SlideShare a Scribd company logo

The impact of a security breach on MSP's and their clients

Jose Lopez
Jose Lopez

This solution brief outline the financial and reputation impact of a security breach for a MSP and his customers. Choosing the best Antivirus/Antimalware and content control solution for a MSP is critical for protect his customers properly against new and emerging threats.

Software
1 of 5
Download to read offline
T he volume and sophistication of malware has skyrocketed. According to AV-Test.org the number of new and unique malwares identified, per day, has grown from 32,000 in 2009 to over 260,000 in 2014 (more than 10,500 per hour). In today’s interconnected world of increasingly sophisti- cated vulnerabilities, managed service providers can no longer rely on an incomplete or sub-par security strategy to protect their customer from malware that targets an enterprise’s diverse array of endpoints. 1 S p o n s o r e d B y The Impact of a Security Breach on MSPs and their Clients
Rather, MSPs need best-of-breed malware protection as part of a multi-layer approach to safeguard their client’s hybrid environments. Without a specialized malware security solution for their physical and vir- tual technologies, MSPs leave themselves more exposed to the types of malware that last year crippled huge retailers such as Target and Home Depot. Indeed, researchers soon discovered other POS malware, and pundits predict a slew of new ransomware, mobile malware, hard drives, and malware attacks on Internet of Things devices during the next 12 months alone. Security tools that claim to protect all areas of a network from all points of attack cannot expend the specialized resources necessary to combat hackers focusing on developing next-generation malware. And since malware accounted for 94% of attacks in 2014, it’s vital that MSPs choose the best malware protec- tion available rather than rely on a bundled package that tries to do everything. “There are two types of MSPs,” said Terry Hedden, CEO of Cloud Guru. “There are those that keep their service lines very simple that use one or two security products to protect against everything – and deal with the consequences of that approach. And there are those that use layers of security. Think of it like dressing for the cold: You can have one really, really thick layer of clothing or you can put on multiple layers of clothing. Everyone knows the inherent properties of layering of clothing for keeping warm and the same applies to security. Layers keep you more secure than one coating of technology.” Of course, what MSPs put in those layers is critical, Hedden added, since malware creators keep themselves aware of security developers’ advances and products. These black hats com- municate online, sharing insights and selling tools to circumvent vendors’ products, he said. Therefore, in his opinion, MSPs must use solu- tions specifically designed to combat malware at the endpoint to ensure they’re accessing the most sophisticated, current, and tested security technologies. A developer that focuses all its re- Think of it like dressing for the cold: You can have one really, really thick layer of clothing or you can put on multiple layers of clothing. Everyone knows the inherent properties of layering of clothing for keeping warm and the same applies to security. Layers keep you more secure than one coating of technology.” — Terry Hedden, CEO of Cloud Guru 2 The Impact of a Security Breach on MSPs and their Clients
sources and intellectual property on protecting the endpoint from malware is more proficient at defend- ing this otherwise vulnerable element than a vendor that spreads its research and development budget across the entire network, he said. Relying on one vendor for security is perilous. “Having one robust layer of security means you have a single point of failure. If there’s a functionality problem or a virus patch that’s not deployed as fast as an- other, you have a situation where customers are vulnerable,” said Hedden. “When you have multiple lay- ers, you’re not putting all your eggs in one basket. You’re deploying across multiple vendors and spreading the risk.” Damage Dangers While enterprises like Target, Sony, and Anthem typically garner headlines, small and midsize businesses are more likely to be hit – and irreparably damaged – by malware. Approximately 81% of all breaches occur in SMBs. The effect on these smaller organizations, a group that generally includes most managed service providers, can be widespread and devastating. It costs a business $145 for every lost or stolen record that contains sensitive or confidential data, ac- cording to Ponemon’s 2014 study, 9% more than the prior year. Given the number of records each MSP oversees via its technology infrastructure agreements, a malware-created disruption, loss, or destruction of internal or client records could quickly add up to millions of dollars. Business for an MSPs unaffected clients could also come to a grinding halt, as investigators – insurance, state, and perhaps federal – re- search the situation, potentially causing the loss of these unaffected clients, due to service slow downs and/or bad publicity damaging the MSPs reputation. Star employees may move on, seeking to remove themselves from the taint of an affected MSP. Following the breach, an MSP may well be forced to slash fees, advertise heavily, and become involved in extensive – and expensive – public relations initiatives to try and recoup its losses and rebuild the company. In 2014, the cost a company incurred in lost business following a data breach averaged $3.2 million. Typically, expenses included lost clients, credit monitoring for customers, investigation costs, insurance, and discounts to encourage clients to remain or return. Labor costs represented more than one-fourth of breach recovery costs; employees spent a lot of time recuperating, not serving clients. In addition, cash outlay accounted for 22% of costs, productivity loss represented 21%, and indirect labor 14%. On average, it takes a business 45 days to resolve a breach at more than $35,000 per day. If employees leave 3 The Impact of a Security Breach on MSPs and their Clients
