, CCSP, CISSP
 
Quantifying Cyber Risk, Insurance and The Value of Personal Data
Quantifying Cyber Risk, Insurance and The Value of Personal DataQuantifying Cyber Risk, Insurance and The Value of Personal Data
Quantifying Cyber Risk, Insurance and The Value of Personal DataSteven Schwartz
 
4MANUAL OVERVIEW5SECTION 1Introduction Welcome.docx
4MANUAL OVERVIEW5SECTION 1Introduction Welcome.docx4MANUAL OVERVIEW5SECTION 1Introduction Welcome.docx
4MANUAL OVERVIEW5SECTION 1Introduction Welcome.docxalinainglis
 
Phishing Whaling and Hacking Case Studies.pptx
Phishing Whaling and Hacking Case Studies.pptxPhishing Whaling and Hacking Case Studies.pptx
Phishing Whaling and Hacking Case Studies.pptxStephen Jesukanth Martin
 
Webinar - Generating More Revenue with MSP360
Webinar - Generating More Revenue with MSP360Webinar - Generating More Revenue with MSP360
Webinar - Generating More Revenue with MSP360MSP360
 
Seamless Data Protection with MSP360 + Wasabi
Seamless Data Protection with MSP360 + WasabiSeamless Data Protection with MSP360 + Wasabi
Seamless Data Protection with MSP360 + WasabiMSP360
 

More Related Content

Similar to Cybersecurity 101 - A Masterclass in Securing MSPs and IT Pros Secure Your Future: Getting Cyber Ready for 2024

How to protect your clients and your law firm from money transfer scams
How to protect your clients and your law firm from money transfer scamsHow to protect your clients and your law firm from money transfer scams
How to protect your clients and your law firm from money transfer scamsGabor Szathmari
 
Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...
Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...
Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...SurfWatch Labs
 
Unveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureUnveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureLourdes Paloma Gimenez
 
Communication Compliance in Microsoft 365
Communication Compliance in Microsoft 365Communication Compliance in Microsoft 365
Communication Compliance in Microsoft 365Joanne Klein
 
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...Knowledge Group
 
Rothke stimulating your career as an information security professional
Rothke stimulating your career as an information security professionalRothke stimulating your career as an information security professional
Rothke stimulating your career as an information security professionalBen Rothke
 
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party Risk
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party RiskUsing SurfWatch Labs' Threat Intelligence to Understand Third-Party Risk
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party RiskSurfWatch Labs
 
Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...
Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...
Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...Graeme Wood
 
Using Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber SecurityUsing Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber SecurityStephen Cobb
 
ConnXus myCBC Webinar Series: Cybersecurity Risks to Your Business
ConnXus myCBC Webinar Series: Cybersecurity Risks to Your BusinessConnXus myCBC Webinar Series: Cybersecurity Risks to Your Business
ConnXus myCBC Webinar Series: Cybersecurity Risks to Your BusinessConnXus
 
protecting your digital personal life
protecting your digital personal lifeprotecting your digital personal life
protecting your digital personal lifeNathan Lesser
 
SOD-Presentation-Des-Moines-10.19.21-v2.pptx
SOD-Presentation-Des-Moines-10.19.21-v2.pptxSOD-Presentation-Des-Moines-10.19.21-v2.pptx
SOD-Presentation-Des-Moines-10.19.21-v2.pptxTamaOlan1
 
Webinar Slides: Not-for-Profits Are Not Exempt from Risk: What You Need to Kn...
Webinar Slides: Not-for-Profits Are Not Exempt from Risk: What You Need to Kn...Webinar Slides: Not-for-Profits Are Not Exempt from Risk: What You Need to Kn...
Webinar Slides: Not-for-Profits Are Not Exempt from Risk: What You Need to Kn...MHM (Mayer Hoffman McCann P.C.)
 
