Networking, MSP

Affordable MSP Security Training: Where MITRE ATT&CK Expertise Fits In

John Strand, CEO, Black Hills

Fully 92 percent of MSPs in North America plan to expand their cybersecurity services (source: Kaspersky), but many of those MSPs don't have their own security houses in order. The reality: Before MSPs can further monetize security and drive down risk for customers, they need to mitigate risk within their own businesses. And that requires internal cybersecurity training for all MSP employees.

But how? One potential answer is Level Up, an MSP security training challenge organized by The CyberCall’s Andrew Morgan and Black Hills Information Security's John Strand. The initial Level Up training surfaced in August 2021, and the next round of Level Up security training will arrive in November 2021, Morgan confirmed to ChannelE2E.

MITRE ATT&CK Training for Security-Minded MSPs

John Strand,
John Strand, owner, Black Hills Information Security.

The latest training -- Getting Started in Security & MITRE ATT&CK -- runs November 1-4. MITRE ATT&CK, according to its backers, is a "globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community."

With the MITRE ATT&CK framework in mind, the four-day Level Up course (involving four hours per day) in November will educate MSP and MSSP employees about:

  • Password controls
  • Vulnerability management
  • Application allow listing
  • Proper logging/UEBA
  • Internet allow listing
  • Firewalls
  • Network monitoring
  • Adversary simulation
  • Advanced EDR
  • Backups
  • Web application testing

Key backers of the training include Huntress, an MDR (managed detection and response) security company that serves MSPs and SMB customers. Indeed, Huntress is sponsoring 50 seats for the Level Up training. Other backers include Blackpoint Cyber, Blumira MSP, Cisco Systems, ConnectWise, Datto, NinjaRMM, Pax8, Skout Cybersecurity, Sophos, ThreatLocker, TruMethods and Trend Micro.

MSP Security Training: Who Are John Strand, Andrew Morgan?

Andrew Morgan, founder, Right of Boom

I've known Andrew Morgan for more than a decade. He was an early MSP community pioneer. Long before ConnectWise's IT Nation and other MSP groups gained critical mass, Morgan was quietly nurturing the MSP industry during tours of duty with Kaseya and ConnectWise. He saw the remote support, monthly recurring revenue and IT services waves long before most MSPs and SMBs were near the water. Fast forward to present day, and Morgan is a shepherd of sorts in the security market -- organizing and moving MSPs along a path toward proper security practices.

Morgan introduced me to security trainer John Strand in August of 2021. Strand's business, Black Hills Information Security, specializes in penetration testing, security architecture design and review. He's also a SANS Institute instructor.

Predictably, Morgan and Strand developed a fast friendship, and the dialog inspired Strand to focus more of his educational know-how on the MSP security market. The result is Level UP and the associated security training sessions.

Joe Panettieri

Joe Panettieri is co-founder & editorial director of MSSP Alert and ChannelE2E, the two leading news & analysis sites for managed service providers in the cybersecurity market.