MSP Cybersecurity: ConnectWise CEO Issues Open Invitation to All Vendors
Imagine the following scenario. Hackers attempt to hit a bank in Manhattan. Soon after, similar cyberattacks target financial institutions in London and Hong Kong. In that scenario, financial regulators, banks and their technology providers often leverage so-called Information Sharing and Analysis Organizations (ISAOs). The specialized ISAOs allow the financial industry — banks, data center providers, software companies, financial exchanges, etc. — to gain timely threat intelligence, check-in with one another, share details, and rapidly fortify the financial service market’s cyber defenses.
Now, apply that scenario to the MSP (managed IT services provider) and technology solutions provider (TSP) market. Hackers continue to target and enter MSP software platforms — particularly RMM (remote monitoring and management) and remote control applications. Many of the attacks have involved ransomware spreading across CSPs (cloud service provider), MSPs and end-customer systems. The ransomware epidemic threatens to seriously harm the MSP industry’s credibility, ChannelE2E believes.
On the upside: MSPs and their technology providers have blocked or mitigated thousands — perhaps millions — of manual and automated attacks against end-customers. On the downside: Key portions of the MSP industry have failed to raise their defenses despite specific FBI and U.S. Department of Homeland Security warnings to MSPs about such attacks.
ConnectWise Launches TSP-ISAO
Amid that cyber battlefield, ConnectWise is launching a Technology Solution Provider Information Sharing and Analysis Organization (TSP-ISAO). Moreover, ConnectWise CEO Jason Magee is personally reaching out to peer CEOs across the technology industry, according to ConnectWise CISO John Ford.
Magee’s goal: Recruit and welcome all companies — including rivals — into an information sharing organization that will raise industry defenses, and thereby benefit all MSPs. In a prepared statement, Magee said:
“ConnectWise is launching the TSP-ISAO and leading the campaign to get companies collaboratively involved with us because we think it’s of the utmost importance for the entire industry. I’ve already reached out to several of my counterparts to begin these collaborative discussions and I invite interested vendors to reach out to ConnectWise and get involved as well.”
In a prepared statement, CompTIA CEO Todd Thibodeaux welcomed the effort:
“CompTIA applauds the goals of the TSP-IASO to address the information shortfall by creating a real-time actionable platform. We look forward to supporting the work of this vital new group.”
The TSP-ISAO, Ford says, is being established to provide members with:
- real-time availability of proactive actionable threat intelligence;
- analysis of potential impacts;
- coordinated countermeasure solutions and response;
- cybersecurity best practice adoption; and
- role-based workforce education.
TSP-ISAO Blueprint: How It Came Together
ConnectWise has been formulating the TSP-ISAO plan for roughly a year. The wheels were set in motion when ConnectWise invested in Perch Security in October 2018. At the time of that 2018 investment, Perch had already introduced:
- Real-time threat detection, including east-west traffic;
- Threat intelligence centralization and automation;
- First-tier threat analysis to alleviate the burden for the service provider and users; and
- access to view and participate in the process as much as desired via secure web application.
Fast forward to present day. Perch Security’s threat intelligence platform will allow TSP-ISAO members to see MSP- and TSP-centric threat intelligence for no additional fee. In other words: The overall threat intelligence — cultivated by Perch SOC analysts — already exists. Each vendor that joins the TSP-ISAO will add incremental value to that intelligence, ChannelE2E believes.
ChannelE2E has reached out to multiple third parties about the TSP-ISAO, and will update this content if/when additional perspectives emerge.