TACOM 2014: Back To Basics
TACOM 2014: Back To BasicsTACOM 2014: Back To Basics
TACOM 2014: Back To BasicsJoel Cardella
 
The Cost and Loss of Not using Single Sign-On with Two-Factor Authentication
The Cost and Loss of Not using Single Sign-On with Two-Factor AuthenticationThe Cost and Loss of Not using Single Sign-On with Two-Factor Authentication
The Cost and Loss of Not using Single Sign-On with Two-Factor AuthenticationPortalGuard dba PistolStar, Inc.
 
Quantifying Cyber Risk, Insurance and The Value of Personal Data
Quantifying Cyber Risk, Insurance and The Value of Personal DataQuantifying Cyber Risk, Insurance and The Value of Personal Data
Quantifying Cyber Risk, Insurance and The Value of Personal DataSteven Schwartz
 
4MANUAL OVERVIEW5SECTION 1Introduction Welcome.docx
4MANUAL OVERVIEW5SECTION 1Introduction Welcome.docx4MANUAL OVERVIEW5SECTION 1Introduction Welcome.docx
4MANUAL OVERVIEW5SECTION 1Introduction Welcome.docxalinainglis
 
Phishing Whaling and Hacking Case Studies.pptx
Phishing Whaling and Hacking Case Studies.pptxPhishing Whaling and Hacking Case Studies.pptx
Phishing Whaling and Hacking Case Studies.pptxStephen Jesukanth Martin
 

Similar to Cybersecurity 101 - A Masterclass in Securing MSPs and IT Pros Secure Your Future: Getting Cyber Ready for 2024 (20)

How to protect your clients and your law firm from money transfer scams
How to protect your clients and your law firm from money transfer scamsHow to protect your clients and your law firm from money transfer scams
How to protect your clients and your law firm from money transfer scams
 
Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...
Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...
Credit Unions Caught in the Cybercrime Cross Hairs: How to Get Ahead of the C...
 
Unveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureUnveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity posture
 
Communication Compliance in Microsoft 365
Communication Compliance in Microsoft 365Communication Compliance in Microsoft 365
Communication Compliance in Microsoft 365
 
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
 
Rothke stimulating your career as an information security professional
Rothke stimulating your career as an information security professionalRothke stimulating your career as an information security professional
Rothke stimulating your career as an information security professional
 
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party Risk
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party RiskUsing SurfWatch Labs' Threat Intelligence to Understand Third-Party Risk
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party Risk
 
Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...
Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...
Jd sherry howard a. schmidt cyber crime, cyberspy, cyberwar - taking the le...
 
Using Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber SecurityUsing Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber Security
 
ConnXus myCBC Webinar Series: Cybersecurity Risks to Your Business
ConnXus myCBC Webinar Series: Cybersecurity Risks to Your BusinessConnXus myCBC Webinar Series: Cybersecurity Risks to Your Business
ConnXus myCBC Webinar Series: Cybersecurity Risks to Your Business
 
Cyber security
Cyber securityCyber security
Cyber security
 
protecting your digital personal life
protecting your digital personal lifeprotecting your digital personal life
protecting your digital personal life
 
SOD-Presentation-Des-Moines-10.19.21-v2.pptx
SOD-Presentation-Des-Moines-10.19.21-v2.pptxSOD-Presentation-Des-Moines-10.19.21-v2.pptx
SOD-Presentation-Des-Moines-10.19.21-v2.pptx
 
Webinar Slides: Not-for-Profits Are Not Exempt from Risk: What You Need to Kn...
Webinar Slides: Not-for-Profits Are Not Exempt from Risk: What You Need to Kn...Webinar Slides: Not-for-Profits Are Not Exempt from Risk: What You Need to Kn...
Webinar Slides: Not-for-Profits Are Not Exempt from Risk: What You Need to Kn...
 
