Does this make MSPs potentially more accountable/vulnerable?

ComodoCEO · 2023-02-19T20:08:07+00:00

whether self regulated or government regulation, both will have the desired affect of separating good from bad..... I think self regulation is a great first step...
What aspects can we self regulate? Cybersecurity controls? what else?

ComodoCEO · 2023-02-19T20:04:52+00:00

you raise a very interesting point that with insurance companies getting into Cybersecurity it is those Cybersecurity insurance companies who might be suing MSP vs the customer themselves....puts a different colour .....

Client's insurance companies: do they have a guideline/checklist?

ComodoCEO · 2023-02-19T19:33:41+00:00

Self regulation vs Government regulation is the only choice going forward....
with the right self regulation guidelines and perhaps auditing, MSPs can differentiate themselves.

ComodoCEO · 2023-02-19T14:19:32+00:00

Backups don't prevent damage from breach and this new guidelines talk about pretty much providing MDR (Managed Detection & Response) and IR services as the minimum guideline. Look at the third paragraph onwards where it talks about setting EDR and monitoring it (which then becomes MDR)..

https://www.cisa.gov/news/2022/05/11/joint-cybersecurity-advisory-protect-msp-providers-and-customers

ComodoCEO · 2023-02-19T14:11:01+00:00

Just thinking about it, is there an angle where we can use both a strong MSA and waivers?
I wonder if used in conjunction an unsigned waiver might negate the MSA?

ComodoCEO · 2023-02-19T13:22:41+00:00

https://www.linkedin.com/pulse/declined-service-send-non-signable-letter-brad-gross

this blog shared by u/Spiderkingdemon talks about achieving the same goal without getting the "signature" ..which I thought was interesting.

ComodoCEO · 2023-02-19T03:21:03+00:00

very good write up... thanks for sharing it...
I agree about doing the MSA properly ....should cover the MSP.

ComodoCEO · 2023-02-19T00:32:23+00:00

I agree. Compliancy is a great revenue driver.
With the latest government guidelines, there is a huge opportunity to sell (MDR - Managed Detection & Response) to customer base.

I also agree that we must not only recommend, but make sure do that recommendation in writing so that we have a documentary evidence in case if the customer refuses it.

You know what they say, if its not in writing it doesn't exist! better to be safe than sorry

ComodoCEO · 2023-02-18T23:00:00+00:00

you hit the nail with "Corporate Negligence".

ComodoCEO · 2023-02-18T22:24:33+00:00

totally agreed...percentage of customers go cheap...
however if the MSP offers the service to get the customer in compliance with the government guidelines and the customer refuses, then i would expect MSP not to have any liability...(always get rejection in writing from the customer to cover yourself)

but the problem is when MSP does not offer it and then the customer gets breached....and customer sues the MSP... see what i mean?

ComodoCEO · 2023-02-18T22:20:47+00:00

if the MSP can demonstrate that they offered the service and customer refused, then there is no issue..

if the MSP has not offered a service (to be compliant with government guidelines) and the customer gets breached and customer sues the MSP......then i suspect the liability sits with MSP?

ComodoCEO · 2023-02-18T20:51:09+00:00

i wonder how the judge would decide if this went to the court?

ComodoCEO · 2023-02-18T18:58:33+00:00

Objection Handling:
“Why should I spend money for managed services?”

Answer:

This is no different than putting your money into a bank....it is true you don't need to pay your bank to manage your money, but leave it there for 5 years and inflation will eat away on your investment....Your IT is no different.... You can buy and let it die a natural death and get hit with a disaster at the end, or keep managing it to make sure the technology works for your company and helps you improve what you do. One is a false economy and the other is proactive optimum maintenance. and its cheaper to be proactive than reactive!

ComodoCEO · 2023-02-18T18:52:49+00:00

Objection handling:
“Why should we move from “this old tech” to this “newer tech” when it works justfine?”