following a breach, it could take longer. HUB International, formed by a group of insurance brokerages, offers a data breach calculator to help companies determine the costs they face after a breach. Elements include the number of affected records; whether the data was centralized; if a class action suit has been filed, and the type of data breached. Sadly but perhaps unsurprisingly then, six in 10 SMBs that have been breached went out of business. That was the case for Code Spaces, a code hosting and project MSP that closed its doors in mid-2014 after a “well-orchestrated” DDoS attack against its servers, SC Magazine reported. A phishing attack likely caused the attack by giving hackers access to an administrator’s credentials. “This incident is a not-so-subtle reminder that security controls to monitor and manage privileged access need to be taken just as seriously in the cloud as they are in the data center,” CEO Ofer Hendler told the publication. “That means limiting access to sensitive systems and data, both IT and business applications, to only those that need it.” Diverting Damage With free, or more accurately freemium, malware products, MSPs often find costs accrue later, not up- front – but those costs can be heavy. If a business uses a freemium security solution that does not detect a new malware variant that was attached to spam, the company easily could lose confidential or important files, said Liviu Arsene, senior e-threat analyst at Bitdefender, in InformationWeek. “Although a free security solution does have its perks (well, it’s free), it might cause more problems than it solves. There’s no such thing as a comprehensive and free security solution,” Arsene wrote. “Any com- pany, regardless of its size, needs to tackle problems associated with the security of its infrastructure and data. Everything from sandboxing to application whitelisting might be costly and could require some integration work, but at least you’ll sleep better at night knowing your company will prosper another day.” MSPs can also sleep better because better endpoint security means better profitability. Providers that use carefully crafted security layers and choose a vendor partner that specializes in malware protection for their endpoints safeguard their organizations and their customers – and improve their bottom lines, said Cloud Guru’s Hedden. His recommendation? Implementing Bitdefender’s solutions to safeguard the MSP and the client, then marketing this technology as a value-add differentiator. 4 The Impact of a Security Breach on MSPs and their Clients
“Bitdefender gives you a solution you can leverage as a point of differentiation,” Hedden said. “It’s easier to compete with your competitors because your security, your solution, is better, stronger, and different than your competitor’s offering. You cannot compare apples to oranges. Endpoint security is a very substantial portion of the spend an MSP makes to sell its services. Anything you can do to reduce that piece pays for itself in spades. It’s a great way to secure your customer but also reduce your expenses. You’re buying a better solution for your MSP business, then selling the extra security and extra value to your clients so the return on investment is fast and ongoing – in dollars and customer loyalty.” The End Point Security Answer: Bitdefender for MSPs When it comes to protection, MSPs have the opportunity to choose a solution that provides the highest level of security for their clients. In the independent AV-Test trials, some of the strictest in the industry, Bitdefender has had the highest average score for protection, performance and usability of all the solu- tions evaluated. Additionally, no other security vendor integrates with more MSP platforms than Bitde- fender, including specialized products for Kaseya, LabTech, N-able and Navarisk. Bitdefender’s core MSP solution, Cloud Security for MSPs, utilizes a cloud-based console and an ad- vanced set of features: • Multi-tier and multi-tenant cloud console • Antimalware, antivirus, two-way firewall, device control, URL security and web control • Integration with ConnectWise • Monthly usage based licensing – MSPs are invoiced only for the number of seats protected each month • Protects physical and virtual endpoints • Protects Windows desktops, file servers and Macs • Optimized bandwidth consumption, minimizes external traffic • Remote deployment and uninstall of competitive solutions • Service provider can customize branding for the console and reports “The products easily integrate in our Microsoft environment, they detect unprotected endpoints and clean up malware instantly, and the centralized management makes our job very easy. We can structure it in a way that allows us to manage and train our support staff very easily,” said Rob Bosch, president of iPremise, an MSP that uses Bitdefender. 5 The Impact of a Security Breach on MSPs and their Clients

