Key takeaways from our WSJ Interview

 
wsj.png
 

Recently the Wall Street Journal wrote an article about how our industry is under attack - “25% of ransomware incidents reported from policyholders in 2019 stemmed from their MSPs”.

All clients should be held to a minimum standard of security

Anthony discussed a lack of “master the basics” in the IT consulting industry. Old passwords, networks left wide open, etc. The hackers are looking for easy targets that miss those items - don’t make yourself an easy target.

A few important notes:

  • The last 6 months, our security tools find that approximately 50% of our new clients have an existing, live threat on their network. Very rarely does their previous IT consultant or internal IT team realize this.

  • Start with the basics. Deploy multifactor everywhere, shut down unneeded accounts and services, and keep everything up to date.

  • Smaller companies are just as vulnerable as large ones. Bigger companies may have the larger cybersecurity budget but they also face more threats (more systems, more vendors, etc.) A small business has a smaller attack surface to secure but likely does not have much of a budget. Don’t think because you are smaller that you are flying under the radar.

  • IT vendors are usually one of the biggest threats. They typically require admin rights to one or more systems, and statistically a majority of them are going to have poor security practices. Audit any vendors accessing your network - are they sharing accounts, using multifactor, updating their software? Remote access software has been one big source of breaches, unfortunately many IT vendors are not keeping this key tool up to date.

Or leave it to the experts! See why the Wall Street Journal and many others have recognized CGP’s “security first” approach as a necessity: let’s talk.

Dustin Bolander