TACOM 2014: Back To Basics
TACOM 2014: Back To BasicsTACOM 2014: Back To Basics
TACOM 2014: Back To Basics
 
The Cost and Loss of Not using Single Sign-On with Two-Factor Authentication
The Cost and Loss of Not using Single Sign-On with Two-Factor AuthenticationThe Cost and Loss of Not using Single Sign-On with Two-Factor Authentication
The Cost and Loss of Not using Single Sign-On with Two-Factor Authentication
 
Michigan Bankers Association Best 2014 enterprise risk management ppt
Michigan Bankers Association Best 2014 enterprise risk management pptMichigan Bankers Association Best 2014 enterprise risk management ppt
Michigan Bankers Association Best 2014 enterprise risk management ppt
 
Quantifying Cyber Risk, Insurance and The Value of Personal Data
Quantifying Cyber Risk, Insurance and The Value of Personal DataQuantifying Cyber Risk, Insurance and The Value of Personal Data
Quantifying Cyber Risk, Insurance and The Value of Personal Data
 
4MANUAL OVERVIEW5SECTION 1Introduction Welcome.docx
4MANUAL OVERVIEW5SECTION 1Introduction Welcome.docx4MANUAL OVERVIEW5SECTION 1Introduction Welcome.docx
4MANUAL OVERVIEW5SECTION 1Introduction Welcome.docx
 
Phishing Whaling and Hacking Case Studies.pptx
Phishing Whaling and Hacking Case Studies.pptxPhishing Whaling and Hacking Case Studies.pptx
Phishing Whaling and Hacking Case Studies.pptx
 

More from MSP360

Webinar - Generating More Revenue with MSP360
Webinar - Generating More Revenue with MSP360Webinar - Generating More Revenue with MSP360
Webinar - Generating More Revenue with MSP360MSP360
 
Seamless Data Protection with MSP360 + Wasabi
Seamless Data Protection with MSP360 + WasabiSeamless Data Protection with MSP360 + Wasabi
Seamless Data Protection with MSP360 + WasabiMSP360
 
Getting Started with MSP360 RMM webinar April 2024
Getting Started with MSP360 RMM webinar April 2024Getting Started with MSP360 RMM webinar April 2024
Getting Started with MSP360 RMM webinar April 2024MSP360
 
Webinar - Unlocking the Critical Value of Cloud Backup and Storage - FINAL
Webinar - Unlocking the Critical Value of Cloud Backup and Storage - FINALWebinar - Unlocking the Critical Value of Cloud Backup and Storage - FINAL
Webinar - Unlocking the Critical Value of Cloud Backup and Storage - FINALMSP360
 
MSP360 Managed Backup: Secure Data Protection for Microsoft 365 and Google Wo...
MSP360 Managed Backup: Secure Data Protection for Microsoft 365 and Google Wo...MSP360 Managed Backup: Secure Data Protection for Microsoft 365 and Google Wo...
MSP360 Managed Backup: Secure Data Protection for Microsoft 365 and Google Wo...MSP360
 
Getting Started with MSP360 Managed Backup: Secure Your Data and Save Money ...
Getting Started with MSP360 Managed Backup: Secure Your Data and Save Money ...Getting Started with MSP360 Managed Backup: Secure Your Data and Save Money ...
Getting Started with MSP360 Managed Backup: Secure Your Data and Save Money ...MSP360
 
The Role of Backup and Recovery in the New Ransomware Economy
The Role of Backup and Recovery in the New Ransomware EconomyThe Role of Backup and Recovery in the New Ransomware Economy
The Role of Backup and Recovery in the New Ransomware EconomyMSP360
 
Getting Started With Managed Backup: Configuration Best Practices
Getting Started With Managed Backup: Configuration Best PracticesGetting Started With Managed Backup: Configuration Best Practices
Getting Started With Managed Backup: Configuration Best PracticesMSP360
 
Cybersecurity Essentials for Educational Institutions
Cybersecurity Essentials for Educational InstitutionsCybersecurity Essentials for Educational Institutions
Cybersecurity Essentials for Educational InstitutionsMSP360
 
Getting Started With Managed Backup - 2023.pptx
Getting Started With Managed Backup - 2023.pptxGetting Started With Managed Backup - 2023.pptx
Getting Started With Managed Backup - 2023.pptxMSP360
 
