Sorry, Readability was unable to parse this page for content.
As the market for threat detection and response grows, FortiSOAR ensures that MSSPs are able to provide differentiated service portfolios to their customers.
As more businesses digitize their offerings, the market for security service providers has grown substantially. With this growth has come increased competition between MSSPs and third-party service providers, as they both target the same market and provide the same services. This means that in order to stay competitive, MSSPs must be able to offer differentiated service portfolios that meet the specific needs of their customers.
This is where Fortinet’s FortiSOAR platform can be of use. FortiSOAR is a vendor agnostic security orchestration, automation and response (SOAR) platform designed to help SOC teams streamline threat identification and response by eliminating manual processes. By integrating this into a customer’s existing security infrastructure, FortiSOAR allows MSSPs to offer a customized security framework that unifies operations. With a customized SOAR solution, customer SOC teams are better equipped to manage the evolving threat landscape, allowing them to take a proactive approach to security.
Key Features of the FortiSOAR Platform
To keep pace with today’s threats, organizations are increasingly implementing point solutions across their networks. While these can help bolster security, they also fragment security infrastructures, limiting the SOC team’s ability to accurately identify threats. This creates a number of challenges for security teams, including alert fatigue, non-compliance with regulations and slower response times. FortiSOAR addresses these challenges by centralizing key security features in one platform, thereby eliminating the need for point solutions. Let’s take a look at some of the key features of the FortiSOAR platform:
Role-Based Incident Management
FortiSOAR’s Enterprise Role-Based Incident Management solution provides SOC teams and other cybersecurity teams within the organization (forensics, data loss and prevention teams, etc.) with role-based access control capabilities. This allows them to segment and manage sensitive data in accordance with administrative policies and guidelines. With a customized view of network assets, analysts are able to prioritize threats in real time, improving incident response. In addition, FortiSOAR’s Recommendations Engine is able to link and predict the severity of incidents based on past reports, aiding SOC analysts in identifying duplicates or false positives.
Role-based dashboards and reporting empower customers to measure, track and analyze threat investigations, as well as SOC performance. FortiSOAR’s library of 10-plus OOB industry-standard dashboards and customizable templates ensures that SOC teams can access the tools they need to optimize their available time and resources.
FortiSOAR also provides comprehensive reports for incident closure, incident summary and incident progress. Using insights from these reports allows SOC teams to easily track key performance metrics and identify where optimizations can be made.
FortiSOAR provides distributed multi-tenant product offerings with scalable, secure and distributed architectures, allowing MSSPs to offer MDR-like services. This led one of FortiSOAR’s MSSP customers to develop a seven-figure revenue stream. With the ability to automate tenant workflows remotely, managing individual customer ecosystems becomes streamlined, enabling security efficacy. FortiSOAR also involves customers in approval requirements by providing them with personalized alerts, incident views, and dashboards.
FortiSOAR’s Visual Playbook Designer allows SOC teams to design, develop and use playbooks in the most efficient manner. The designer facilitates playbook creation by providing an intuitive drag and drop interface that strings together multiple steps, including playbook simulation, workflow code execution, looping and error handling. This requires no advanced programing skills and comes with over 150 OOB playbooks, half which are dedicated for threat hunting efforts. The platform also gives customer SOC teams the ability to automate workflows, enhancing their vulnerability management and regulatory compliance capabilities.
FortiSOAR enables comprehensive case management by providing OOB modules for incident response, vulnerability management and fraud. MSSPs can also build custom modules to meet individual customers’ security requirements so that they can continue to support their business objectives as they grow and their networks become more complex.
FortiSOAR Use Cases for MSSPs
As part of Fortinet’s integrated Security Fabric architecture, FortiSOAR unifies security tools in a single centralized platform. This allows SOC teams to automate alert triage and investigation processes, freeing up time to
This year, LogicMonitor has seen an over 500% increase in partner-originated revenue.
New LogicMonitor partners will expand the company’s reach across southern EMEA.
The company has added nine new channel partners from across southern EMEA to its LogicMonitor Partner Network.