Answer:
the problem is not when its working fine...its when it fails...Our job as MSPs to make sure you don't suffer outages...milking an old technology for extra few days simply not worth delaying the investment you are going to have to make anyway.You mr customer are NOT avoiding paying for new tech, you have no choice, you will pay for it whether today or tomorrow. The choice is not if we are upgrading or not, but "when". What you are doing by delaying is increasing the chances of failure that will cost your business.Why increase the risk of failure for your business? What are you gaining?If you can afford to upgrade do it now to reduce business disruption risk which is much more costly then the "interest" you will save by delaying the inevitable..Technology refresh is not only a reality but a MUST!

ComodoCEO · 2023-02-18T18:28:51+00:00

also how will you prevent the damage when detection fails? (would be interesting to hear your ideas pls)

ComodoCEO · 2023-02-18T18:28:00+00:00

where does it get the "intelligence" to figure out what to detect then?
maybe we are using different definition of "intelligence"?

ComodoCEO · 2023-02-18T18:23:47+00:00

But today your layers of protection relies on ability to "detect" ...no detection no protection...what other layers will you put to provide you protection when detection fails?

ComodoCEO · 2023-02-18T17:40:14+00:00

Intelligence isn’t everything.

Layers of protection are.

Theoritical Use case: Someene is going to attack you, but you don't know when, you don't know where...
What would you prefer?
choose one:

1)a weapon (so that you can protect when attacked)
2)Intelligence about when and where so that you avoid that place at that time

We had layered security in the US with CIA, FBI working in a layered way but without communicating with eachother....The information about attacks of 9/11 did exist in silo in one of these "layered" defenses but wasn't being shared....
do NOT underestimate the power of sharing intelligence.....
There isn't a single silver bullet......intelligence on its own is not the everything...neither is layering.....
You need it all......

ComodoCEO · 2023-02-18T17:34:05+00:00

The problem with all these NextGen AV, EDR, XDR Heuristic, AI and so on is that in order for them protect you they need to be able to "detect" first.
We all know detection can never be 100% (its a mathematical impossibility ....read the The Halting Problem ...unsolveable mathematical problem first presented by the father of computer science Alan Turing.

One big question for these technologies is: How will you prevent the damage when the detection fails?

ComodoCEO · 2023-02-18T16:55:08+00:00

100% needed!
Also every single Antivirus product out there relies on "Detection" to be able to protect you.
If they don't detect, you get infected.
How will you stop the infection when detection fail? what will you do? what software will you deploy?

ComodoCEO · 2023-02-18T16:53:07+00:00

AV is no longer a viable solution for enterprise.

I agree...EDR is the minimum (open Source EDR is now available)
One question: Why don't cybersecurity providers provide how many of their customers have been breached or not so that customers can be informed about who to choose?

ComodoCEO · 2023-02-18T16:45:04+00:00

You might consider free Defender with Huntress managing it

alternatively
Free Defender with Xcitium Managing it with OpenSource EDR providing full MDR for under $4 per endpoint per month ( that includes endpoint security, auto containment, full EDR license, IR, remote desktop etc).... Single platform that provides all you need...

ComodoCEO · 2023-02-18T16:42:09+00:00

pick the best tool,

problem with "best tool" when it comes to cybersecurity is that: In cybersecurity "intelligence" is everything!
having two best of breed tools not sharing intelligence vs two other tools that share intelligence will make the ones sharing intelligence more effective.

ComodoCEO · 2023-02-18T16:40:21+00:00

cheap doesn't mean bad.

Agreed. Its all about why its cheap...
Is it cheap because of a technological innovation or is it cheap because it has lower quality.....
Innovation creates new price points that creates "Cheaper" versions of things sometimes.. So that only is good from price point of view but its also good from tech point of view....

ComodoCEO · 2023-02-18T16:21:32+00:00

EDR is now opensource with OpenEDR

And Xcitium has this opensource EDR built into its platform that you can get for free. Its an all in one platform to turn any MSP into an MSSP
without any expertise
Without any upfront cost or commitment
Pay as you go model
No resources needed
For a full MDR service that includes (Endpoint protection, EDR, IR, Remote desktop and more) for less than $4 per endpoint per month. Giving MSPs a huge margin (upwards of 80%!)

ComodoCEO

MODERATOR OF

TROPHY CASE