Cybersecurity 101 - A Masterclass in Securing MSPs and IT Pros Understand Hac...
Cybersecurity 101 - A Masterclass in Securing MSPs and IT Pros Understand Hac...Cybersecurity 101 - A Masterclass in Securing MSPs and IT Pros Understand Hac...
Cybersecurity 101 - A Masterclass in Securing MSPs and IT Pros Understand Hac...MSP360
 
Unraveling the Mystery of Cyber Insurance - MSP Guide to Cyber Insurance - Pr...
Unraveling the Mystery of Cyber Insurance - MSP Guide to Cyber Insurance - Pr...Unraveling the Mystery of Cyber Insurance - MSP Guide to Cyber Insurance - Pr...
Unraveling the Mystery of Cyber Insurance - MSP Guide to Cyber Insurance - Pr...MSP360
 
The Use (and Misuse) of AI in Cybersecurity: Exploring Two Sides of the Same...
The Use (and Misuse) of AI in Cybersecurity: Exploring Two Sides of the Same... The Use (and Misuse) of AI in Cybersecurity: Exploring Two Sides of the Same...
The Use (and Misuse) of AI in Cybersecurity: Exploring Two Sides of the Same...MSP360
 
MSP360 Sales Master Class Series Part 1
MSP360 Sales Master Class Series Part 1MSP360 Sales Master Class Series Part 1
MSP360 Sales Master Class Series Part 1MSP360
 
MSP360 Sales Master Class Series Part 1
MSP360 Sales Master Class Series Part 1MSP360 Sales Master Class Series Part 1
MSP360 Sales Master Class Series Part 1MSP360
 
Cyber Attacks Are Heating Up, Let Wasabi and MSP360 Turn Down The Heat
Cyber Attacks Are Heating Up, Let Wasabi and MSP360 Turn Down The HeatCyber Attacks Are Heating Up, Let Wasabi and MSP360 Turn Down The Heat
Cyber Attacks Are Heating Up, Let Wasabi and MSP360 Turn Down The HeatMSP360
 
A Brave New World - An Exploratory Look Into The Future of Hacking and Cyber...
A Brave New World - An Exploratory Look Into The Future of Hacking and Cyber... A Brave New World - An Exploratory Look Into The Future of Hacking and Cyber...
A Brave New World - An Exploratory Look Into The Future of Hacking and Cyber...MSP360
 
What’s New at MSP360?
What’s New at MSP360?What’s New at MSP360?
What’s New at MSP360?MSP360
 
The Role of Cyberstorage in Stopping Modern Ransomware Attacks
The Role of Cyberstorage in Stopping Modern Ransomware AttacksThe Role of Cyberstorage in Stopping Modern Ransomware Attacks
The Role of Cyberstorage in Stopping Modern Ransomware AttacksMSP360
 
MSP360: Ransomware Prepper Guide
MSP360: Ransomware Prepper GuideMSP360: Ransomware Prepper Guide
MSP360: Ransomware Prepper GuideMSP360
 

More from MSP360 (20)

Webinar - Generating More Revenue with MSP360
Webinar - Generating More Revenue with MSP360Webinar - Generating More Revenue with MSP360
Webinar - Generating More Revenue with MSP360
 
Seamless Data Protection with MSP360 + Wasabi
Seamless Data Protection with MSP360 + WasabiSeamless Data Protection with MSP360 + Wasabi
Seamless Data Protection with MSP360 + Wasabi
 
Getting Started with MSP360 RMM webinar April 2024
Getting Started with MSP360 RMM webinar April 2024Getting Started with MSP360 RMM webinar April 2024
Getting Started with MSP360 RMM webinar April 2024
 
Webinar - Unlocking the Critical Value of Cloud Backup and Storage - FINAL
Webinar - Unlocking the Critical Value of Cloud Backup and Storage - FINALWebinar - Unlocking the Critical Value of Cloud Backup and Storage - FINAL
Webinar - Unlocking the Critical Value of Cloud Backup and Storage - FINAL
 
MSP360 Managed Backup: Secure Data Protection for Microsoft 365 and Google Wo...
MSP360 Managed Backup: Secure Data Protection for Microsoft 365 and Google Wo...MSP360 Managed Backup: Secure Data Protection for Microsoft 365 and Google Wo...
MSP360 Managed Backup: Secure Data Protection for Microsoft 365 and Google Wo...
 