Recommended

Carbon Black: 32 Security Experts on Changing Endpoint Security
Carbon Black: 32 Security Experts on Changing Endpoint SecurityCarbon Black: 32 Security Experts on Changing Endpoint Security
Carbon Black: 32 Security Experts on Changing Endpoint SecurityMighty Guides, Inc.
 
SYSTEM END-USER ACTIONS AS A THREAT TO INFORMATION SYSTEM SECURITY
SYSTEM END-USER ACTIONS AS A THREAT TO INFORMATION SYSTEM SECURITYSYSTEM END-USER ACTIONS AS A THREAT TO INFORMATION SYSTEM SECURITY
SYSTEM END-USER ACTIONS AS A THREAT TO INFORMATION SYSTEM SECURITYIJNSA Journal
 
6 Ways to Fight the Data Loss Gremlins
6 Ways to Fight the Data Loss Gremlins6 Ways to Fight the Data Loss Gremlins
6 Ways to Fight the Data Loss GremlinsIntronis MSP Solutions by Barracuda
 
Improving cyber-security through acquisition
Improving cyber-security through acquisitionImproving cyber-security through acquisition
Improving cyber-security through acquisitionChristopher Dorobek
 
2009 Security Mega Trends & Emerging Threats
2009 Security Mega Trends & Emerging Threats2009 Security Mega Trends & Emerging Threats
2009 Security Mega Trends & Emerging ThreatsLumension
 
What i learned at issa international summit 2019
What i learned at issa international summit 2019What i learned at issa international summit 2019
What i learned at issa international summit 2019Ulf Mattsson
 
A Manifesto for Cyber Resilience
A Manifesto for Cyber ResilienceA Manifesto for Cyber Resilience
A Manifesto for Cyber ResilienceSymantec
 
Big Data Dectives
Big Data DectivesBig Data Dectives
Big Data Dectives- Mark - Fullbright
 

Recommended

Carbon Black: 32 Security Experts on Changing Endpoint Security
Carbon Black: 32 Security Experts on Changing Endpoint SecurityCarbon Black: 32 Security Experts on Changing Endpoint Security
Carbon Black: 32 Security Experts on Changing Endpoint SecurityMighty Guides, Inc.
 
SYSTEM END-USER ACTIONS AS A THREAT TO INFORMATION SYSTEM SECURITY
SYSTEM END-USER ACTIONS AS A THREAT TO INFORMATION SYSTEM SECURITYSYSTEM END-USER ACTIONS AS A THREAT TO INFORMATION SYSTEM SECURITY
SYSTEM END-USER ACTIONS AS A THREAT TO INFORMATION SYSTEM SECURITYIJNSA Journal
 
6 Ways to Fight the Data Loss Gremlins
6 Ways to Fight the Data Loss Gremlins6 Ways to Fight the Data Loss Gremlins
6 Ways to Fight the Data Loss GremlinsIntronis MSP Solutions by Barracuda
 
Improving cyber-security through acquisition
Improving cyber-security through acquisitionImproving cyber-security through acquisition
Improving cyber-security through acquisitionChristopher Dorobek
 
2009 Security Mega Trends & Emerging Threats
2009 Security Mega Trends & Emerging Threats2009 Security Mega Trends & Emerging Threats
2009 Security Mega Trends & Emerging ThreatsLumension
 
What i learned at issa international summit 2019
What i learned at issa international summit 2019What i learned at issa international summit 2019
What i learned at issa international summit 2019Ulf Mattsson
 
A Manifesto for Cyber Resilience
A Manifesto for Cyber ResilienceA Manifesto for Cyber Resilience
A Manifesto for Cyber ResilienceSymantec
 
Big Data Dectives
Big Data DectivesBig Data Dectives
Big Data Dectives- Mark - Fullbright
 
Data Breach Guide 2013
Data Breach Guide 2013Data Breach Guide 2013
Data Breach Guide 2013- Mark - Fullbright
 
December ISSA Meeting Executive Security Presentation
December ISSA Meeting Executive Security PresentationDecember ISSA Meeting Executive Security Presentation
December ISSA Meeting Executive Security Presentationwhmillerjr
 
VIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of BloatwareVIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of BloatwareGFI Software
 
Top Security Trends for 2013
Top Security Trends for 2013Top Security Trends for 2013
Top Security Trends for 2013Imperva
 
Cyber Secuirty Visualization
Cyber Secuirty VisualizationCyber Secuirty Visualization
Cyber Secuirty VisualizationDoug Cogswell
 
Cyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & RecommendationsCyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & RecommendationsUlf Mattsson
 
Segurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSegurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSantiago Cavanna
 
Security operations center inhouse vs outsource
Security operations center inhouse vs outsourceSecurity operations center inhouse vs outsource
Security operations center inhouse vs outsourceNetmagic Solutions Pvt. Ltd.
 