The new partners are:
LogicMonitor has accelerated its international expansion through partnerships in a variety of markets since it launched the partner network in 2019. This year, LogicMonitor has seen an over 500% increase in partner-originated revenue.
Sanjay Gupta is LogicMonitor’s global vice president of channels and alliances.
“We are continually expanding our global partner network to support LogicMonitor’s rapid growth and customer demand,” he said. “And we’re proud to welcome these market-leading channel partners in the diverse and important southern EMEA region. Our valuable partner relationships in regions such as southern EMEA extend our ability to connect with businesses far and wide looking to gain control of their complex IT infrastructures.”
|Sign up for Channel Futures’ EMEA newsletter. That’s where we feature news and analysis involving companies based in Europe, the Middle East and Africa, as well as those doing business in that region.|
In 2021, LogicMonitor will continue expanding its partner network to establish mutual go-to-market success and revenue growth across all high-growth markets, Gupta said.
The vast majority of businesses in southern EMEA still primarily rely on on-premises technology. However, the combination of COVID-19 and the need for SaaS has accelerated the region’s transition to a hybrid infrastructure with on-premises and cloud.
The latest LogicMonitor partners join a select group of systems and technology integrators, MSPs and resellers within the partner network.
“Syntax is committed to ensuring our clients are successful in their digital transformation journeys,” said Nicholas Afxentiadis, Syntax IT Group‘s president. “With LogicMonitor, we are better positioned to grow alongside our clients in Greece, Cyprus and the Gulf Cooperation countries, and are able to effectively replace their legacy systems to be successful in this digital transformation journey.”
LogicMonitor partners can expand their company’s offerings and profit margins by offering a monitoring and observability platform.
Rising demand for security services comes as no surprise with remote workers under attack.
Pulseway polled its MSP partners to identify main pain points and common struggles they’ve encountered through 2020.
Pulseway surveyed MSPs in four categories:
Fifty-six percent of MSPs reported demand for security services, but only 38% said they had introduced such services.
Fifteen percent reported that IT security was “much worse” as a result of COVID-19 restrictions and 32% said it was “slightly worse.”
Andy Ellwood is Pulseway‘s product marketing manager.
“MSPs recognize security is an issue,” he said. “Customers also understand the need for more services. Looks like there is a gap.”
Rising demand for security services comes as no surprise after the rise of phishing attacks targeting remote workers since the beginning of the year.
There is a clear demand for additional services, Ellwood said. In addition to security, two in five (40%) report a demand for help desk services, 36% for backup and 27% for patching. All are relatively easy to support with the appropriate technology.
Among personal key findings:
Among business key findings:
Here are the biggest 2021 trends to plan for—and how 2020 set the stage for them.
It goes without saying that 2020 has been quite a year, with each month feeling like it has tried to top the last. And while 2021 may not start off much different, it will hopefully end on a higher note than it began. For MSPs looking ahead to the year to come, there are many lessons to be learned from what just transpired. In the IT world, the pandemic didn’t necessarily start any major new trends as much as it accelerated those already in progress. When looking at 2021 trends, the expectation is a continuation of these transformations, and MSPs that have been adjusting on the fly should anticipate more of the same.
So, looking both in the rear view and the horizon, what are the biggest 2021 trends MSPs should be planning for? And how has 2020 set the stage for how to survive and thrive?
Remote work didn’t begin in 2020, but nearly every industry got a crash course in how to do it at scale for a sustained period of time. While many businesses are eager to get their workforce back into the building and lots of employees realized they prefer their workplace cubicle or corner office to the kitchen table, the consensus is mixed.
Workers who previously never had the option to work from home have now had a taste of it, and some will prefer to maintain the status quo at least some of the time long after vaccines have quieted the viral storm. Trading off water cooler chat and free breakroom coffee for no commute, sweatpants and flexibility is pretty appealing for a broad swath of professionals.