Getting Started with MSP360 Managed Backup: Secure Your Data and Save Money ...
Getting Started with MSP360 Managed Backup: Secure Your Data and Save Money ...Getting Started with MSP360 Managed Backup: Secure Your Data and Save Money ...
Getting Started with MSP360 Managed Backup: Secure Your Data and Save Money ...
 
The Role of Backup and Recovery in the New Ransomware Economy
The Role of Backup and Recovery in the New Ransomware EconomyThe Role of Backup and Recovery in the New Ransomware Economy
The Role of Backup and Recovery in the New Ransomware Economy
 
Getting Started With Managed Backup: Configuration Best Practices
Getting Started With Managed Backup: Configuration Best PracticesGetting Started With Managed Backup: Configuration Best Practices
Getting Started With Managed Backup: Configuration Best Practices
 
Cybersecurity Essentials for Educational Institutions
Cybersecurity Essentials for Educational InstitutionsCybersecurity Essentials for Educational Institutions
Cybersecurity Essentials for Educational Institutions
 
Getting Started With Managed Backup - 2023.pptx
Getting Started With Managed Backup - 2023.pptxGetting Started With Managed Backup - 2023.pptx
Getting Started With Managed Backup - 2023.pptx
 
Cybersecurity 101 - A Masterclass in Securing MSPs and IT Pros Understand Hac...
Cybersecurity 101 - A Masterclass in Securing MSPs and IT Pros Understand Hac...Cybersecurity 101 - A Masterclass in Securing MSPs and IT Pros Understand Hac...
Cybersecurity 101 - A Masterclass in Securing MSPs and IT Pros Understand Hac...
 
Unraveling the Mystery of Cyber Insurance - MSP Guide to Cyber Insurance - Pr...
Unraveling the Mystery of Cyber Insurance - MSP Guide to Cyber Insurance - Pr...Unraveling the Mystery of Cyber Insurance - MSP Guide to Cyber Insurance - Pr...
Unraveling the Mystery of Cyber Insurance - MSP Guide to Cyber Insurance - Pr...
 
The Use (and Misuse) of AI in Cybersecurity: Exploring Two Sides of the Same...
The Use (and Misuse) of AI in Cybersecurity: Exploring Two Sides of the Same... The Use (and Misuse) of AI in Cybersecurity: Exploring Two Sides of the Same...
The Use (and Misuse) of AI in Cybersecurity: Exploring Two Sides of the Same...
 
MSP360 Sales Master Class Series Part 1
MSP360 Sales Master Class Series Part 1MSP360 Sales Master Class Series Part 1
MSP360 Sales Master Class Series Part 1
 
MSP360 Sales Master Class Series Part 1
MSP360 Sales Master Class Series Part 1MSP360 Sales Master Class Series Part 1
MSP360 Sales Master Class Series Part 1
 
Cyber Attacks Are Heating Up, Let Wasabi and MSP360 Turn Down The Heat
Cyber Attacks Are Heating Up, Let Wasabi and MSP360 Turn Down The HeatCyber Attacks Are Heating Up, Let Wasabi and MSP360 Turn Down The Heat
Cyber Attacks Are Heating Up, Let Wasabi and MSP360 Turn Down The Heat
 
A Brave New World - An Exploratory Look Into The Future of Hacking and Cyber...
A Brave New World - An Exploratory Look Into The Future of Hacking and Cyber... A Brave New World - An Exploratory Look Into The Future of Hacking and Cyber...
A Brave New World - An Exploratory Look Into The Future of Hacking and Cyber...
 
What’s New at MSP360?
What’s New at MSP360?What’s New at MSP360?
What’s New at MSP360?
 