Prevent & Protect
Prevent & ProtectPrevent & Protect
Prevent & ProtectMike McMillan
 
Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Global Business Events
 
Cyber security
Cyber securityCyber security
Cyber securityVaibhav Jain
 
Protecting What Matters...An Enterprise Approach to Cloud Security
Protecting What Matters...An Enterprise Approach to Cloud SecurityProtecting What Matters...An Enterprise Approach to Cloud Security
Protecting What Matters...An Enterprise Approach to Cloud SecurityInnoTech
 
What is cyber resilience?
What is cyber resilience?What is cyber resilience?
What is cyber resilience?Aaron Clark-Ginsberg
 
csxnewsletter
csxnewslettercsxnewsletter
csxnewsletterDominic Vogel
 
SFScon21 - Christian Notdurfter - Data Protection by Design and by Default fo...
SFScon21 - Christian Notdurfter - Data Protection by Design and by Default fo...SFScon21 - Christian Notdurfter - Data Protection by Design and by Default fo...
SFScon21 - Christian Notdurfter - Data Protection by Design and by Default fo...South Tyrol Free Software Conference
 
Countering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep DiscoveryCountering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep DiscoveryTrend Micro
 
br-security-connected-top-5-trends
br-security-connected-top-5-trendsbr-security-connected-top-5-trends
br-security-connected-top-5-trendsChristopher Bennett
 
Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015ITSM Academy, Inc.
 
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...Minh Le
 
Psa 720-redrafted
Psa 720-redraftedPsa 720-redrafted
Psa 720-redraftedRS NAVARRO
 
Farhan reference
Farhan referenceFarhan reference
Farhan referenceChristian Weber
 
Grafikoak adrian
Grafikoak adrianGrafikoak adrian
Grafikoak adrianEusko Jaurlaritza - Gobierno Vasco
 

More Related Content

What's hot

December ISSA Meeting Executive Security Presentation
December ISSA Meeting Executive Security PresentationDecember ISSA Meeting Executive Security Presentation
December ISSA Meeting Executive Security Presentationwhmillerjr
 
VIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of BloatwareVIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of BloatwareGFI Software
 
Top Security Trends for 2013
Top Security Trends for 2013Top Security Trends for 2013
Top Security Trends for 2013Imperva
 
Cyber Secuirty Visualization
Cyber Secuirty VisualizationCyber Secuirty Visualization
Cyber Secuirty VisualizationDoug Cogswell
 
Cyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & RecommendationsCyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & RecommendationsUlf Mattsson
 
Segurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSegurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSantiago Cavanna
 
Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Global Business Events
 
Protecting What Matters...An Enterprise Approach to Cloud Security
Protecting What Matters...An Enterprise Approach to Cloud SecurityProtecting What Matters...An Enterprise Approach to Cloud Security
Protecting What Matters...An Enterprise Approach to Cloud SecurityInnoTech
 
SFScon21 - Christian Notdurfter - Data Protection by Design and by Default fo...
SFScon21 - Christian Notdurfter - Data Protection by Design and by Default fo...SFScon21 - Christian Notdurfter - Data Protection by Design and by Default fo...
SFScon21 - Christian Notdurfter - Data Protection by Design and by Default fo...South Tyrol Free Software Conference
 
Countering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep DiscoveryCountering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep DiscoveryTrend Micro
 
br-security-connected-top-5-trends
br-security-connected-top-5-trendsbr-security-connected-top-5-trends
br-security-connected-top-5-trendsChristopher Bennett
 
Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015ITSM Academy, Inc.
 
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...Minh Le
 

What's hot (19)

Data Breach Guide 2013
Data Breach Guide 2013Data Breach Guide 2013
Data Breach Guide 2013
 
December ISSA Meeting Executive Security Presentation
December ISSA Meeting Executive Security PresentationDecember ISSA Meeting Executive Security Presentation
December ISSA Meeting Executive Security Presentation
 
VIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of BloatwareVIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of Bloatware
 
Top Security Trends for 2013
Top Security Trends for 2013Top Security Trends for 2013
Top Security Trends for 2013
 
Cyber Secuirty Visualization
Cyber Secuirty VisualizationCyber Secuirty Visualization
Cyber Secuirty Visualization
 
Cyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & RecommendationsCyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & Recommendations
 
Segurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSegurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago Cavanna
 
Security operations center inhouse vs outsource
Security operations center inhouse vs outsourceSecurity operations center inhouse vs outsource
Security operations center inhouse vs outsource
 
Prevent & Protect
Prevent & ProtectPrevent & Protect
Prevent & Protect
 
Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?
 
Cyber security
Cyber securityCyber security
Cyber security
 
Protecting What Matters...An Enterprise Approach to Cloud Security
Protecting What Matters...An Enterprise Approach to Cloud SecurityProtecting What Matters...An Enterprise Approach to Cloud Security
Protecting What Matters...An Enterprise Approach to Cloud Security
 
What is cyber resilience?
What is cyber resilience?What is cyber resilience?
What is cyber resilience?
 
csxnewsletter
csxnewslettercsxnewsletter
csxnewsletter
 
SFScon21 - Christian Notdurfter - Data Protection by Design and by Default fo...
SFScon21 - Christian Notdurfter - Data Protection by Design and by Default fo...SFScon21 - Christian Notdurfter - Data Protection by Design and by Default fo...
SFScon21 - Christian Notdurfter - Data Protection by Design and by Default fo...
 