At the same time, some organizations are realizing that a fully or partially remote workforce isn’t just manageable but may be preferrable. Whether it’s giving their staff some additional work-life balance or the bottom-line savings that come from spending less on rent and furniture thanks to a smaller physical footprint, some forward-thinking companies are considering their alternatives when it comes to office space.
However, beyond adapting corporate culture, IT demands inevitably increase in this scenario. More remote workers mean managing additional endpoints connected to insecure WiFi connections, personal devices being used for business applications and a much less homogenous IT environment.
To properly support customers in this environment, MSPs must similarly shift to a “remote-first” mentality: Yes, there will be employees, devices and potentially servers in normal offices, but remote employees should be considered the norm rather than the exception. This means creating IT environments and system access that is completely agnostic to what location or network is in use.
It also means patching and upgrades are more important than ever. All those endpoints need the latest security updates installed pronto to avoid the rampant traps cybercriminals are laying these days for unsuspecting users.
Collaboration tools are another effective way to combat any loss of productivity for MSPs themselves as well as their clientele. Whether it’s Microsoft Teams, Slack, Trello or other asynchronous platforms, vital information can be shared regardless of where folks are sitting or what their particular work schedule looks like.
Increasing support volumes.
Remote work isn’t just about change in location, it’s also a shift in how individual employees approach IT to begin with. Instead of on-site IT support on company-provided devices, they’re now trying to keep a combo platter of personal and business-owned endpoints connected to the network and running essential software and services.
This has led to a dramatic increase in support tickets for some organizations. Whether they can’t get on the VPN, can’t access a particular system, or need to transfer data from one place to another, the increased complexity of these arrangements has many workers clicking and calling for
Here are several tips for staying ahead of social engineering and BEC attacks.
Hackers, never at a loss for creative deception, have engineered new tactics for exploiting the weakest links in the cybersecurity chain: ourselves! Social engineering and business email compromise (BEC) are two related cyberattack vectors that rely on human error to bypass the technology defenses businesses deploy to deter malware.
Social engineering is when hackers impersonate trusted associates or acquaintances to manipulate people into giving up their passwords, banking information, date of birth or anything else that could be used for identity theft. As it turns out, it’s easier to hack our trust than our computers. Social engineering covers a range of tactics:
Business Email Compromise
Business email compromise is a targeted attack against corporate personnel, usually someone with the authority to request or fulfill a financial transaction. Victims execute seemingly routine wire transfers to criminals impersonating legitimate business associates or vendors.
This form of fraud relies on a contrived pretext to request that a payment or purchase be made on the attacker’s behalf. According to the FBI, BEC attacks resulted in more than $26 billion (you read that right) between June 2016 and July 2019.
Here are a few tips for protecting users and businesses from BEC attacks:
Perfecting Your Posture
Webroot Security Intelligence Director Grayson Milbourne offers several suggestions that companies can put into place to improve their security posture. First, he says, “Whenever money is going to be sent somewhere, you should have a two-factor verification process to ensure you’re sending the money to the right person and the right accounts.”
Milbourne is also a big advocate of security awareness training. “You can really understand the security topology of your business with respect to your users’ risk factors,” he says. “So, the engineering team might score one way and the IT department might score another way. This gives you better visibility into which groups within your company are more susceptible to clicking on links in emails that they shouldn’t be clicking.”
With the increase in scams related to the global COVID-19 pandemic, timely and relevant user education is especially critical. “COVID obviously has been a hot topic so far this year, and in the last quarter we added close to 20 new templates from different COVID-related scams we see out in the wild,” Milbourne says.
“When we look at first-time deployment of security awareness training, north of 40% of people are clicking on links,” Milbourne says. “Then, after going through security awareness training a couple of times, we see that number dip below 10%.”
Where to learn more
Our newest research on phishing attacks and user (over)confidence, “COVID-19 Clicks: How Phishing Capitalized on a Global Crisis,” is out now.
Steven Jurczak is a Product Copywriter at Carbonite and Webroot. He blogs about backup and recovery technology, information security and IT industry trends.
This guest blog is part of a Channel Futures sponsorship.