Here are a few facts to get you thinking:
Thirty-two percent of SMBs have been hit with a cybersecurity attack in the last year – up a full 25% from the same quarter in 2020.
Various reports put the number of unfilled cybersecurity jobs at around 3.5 million.
Global ransomware damage costs are predicted to exceed $265 billion by 2031.
Protecting against cybersecurity attacks ranked as a top three priority for 49% of organizations in 2020, but just 44% in 2021.
Do these statistics sound a bit contradictory? Welcome to the wonderful world of cybersecurity. It’s almost like someone needs to hold a conference that brings together the people who can provide cybersecurity, the companies with the products that help make it happen, and the experts with the knowledge of why it’s so important, and how and where to implement it. Maybe even toss in a variety of service providers and resellers with clients in need of cybersecurity services – MSPs, for example, and office equipment dealers.
You see where I’m going here, of course.
IT Nation Secure 2021, held June 21-23, marked a return to live events for ConnectWise and a first for this particular conference, which launched in 2020 as a virtual-only event. The 2021 event was a hybrid, with attendees given the option of attending virtually or in person. The attendance at the Hilton Bonnet Creek in Orlando was considerably less than the online attendance, comprising about a quarter of the overall number, but for those of us getting our feet wet in the world of in-person interaction again, it felt just about right.
As far as the topic of the conference, at the moment it’s hard to imagine anything with a more compelling draw than cybersecurity — it is so prevalent and so dangerous it was the subject of a recent Executive Order signed by President Biden that specifically mentions service providers. ConnectWise is well-positioned in the security arena — in November 2020 it acquired Perch Security and StratoZen, which have become a key part of the company’s Fortify security management solution. More recently, it launched a partner program to support technology solution providers (TSPs) and MSPs in meeting demand for cybersecurity solutions, and a backup data recovery (BDR) offering that integrates multiple third-party vendors.
Two new major announcements were the focus of the June event. First was the release of the “State of SMB Cybersecurity in 2021” report, the results of a Vanson Bourne survey commissioned by ConnectWise. It is the third annual survey centered around the needs of the SMB when it comes to cybersecurity — needs that amount to opportunities for MSPs and the office equipment channel, which we expanded upon in a 2020 article. The results of the 2021 survey continue to demonstrate opportunity, with statistics noting an increase in decision-makers stating their organization lacks the in-house skills to be able to properly deal with security issues — up from 52% in 2020 to 61% in 2021. The survey also showed that, on average, cybersecurity budgets increased by 10% in 2020.
There are also some statistics that, depending on where you stand, can be construed as a challenge or opportunity: 82% of SMBs said they currently use a managed IT service provider, but 29% plan to change to a different provider.
Then there are the statistics that are downright scary: the number of SMBs having suffered a cyberattack increased over the last year and nearly 80% of decision-makers are concerned their organization will be a cyberattack target in the next six months, yet cybersecurity is a top priority for fewer organizations now than it was in 2020 or 2019. And even more organizations in this year’s survey said they would take legal action against their IT service provider in the event of a cyberattack than in years past. Yikes.
Well, no one said it would be a walk in the park. And yet, it’s necessary — not just for customers, but for providers themselves. Whether you’re an MSP or an office equipment dealer, you’ve got to make sure your own organization is protected. MSPs are, increasingly, themselves targets of cyberattacks. Jay Ryerse, VP of cybersecurity initiatives for ConnectWise, likens it to parents on an airplane putting on their own oxygen masks before they secure their childrens’. “Owners are responsible,” he said at the event. “You have to protect your own house and secure your business before you can protect your customers.”
ConnectWise wants to provide all the tools needed to make this happen. The biggest announcement was that of the ConnectWise Cyber Research Unit (CRU), which will research threats and intelligence and turn that into content that detects threats using the Perch platform. “We see millions of alerts every year,” said Wes Spencer, CISO of Perch Security. “[We wanted to] turn it into actionable intelligence and data.” That data will be gathered and shared in any number of ways, including automated monitoring of Twitter feeds. Cybercriminals have huge egos, Spencer noted, and love to brag about their accomplishments – making Twitter an ideal platform for information gathering. The research will be machine-driven but human-led – “There’s no way humans can do all of the work. You’ve got to get rid of the noise and let them focus,” according to Spencer. ConnectWise will make openly available to partners a GitHub threat feed that contains lists of threat intelligence discovered by the CRU using its internal sandbox built on top of the Perch platform or found while threat hunting.
The research, said Spencer, lets you see into behaviors, activities and actions. The intelligence gives you the capability.
Cyberthreats aren’t going away. They’re a fact of life, and that means that there’s opportunity along with the risks. The same might be said for live events. Worth noting was that attendees had to fill out a COVID questionnaire each morning, scan the resulting QR code at the event entrance, and pass a temperature screening. Wristbands were available that signified a person wanted to maintain distance and avoid touch. (Author’s note: I am fully vaccinated, which factored into my choice to attend in person. It was the first live event I’ve attended in more than a year and a half, and I felt very comfortable).
Of the attendees we spoke to who had opted for the in-person event, the sentiment was pretty standard: “I’m sick of virtual events and video screens.” However, the virtual attendees we spoke to certainly didn’t feel left out – the event was well optimized to draw in attendees from all over. It wouldn’t be surprising to see this kind of hybrid event – much like the hybrid workplace – become the norm, so doing it right is going to be important. ConnectWise seems to have a pretty good handle on the balance.