Countering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep DiscoveryCountering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep Discovery
 
br-security-connected-top-5-trends
br-security-connected-top-5-trendsbr-security-connected-top-5-trends
br-security-connected-top-5-trends
 
Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015
 
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
Empowering the business while efficiently mitigating risks - Eva Chen (Trend ...
 

Viewers also liked

Psa 720-redrafted
Psa 720-redraftedPsa 720-redrafted
Psa 720-redraftedRS NAVARRO
 
Scientific method ppt
Scientific method pptScientific method ppt
Scientific method pptMarie Miller
 
introduction to c #
introduction to c #introduction to c #
introduction to c #Sireesh K
 
Oracle Crystal Ball Screens
Oracle Crystal Ball ScreensOracle Crystal Ball Screens
Oracle Crystal Ball ScreensDave Maskell
 

Viewers also liked (8)

Psa 720-redrafted
Psa 720-redraftedPsa 720-redrafted
Psa 720-redrafted
 
Farhan reference
Farhan referenceFarhan reference
Farhan reference
 
Grafikoak adrian
Grafikoak adrianGrafikoak adrian
Grafikoak adrian
 
Scientific method ppt
Scientific method pptScientific method ppt
Scientific method ppt
 
OPCIONES DE PEGADO
OPCIONES DE PEGADOOPCIONES DE PEGADO
OPCIONES DE PEGADO
 
It Ain’t Heavy, It’s My Smartphone: American teens and the infiltration of mo...
It Ain’t Heavy, It’s My Smartphone: American teens and the infiltration of mo...It Ain’t Heavy, It’s My Smartphone: American teens and the infiltration of mo...
It Ain’t Heavy, It’s My Smartphone: American teens and the infiltration of mo...
 
introduction to c #
introduction to c #introduction to c #
introduction to c #
 
Oracle Crystal Ball Screens
Oracle Crystal Ball ScreensOracle Crystal Ball Screens
Oracle Crystal Ball Screens
 

Similar to The impact of a security breach on MSP's and their clients

Big Data Analytics Solutions
Big Data Analytics SolutionsBig Data Analytics Solutions
Big Data Analytics Solutionsharman041
 
Cybersecurity a short business guide
Cybersecurity a short business guideCybersecurity a short business guide
Cybersecurity a short business guidelarry1401
 
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...Booz Allen Hamilton
 
InformationSecurity_11141
InformationSecurity_11141InformationSecurity_11141
InformationSecurity_11141sraina2
 
"Navigating the Cybersecurity Landscape: Identifying Your Ideal Service Provi...
"Navigating the Cybersecurity Landscape: Identifying Your Ideal Service Provi..."Navigating the Cybersecurity Landscape: Identifying Your Ideal Service Provi...
"Navigating the Cybersecurity Landscape: Identifying Your Ideal Service Provi...NDimensionZ Solutions
 
EB - Five Forces That Drive a Successful Managed Security Services Offering -...
EB - Five Forces That Drive a Successful Managed Security Services Offering -...EB - Five Forces That Drive a Successful Managed Security Services Offering -...
EB - Five Forces That Drive a Successful Managed Security Services Offering -...ssuser2d55aa
 
CyberSecurity Insurance - The Ugly Truth!
CyberSecurity Insurance - The Ugly Truth!CyberSecurity Insurance - The Ugly Truth!
CyberSecurity Insurance - The Ugly Truth!topseowebmaster
 
Cyber Security for the Small Business Experience
Cyber Security for the Small Business ExperienceCyber Security for the Small Business Experience
Cyber Security for the Small Business ExperienceNational Retail Federation
 
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...Kaspersky
 
SFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply Chain
SFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply ChainSFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply Chain
SFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply ChainSouth Tyrol Free Software Conference
 
Five principles for improving your cyber security
Five principles for improving your cyber securityFive principles for improving your cyber security
Five principles for improving your cyber securityWGroup
 
RSA Security Brief : Taking Charge of Security in a Hyperconnected World
RSA Security Brief : Taking Charge of Security in a Hyperconnected WorldRSA Security Brief : Taking Charge of Security in a Hyperconnected World
RSA Security Brief : Taking Charge of Security in a Hyperconnected WorldEMC
 
Cybersecurity- What Retailers Need To Know
Cybersecurity- What Retailers Need To KnowCybersecurity- What Retailers Need To Know
Cybersecurity- What Retailers Need To KnowShantam Goel
 