The Role of Cyberstorage in Stopping Modern Ransomware Attacks
The Role of Cyberstorage in Stopping Modern Ransomware AttacksThe Role of Cyberstorage in Stopping Modern Ransomware Attacks
The Role of Cyberstorage in Stopping Modern Ransomware Attacks
 
MSP360: Ransomware Prepper Guide
MSP360: Ransomware Prepper GuideMSP360: Ransomware Prepper Guide
MSP360: Ransomware Prepper Guide
 

Recently uploaded

How to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfHow to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfdanishmna97
 
2024 May Patch Tuesday
2024 May Patch Tuesday2024 May Patch Tuesday
2024 May Patch TuesdayIvanti
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard37
 
Frisco Automating Purchase Orders with MuleSoft IDP- May 10th, 2024.pptx.pdf
Frisco Automating Purchase Orders with MuleSoft IDP- May 10th, 2024.pptx.pdfFrisco Automating Purchase Orders with MuleSoft IDP- May 10th, 2024.pptx.pdf
Frisco Automating Purchase Orders with MuleSoft IDP- May 10th, 2024.pptx.pdfAnubhavMangla3
 
WebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM PerformanceWebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM PerformanceSamy Fodil
 
ERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage IntacctERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage IntacctBrainSell Technologies
 
Working together SRE & Platform Engineering
Working together SRE & Platform EngineeringWorking together SRE & Platform Engineering
Working together SRE & Platform EngineeringMarcus Vechiato
 
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...ScyllaDB
 
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdfMuhammad Subhan
 
Portal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russePortal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russe中 央社
 
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...FIDO Alliance
 
WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024Lorenzo Miniero
 
Design and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data ScienceDesign and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data SciencePaolo Missier
 
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...panagenda
 
Introduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptxIntroduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptxFIDO Alliance
 
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptxTales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptxFIDO Alliance
 
Cyber Insurance - RalphGilot - Embry-Riddle Aeronautical University.pptx
Cyber Insurance - RalphGilot - Embry-Riddle Aeronautical University.pptxCyber Insurance - RalphGilot - Embry-Riddle Aeronautical University.pptx
Cyber Insurance - RalphGilot - Embry-Riddle Aeronautical University.pptxMasterG
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMKumar Satyam
 
JavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate GuideJavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate GuidePixlogix Infotech
 

Recently uploaded (20)

How to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cfHow to Check CNIC Information Online with Pakdata cf
How to Check CNIC Information Online with Pakdata cf
 
Overview of Hyperledger Foundation
Overview of Hyperledger FoundationOverview of Hyperledger Foundation
Overview of Hyperledger Foundation
 
2024 May Patch Tuesday
2024 May Patch Tuesday2024 May Patch Tuesday
2024 May Patch Tuesday
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptx
 
Frisco Automating Purchase Orders with MuleSoft IDP- May 10th, 2024.pptx.pdf
Frisco Automating Purchase Orders with MuleSoft IDP- May 10th, 2024.pptx.pdfFrisco Automating Purchase Orders with MuleSoft IDP- May 10th, 2024.pptx.pdf
Frisco Automating Purchase Orders with MuleSoft IDP- May 10th, 2024.pptx.pdf
 
WebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM PerformanceWebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM Performance
 
ERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage IntacctERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage Intacct
 
Working together SRE & Platform Engineering
Working together SRE & Platform EngineeringWorking together SRE & Platform Engineering
Working together SRE & Platform Engineering
 
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...
Event-Driven Architecture Masterclass: Integrating Distributed Data Stores Ac...
 
