Worldwide security spending expected to hit over $130 billion in 2022.
Ransomware is the No.1 cyber threat that businesses of all sizes need to worry about, and more emphasis on cybersecurity services is needed.
That’s according to participants in this week’s Channel Evolution Europe Thunderdome that focused on security. Bryan Reynolds, TBI‘s director of sales operations, was the ringmaster. Scott Barlow, Sophos‘ vice president of global MSP, and Jason Eberhardt, Bitdefender‘s vice president of global cloud and MSP, were the contenders.
“With worldwide security spending expected to hit over $130 billion in 2022, it’s clear that there is a demand for this, which translates to opportunity for you,” Reynolds said. “And given the necessity to ramp up remote work, security is definitely on every business leader’s mind. Or at least it should be.”
When it comes to worrying about cybersecurity, Barlow said customers generally fit into two categories. Many are either worried about it or focused on it because they want to be more proactive.
“Or they’re not worrying about it until they get hit by a threat or by ransomware,” he said. “What we’re seeing is the threat landscape is just constantly evolving. And ransomware attackers are also evolving with their evasion/detection tactics, techniques and procedures.”
At the end of the day, the end-user is the weakest link in cybersecurity, Barlow said. There are cybersecurity services available to address this.
“Oftentimes you really need to focus on the educational aspects, and doing phishing simulations and educating users on what’s a right password to use,” he said. “So there’s a lot of components to that, but ransomware is probably the No. 1 scenario or the No. 1 concern from a cybersecurity standpoint that end-user customers need to worry about.”
Eberhardt uses the house analogy.
“How many access points does it take you to break into someone’s house: a window, a door, a garage?” he said. “It takes one. Now associate those attack vectors with IP addresses. It only takes one IP address. So when you’re an SMB or a midmarket, it doesn’t matter if you have a lot of intellectual property or a lot of data that they’re trying to get from you. They might just be using you as a conduit to attack someone else. So the attack vector and the attack on the smaller businesses in this global world, right now, is getting higher and higher.”
The bad guys are the ones that are getting better, Eberhardt said. And if “we don’t continue to improve our security, it’s just going to get worse and worse.”
“The other thing that we look at that people need to be aware of is centralizing data,” he said. “When you put yourself up on the public cloud and your data in one location, that’s another attack for everybody to go.”
Ransomware for SMBs and MSPs is really high, Eberhardt said. And MSPs are under attack because they offer a “plethora of accounts or people they can attack by attacking one attack vector.”
MSPs’ security acumen is getting stronger, he said.
“One of the things I hate and I know Scott’s going to feel the same way, is when people say good enough security,” Eberhardt said. “That means not good enough security. Now if you take it down another level to free antivirus, you get what you pay for. People don’t understand that you don’t just move your stuff and you’re secure. You need security awareness training. People are the biggest threat. We have to make sure they’re educated on using your systems.”
Both Barlow and Eberhardt agreed there’s no “magic number” in terms of how much a business should spend on security.
If you’re a small business dealing with compliance regulations, the amount is going to be significant, Barlow said.
“Is it worth paying $20,000, $300,000 on a ransomware attack?” he said. “The chances of you going out of business is significant. Do you want to put that layered defense in?”
Eberhardt said the question of how much to spend is “a little tricky.”
“What I would say is how sensitive is your data?” he said. “How sensitive is your business? If you spend say $100,000 versus spending $1 million. But what would happen if you had to close your doors? Or what would happen if you got sued because of personally identifiable information (PII) got pushed out? How important is your business and if you want to sleep at night? I think the one place you cut is not security.”
Barlow and Eberhardt also were asked how they would react to a customer saying they’ll just get their cybersecurity services from…
Product Brief: Kaseya VSA Integrated Workflows with BMS and IT Glue
Untangle Research: Breach Headlines to Prompt Increased Cybersecurity Spending
SaaS Alerts Recruits Big Name from Kaseya as CEO
Microsoft, SAP Plan Teams Integration, Expand Cloud Migration Pact
As Threats Soar, Biden Administration, CompTIA Prioritize Cybersecurity
HPE Appoints LongTime HPE/HP Vet as Worldwide Distribution Head
Acquisition-Hungry Sapphire Systems Powers Ahead with US Expansion
Industry Experts Laud Biden Proposal for Increased Federal Cybersecurity Spending
Please log in again. The login page will open in a new tab. After logging in you can close it and return to this page.