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018Panda Security
 
Security Hurts Business - Don't Let It
Security Hurts Business - Don't Let ItSecurity Hurts Business - Don't Let It
Security Hurts Business - Don't Let ItPeak 10
 
How to assess your Cybersecurity Vulnerability_.pdf
How to assess your Cybersecurity Vulnerability_.pdfHow to assess your Cybersecurity Vulnerability_.pdf
How to assess your Cybersecurity Vulnerability_.pdfMetaorange
 
How to assess your Cybersecurity Vulnerability_.pptx
How to assess your Cybersecurity Vulnerability_.pptxHow to assess your Cybersecurity Vulnerability_.pptx
How to assess your Cybersecurity Vulnerability_.pptxMetaorange
 
Intelligence-Driven Fraud Prevention
Intelligence-Driven Fraud PreventionIntelligence-Driven Fraud Prevention
Intelligence-Driven Fraud PreventionEMC
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityKaryl Scott
 

Similar to The impact of a security breach on MSP's and their clients (20)

Big Data Analytics Solutions
Big Data Analytics SolutionsBig Data Analytics Solutions
Big Data Analytics Solutions
 
Cyber Security and Data Protection
Cyber Security and Data ProtectionCyber Security and Data Protection
Cyber Security and Data Protection
 
Cybersecurity a short business guide
Cybersecurity a short business guideCybersecurity a short business guide
Cybersecurity a short business guide
 
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
 
InformationSecurity_11141
InformationSecurity_11141InformationSecurity_11141
InformationSecurity_11141
 
"Navigating the Cybersecurity Landscape: Identifying Your Ideal Service Provi...
"Navigating the Cybersecurity Landscape: Identifying Your Ideal Service Provi..."Navigating the Cybersecurity Landscape: Identifying Your Ideal Service Provi...
"Navigating the Cybersecurity Landscape: Identifying Your Ideal Service Provi...
 
EB - Five Forces That Drive a Successful Managed Security Services Offering -...
EB - Five Forces That Drive a Successful Managed Security Services Offering -...EB - Five Forces That Drive a Successful Managed Security Services Offering -...
EB - Five Forces That Drive a Successful Managed Security Services Offering -...
 
CyberSecurity Insurance - The Ugly Truth!
CyberSecurity Insurance - The Ugly Truth!CyberSecurity Insurance - The Ugly Truth!
CyberSecurity Insurance - The Ugly Truth!
 
Cyber Security for the Small Business Experience
Cyber Security for the Small Business ExperienceCyber Security for the Small Business Experience
Cyber Security for the Small Business Experience
 
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
 
SFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply Chain
SFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply ChainSFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply Chain
SFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply Chain
 
Five principles for improving your cyber security
Five principles for improving your cyber securityFive principles for improving your cyber security
Five principles for improving your cyber security
 
RSA Security Brief : Taking Charge of Security in a Hyperconnected World
RSA Security Brief : Taking Charge of Security in a Hyperconnected WorldRSA Security Brief : Taking Charge of Security in a Hyperconnected World
RSA Security Brief : Taking Charge of Security in a Hyperconnected World
 
Cybersecurity- What Retailers Need To Know
Cybersecurity- What Retailers Need To KnowCybersecurity- What Retailers Need To Know
Cybersecurity- What Retailers Need To Know
 
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018
 
Security Hurts Business - Don't Let It
Security Hurts Business - Don't Let ItSecurity Hurts Business - Don't Let It
Security Hurts Business - Don't Let It
 
How to assess your Cybersecurity Vulnerability_.pdf
How to assess your Cybersecurity Vulnerability_.pdfHow to assess your Cybersecurity Vulnerability_.pdf
How to assess your Cybersecurity Vulnerability_.pdf
 
How to assess your Cybersecurity Vulnerability_.pptx
How to assess your Cybersecurity Vulnerability_.pptxHow to assess your Cybersecurity Vulnerability_.pptx
How to assess your Cybersecurity Vulnerability_.pptx
 
Intelligence-Driven Fraud Prevention
Intelligence-Driven Fraud PreventionIntelligence-Driven Fraud Prevention
Intelligence-Driven Fraud Prevention
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber Security
 

Recently uploaded

Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...soniya singh
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfAlina Yurenko
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)jennyeacort
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based projectAnoyGreter
 
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024StefanoLambiase
 
Unveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesUnveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesŁukasz Chruściel
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio, Inc.
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxTier1 app
 
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Velvetech LLC
 
Recruitment Management Software Benefits (Infographic)
Recruitment Management Software Benefits (Infographic)Recruitment Management Software Benefits (Infographic)
Recruitment Management Software Benefits (Infographic)Hr365.us smith
 
Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsUnveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsAhmed Mohamed
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...Christina Lin
 
The Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfThe Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfPower Karaoke
 
Folding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesFolding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesPhilip Schwarz
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEOrtus Solutions, Corp
 
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...OnePlan Solutions
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...stazi3110
 

Recently uploaded (20)

Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based project
 
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
 
Unveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesUnveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New Features
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
 
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort ServiceHot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
 
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...
 