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
“Iamnobody89757” Understanding the Mysterious of Digital Identity.pdf
 
Portal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russePortal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russe
 
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
 
WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024
 
Design and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data ScienceDesign and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data Science
 
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
 
Introduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptxIntroduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptx
 
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptxTales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
 
Cyber Insurance - RalphGilot - Embry-Riddle Aeronautical University.pptx
Cyber Insurance - RalphGilot - Embry-Riddle Aeronautical University.pptxCyber Insurance - RalphGilot - Embry-Riddle Aeronautical University.pptx
Cyber Insurance - RalphGilot - Embry-Riddle Aeronautical University.pptx
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDM
 
JavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate GuideJavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate Guide
 

Cybersecurity 101 - A Masterclass in Securing MSPs and IT Pros Secure Your Future: Getting Cyber Ready for 2024

  • 1. MSP Security Masterclass Webinar 3 of 3 Tyler Wrightson Leet Cyber Security
  • 2.
  • 3.
  • 4.
  • 5.
  • 7.
  • 8.
  • 9.
  • 10. First Week Recap • Hackers Target MSPs • Risk is Bidirectional 1. Admin policy & Training to avoid password reuse 2. MFA Everything (of value) 3. Minimum Necessary & Least Privilege 4. Complacency
  • 11. Last Week Recap • Strength in Small Business • Foundations – Business Risk – Vuln != Risk – Context Matters
  • 12. Last Week Recap – Top Five Controls 1. MFA 1. Email & VPN 2. Legacy Protocols 3. “Other” login locations 2. VPN ACLs 1. Minimum Necessary & Least Privilege 2. Isolate what matters 3. Internal Network ACLs
  • 13. Last Week Recap – Top Five Controls 4. Privileges & Passwords 1. Local Admins Group 2. Credential Reuse (and Pass-The-Hash) 3. Privileged Users 4. LAPS & PAWs 5. MDR – Specifically Managed – Not NSM
  • 14.
  • 15.
  • 16. Getting Cyber Ready for 2024 What will hacking look like in 2024 and what can MSPs do about it
  • 17.
  • 18.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24. Hackers look to inflict…
  • 25. Cyber Criminals are like water
  • 26.
  • 27.
  • 28. “No ones going to touch us, no one knows us”
  • 29.
  • 30.
  • 34. It’s been a tough year…
  • 35.
  • 36. 1. Next Gen Social Engineering • “Synthetic Media” (image, video, audio and text) – AI Image generation – Deepfakes – Voice Cloning – Text
  • 37.
  • 38.
  • 39. Voice Clone – What do we say? • Anything that works in a phishing email • Get me some gift cards • Funds transfer, credit card payment, bank info • We’re almost done with your loan application, just one more thing • I have a new cell phone number, then “Hey did you get my voicemail” • Text your MFA code to a test • Leave Keys, access tokens, computers, phone, tablet • Someone will be there soon to grab X… • Leave where you are • Go somewhere specific • ANYTHING
  • 40. Text Cloning • Scrape your blog – Draft an email • Scrape social media – How do you talk to relatives – How do you talk to Spouse • Chatbot / SMS automation – Voice recordings – Romance scams • Perfect English, no more typos • Perfect industry lingo and references
  • 41.
  • 42.
  • 43.
  • 44.
  • 45.
  • 46.
  • 47.
  • 48.
  • 49.
  • 50.
  • 51.
  • 52.
  • 53.
  • 54.
  • 55. What Can MSPs Do About it… • Awareness & Education • Educate your clients – AI, Voicecloning, Deepfakes • Continue your education – Understand your adversary
  • 56.
  • 59.
  • 60.
  • 62. • Cyber Insurance Carriers continue to focus on a core set of critical Security Controls as a primary requirement when evaluating a prospective insureds • Prospective insureds should have strong responses for all control areas. • Priority may vary slightly from one insurance carrier to another, based on insured’s industry sector, size, and Cyber profile. • Poor responses in one or more controls may result in declination, refusal to quote, elimination or co-insurance on ransomware coverage 66 Critical Controls for Cyber Insurability MFA EDR PAM Tested Backups Segregated Backups Service Accounts OT Security Cloud & Email Security Vendor Risk Management Tabletop Exercises Network Segmentation # of Domain Admins IR/BC/DR Planning 24/7 Monitoring Vulnerability Management Cyber Awareness & Training