MSP, Content, Networking

Datto CISO Describes Cyber Resilience Strategy to MSP Partners

Datto Chief Information Security Officer Ryan Weeks and executive peers today will describe how the technology firm has hardened its own business and mitigated risk across the company. The conversation will surface during Datto's fourth MSP Technology Day, Weeks tells ChannelE2E.

Ryan Weeks, CISO, Datto
Ryan Weeks, CISO, Datto

The virtual event's overall theme is Cyber Resilience -- an increasingly familiar term for MSPs. Up in the enterprise, Accenture has described Cyber Resilience as a “bend, but don’t break” approach that combines cybersecurity, business continuity and enterprise resilience. Accenture leverages that Cyber Resilience mindset across its global IT consulting, Top 250 Public Cloud MSP, and Top 250 MSSP businesses practices. And over the past year, OpenText has pitched Cyber Resilience as the convergence of data protection and cybersecurity solutions -- a trend that aligns with OpenText's Carbonite and Webroot businesses in the SMB-MSP market.

In Datto's case, today's Cyber Resilience discussion will involve educating partners about ways to detect, respond and recover from threats. The journey leans heavily on education -- including the interrelation of various frameworks such as the NIST Cybersecurity Framework and CIS controls, Weeks says. The effort also involves transparency. Specifically, Datto will describe how it is mitigating risk across its own business -- and then transfers that knowledge out to MSPs, Weeks adds.

Datto Cyber Resilience: Recent Moves

Dan Garcia, deputy CISO, Datto
Tim Weller, CEO, Datto

How serious is Datto about security and associated Cyber Resilience efforts? Here are a few anecdotes:

  • The Datto security team now spans 25 employees. That's not a "product" team. Rather, the security team spans Weeks, Deputy CISO Dan Garcia and associated employees who track and drive down risk across Datto's business.
  • Instead of chasing every near-term revenue opportunity, the company prioritized security and blew up certain product roadmaps to focus on Cyber Resilience, Weeks says.
  • The company earlier this month acquired BitDam, a cybersecurity and threat detection company.
  • Datto CEO Tim Weller and Wall Street analysts mentioned or discussed security more than 40 times during the company's March 11 earnings call.

And during today's event, Datto will discuss new offerings such as:

  • Datto Cloud Deletion Defense, which protects backups stored in the Datto Cloud from both accidental and malicious deletion. Think of its as an ‘undelete’ option for MSPs that want further protection for their customer backups, the company says.
  • Datto RMM Ransomware Detection, which is a behavioral-based solution that monitors endpoints for unusual encryption activity, the company says. From there, the tool "immediately attempts to terminate the ransomware process and isolate the infected device and prevent the ransomware from spreading through the network," the company adds.

MSP Technology Industry: Driving Down Supply Chain Risk

Admittedly, Digital supply chain fears have been running high across software partners and MSPs amid the SolarWinds Orion hack as well as the more recent Microsoft Exchange vulnerabilities and associated attacks.

With those market realities in mind, all of the major MSP technology providers are taking steps to further lock down their own software platforms. Indeed, Datto and key rivals -- such as ConnectWise, Kaseya and N-able (the former SolarWinds MSP) have been hardening their software and in some cases making cyber-related acquisitions.

Back at Datto, the core discussion is all about Cyber Resilience and business transparency. It's a safe bet that conversation will extend to DattoCon21, which is set for October 2021.

Joe Panettieri

Joe Panettieri is co-founder & editorial director of MSSP Alert and ChannelE2E, the two leading news & analysis sites for managed service providers in the cybersecurity market.