Recruitment Management Software Benefits (Infographic)
Recruitment Management Software Benefits (Infographic)Recruitment Management Software Benefits (Infographic)
Recruitment Management Software Benefits (Infographic)
 
Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsUnveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML Diagrams
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
 
The Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdfThe Evolution of Karaoke From Analog to App.pdf
The Evolution of Karaoke From Analog to App.pdf
 
Folding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesFolding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a series
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
 
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
 

The impact of a security breach on MSP's and their clients

  • 1. T he volume and sophistication of malware has skyrocketed. According to AV-Test.org the number of new and unique malwares identified, per day, has grown from 32,000 in 2009 to over 260,000 in 2014 (more than 10,500 per hour). In today’s interconnected world of increasingly sophisti- cated vulnerabilities, managed service providers can no longer rely on an incomplete or sub-par security strategy to protect their customer from malware that targets an enterprise’s diverse array of endpoints. 1 S p o n s o r e d B y The Impact of a Security Breach on MSPs and their Clients
  • 2. Rather, MSPs need best-of-breed malware protection as part of a multi-layer approach to safeguard their client’s hybrid environments. Without a specialized malware security solution for their physical and vir- tual technologies, MSPs leave themselves more exposed to the types of malware that last year crippled huge retailers such as Target and Home Depot. Indeed, researchers soon discovered other POS malware, and pundits predict a slew of new ransomware, mobile malware, hard drives, and malware attacks on Internet of Things devices during the next 12 months alone. Security tools that claim to protect all areas of a network from all points of attack cannot expend the specialized resources necessary to combat hackers focusing on developing next-generation malware. And since malware accounted for 94% of attacks in 2014, it’s vital that MSPs choose the best malware protec- tion available rather than rely on a bundled package that tries to do everything. “There are two types of MSPs,” said Terry Hedden, CEO of Cloud Guru. “There are those that keep their service lines very simple that use one or two security products to protect against everything – and deal with the consequences of that approach. And there are those that use layers of security. Think of it like dressing for the cold: You can have one really, really thick layer of clothing or you can put on multiple layers of clothing. Everyone knows the inherent properties of layering of clothing for keeping warm and the same applies to security. Layers keep you more secure than one coating of technology.” Of course, what MSPs put in those layers is critical, Hedden added, since malware creators keep themselves aware of security developers’ advances and products. These black hats com- municate online, sharing insights and selling tools to circumvent vendors’ products, he said. Therefore, in his opinion, MSPs must use solu- tions specifically designed to combat malware at the endpoint to ensure they’re accessing the most sophisticated, current, and tested security technologies. A developer that focuses all its re- Think of it like dressing for the cold: You can have one really, really thick layer of clothing or you can put on multiple layers of clothing. Everyone knows the inherent properties of layering of clothing for keeping warm and the same applies to security. Layers keep you more secure than one coating of technology.” — Terry Hedden, CEO of Cloud Guru 2 The Impact of a Security Breach on MSPs and their Clients
  • 3. sources and intellectual property on protecting the endpoint from malware is more proficient at defend- ing this otherwise vulnerable element than a vendor that spreads its research and development budget across the entire network, he said. Relying on one vendor for security is perilous. “Having one robust layer of security means you have a single point of failure. If there’s a functionality problem or a virus patch that’s not deployed as fast as an- other, you have a situation where customers are vulnerable,” said Hedden. “When you have multiple lay- ers, you’re not putting all your eggs in one basket. You’re deploying across multiple vendors and spreading the risk.” Damage Dangers While enterprises like Target, Sony, and Anthem typically garner headlines, small and midsize businesses are more likely to be hit – and irreparably damaged – by malware. Approximately 81% of all breaches occur in SMBs. The effect on these smaller organizations, a group that generally includes most managed service providers, can be widespread and devastating. It costs a business $145 for every lost or stolen record that contains sensitive or confidential data, ac- cording to Ponemon’s 2014 study, 9% more than the prior year. Given the number of records each MSP oversees via its technology infrastructure agreements, a malware-created disruption, loss, or destruction of internal or client records could quickly add up to millions of dollars. Business for an MSPs unaffected clients could also come to a grinding halt, as investigators – insurance, state, and perhaps federal – re- search the situation, potentially causing the loss of these unaffected clients, due to service slow downs and/or bad publicity damaging the MSPs reputation. Star employees may move on, seeking to remove themselves from the taint of an affected MSP. Following the breach, an MSP may well be forced to slash fees, advertise heavily, and become involved in extensive – and expensive – public relations initiatives to try and recoup its losses and rebuild the company. In 2014, the cost a company incurred in lost business following a data breach averaged $3.2 million. Typically, expenses included lost clients, credit monitoring for customers, investigation costs, insurance, and discounts to encourage clients to remain or return. Labor costs represented more than one-fourth of breach recovery costs; employees spent a lot of time recuperating, not serving clients. In addition, cash outlay accounted for 22% of costs, productivity loss represented 21%, and indirect labor 14%. On average, it takes a business 45 days to resolve a breach at more than $35,000 per day. If employees leave 3 The Impact of a Security Breach on MSPs and their Clients
  • 4. following a breach, it could take longer. HUB International, formed by a group of insurance brokerages, offers a data breach calculator to help companies determine the costs they face after a breach. Elements include the number of affected records; whether the data was centralized; if a class action suit has been filed, and the type of data breached. Sadly but perhaps unsurprisingly then, six in 10 SMBs that have been breached went out of business. That was the case for Code Spaces, a code hosting and project MSP that closed its doors in mid-2014 after a “well-orchestrated” DDoS attack against its servers, SC Magazine reported. A phishing attack likely caused the attack by giving hackers access to an administrator’s credentials. “This incident is a not-so-subtle reminder that security controls to monitor and manage privileged access need to be taken just as seriously in the cloud as they are in the data center,” CEO Ofer Hendler told the publication. “That means limiting access to sensitive systems and data, both IT and business applications, to only those that need it.” Diverting Damage With free, or more accurately freemium, malware products, MSPs often find costs accrue later, not up- front – but those costs can be heavy. If a business uses a freemium security solution that does not detect a new malware variant that was attached to spam, the company easily could lose confidential or important files, said Liviu Arsene, senior e-threat analyst at Bitdefender, in InformationWeek. “Although a free security solution does have its perks (well, it’s free), it might cause more problems than it solves. There’s no such thing as a comprehensive and free security solution,” Arsene wrote. “Any com- pany, regardless of its size, needs to tackle problems associated with the security of its infrastructure and data. Everything from sandboxing to application whitelisting might be costly and could require some integration work, but at least you’ll sleep better at night knowing your company will prosper another day.” MSPs can also sleep better because better endpoint security means better profitability. Providers that use carefully crafted security layers and choose a vendor partner that specializes in malware protection for their endpoints safeguard their organizations and their customers – and improve their bottom lines, said Cloud Guru’s Hedden. His recommendation? Implementing Bitdefender’s solutions to safeguard the MSP and the client, then marketing this technology as a value-add differentiator. 4 The Impact of a Security Breach on MSPs and their Clients
  • 5. “Bitdefender gives you a solution you can leverage as a point of differentiation,” Hedden said. “It’s easier to compete with your competitors because your security, your solution, is better, stronger, and different than your competitor’s offering. You cannot compare apples to oranges. Endpoint security is a very substantial portion of the spend an MSP makes to sell its services. Anything you can do to reduce that piece pays for itself in spades. It’s a great way to secure your customer but also reduce your expenses. You’re buying a better solution for your MSP business, then selling the extra security and extra value to your clients so the return on investment is fast and ongoing – in dollars and customer loyalty.” The End Point Security Answer: Bitdefender for MSPs When it comes to protection, MSPs have the opportunity to choose a solution that provides the highest level of security for their clients. In the independent AV-Test trials, some of the strictest in the industry, Bitdefender has had the highest average score for protection, performance and usability of all the solu- tions evaluated. Additionally, no other security vendor integrates with more MSP platforms than Bitde- fender, including specialized products for Kaseya, LabTech, N-able and Navarisk. Bitdefender’s core MSP solution, Cloud Security for MSPs, utilizes a cloud-based console and an ad- vanced set of features: • Multi-tier and multi-tenant cloud console • Antimalware, antivirus, two-way firewall, device control, URL security and web control • Integration with ConnectWise • Monthly usage based licensing – MSPs are invoiced only for the number of seats protected each month • Protects physical and virtual endpoints • Protects Windows desktops, file servers and Macs • Optimized bandwidth consumption, minimizes external traffic • Remote deployment and uninstall of competitive solutions • Service provider can customize branding for the console and reports “The products easily integrate in our Microsoft environment, they detect unprotected endpoints and clean up malware instantly, and the centralized management makes our job very easy. We can structure it in a way that allows us to manage and train our support staff very easily,” said Rob Bosch, president of iPremise, an MSP that uses Bitdefender. 5 The Impact of a Security Breach on MSPs and their Clients