[69] How Do Criminals Think? CyberSecurity for MSPs - Tubblog: The Hub for MSPs

Expert advice to help you
grow your IT business

[69] How Do Criminals Think? CyberSecurity for MSPs

Richard Tubb
[69] How Do Criminals Think? CyberSecurity for MSPs image

TubbTalk sponsored by Avast Business banner

TubbTalk -Jaya Baloo, CISO from Avast - CyberSecurity for MSPs

Richard talks to Jaya Baloo, Chief Information Security Officer (CISO) of Avast, who provide antivirus and security software to companies and individuals around the world. They talk about how MSPs can explain cybersecurity to their clients.

They also discuss the key metrics MSPs need to focus on, the top cybersecurity threats to SMBs, and how they can stay compliant.

 

An Interview with Jaya Baloo

Who is Jaya Baloo?

Jaya Baloo is the Chief Information Security Officer (CISO) of Avast, who provide antivirus and security software. She held the same role at KPN, the largest telecommunications carrier in the Netherlands, and worked for Verizon and France Telecom before that. 

Jaya has been recognised in the list of 100 top CISOs, the top 100 security influencers, both globally, and was chosen as one of the 50 most inspiring women in the Netherlands by Inspiring 50. The non-profit works to increase the profile of women in technology and raise diversity in the field. 

Jaya explains that the CISO is the place where the buck stops when it comes to security. The CISO is responsible for the security vision and mission in an organisation and for forward planning to mitigate against risks. 

How MSPs can Explain the Importance of Cybersecurity

Cybersecurity needs to be key for any company to ensure that they remain in business, because not doing so impacts continuity. All companies need to be able to handle any problems effectively, and it’s a challenge for all businesses now, regardless of size. 

Businesses need to identify where their biggest headaches come from, whether that’s within network systems or in data, and they need to be able to act quickly when problems occur. 

Smaller organisations can be complacent and assume that criminals aren’t interested in their data, so it’ll never happen to them. The problem is, Jaya says, is that not all attacks are targeted – very often opportunists don’t care who they hit, so long as they hit someone. 

The problem is, is that not all attacks are targeted – very often opportunists don’t care who they hit, so long as they hit someone.' says @jayabaloo of @avast_antivirus Click to Tweet

This is prevalent in areas such as ransomware, where the majority of companies are completely ill-equipped to prepare for the eventuality of an attack, or that this is the very reason that makes them vulnerable. When they are targeted, they’re so desperate to get back to normal that they will pay the ransom without being sure they will have their data restored.

How can your business offer incredible MSP Cyber Security Services to its Small & Medium-Sized (SMB) clients? Watch this live panel session where myself and a panel discuss How to Offer Incredible MSP Cyber Security Services.

Key Metrics for MSPs to Focus on

The metrics and KPIs (key performance indicators) for MSPs (managed service providers) to focus on are the same regardless of the size of the company they support. Jaya says that the main difference is that as the business grows, they need to do more of everything. 

She says that the most important metric is the average time to respond to vulnerabilities and incidents. The one metric which signifies maturity is the days in between an attack and resolving it, because that’s the window for a hacker to get in and cause damage. 

A vulnerability scanner can spot vulnerabilities both in your outside perimeter and inside your network. Once you know about a weakness, how long does it take to fix? That time shows how ready you are to cope with new issues as they come along.

The Top Cybersecurity Threats Jaya Says SMBs Face

The main challenge for MSPs is lack of budget and resource, and an inability to assign one person to focus solely on security. This means they’re often slower to reach and not as prepared as they could be. 

Any company that doesn’t include online and offline backups as part of their core business practices is one we should worry out. Threats that take advantage of lack of resource will always succeed. SMBs are often not agile or quick enough to prepare or assess risks. 

'Any company that doesn’t include backups as part of their core business practices is one we should worry out. Threats that take advantage of lack of resource will always succeed.' says @jayabaloo of @avast_antivirus Click to Tweet

How SMBs can Stay Compliant

Jaya believes that compliance is the floor and not the ceiling, so it’s the bare minimum that you need to do, but doesn’t ensure any form of security. For an SMB, if you aim for security, you’ll hit compliance every time. Focus on security and privacy. 

Compliance regulation is always there, and additional rules are unavoidable. Rather than focusing on those, aim for good security and privacy practice instead. Plan ahead, and have smart partnerships so that your supply chain takes the same precautions. 

Connect with Jaya

You can find out more about Avast here.

Follow Jaya on: Twitter @JayaBaloo / LinkedIn

Mentioned in this episode

Richard and Jaya mentioned the following companies during their conversation:

Connect with me

You Might Also Be Interested In

, , , ,

RICHARD TUBB

Richard Tubb is one of the best-known experts within the global IT Managed Service Provider (MSP) community. He launched and sold his own MSP business before creating a leading MSP media and consultancy practice. Richard helps IT business owner’s take back control by freeing up their time and building a business that can run without them. He’s the author of the book “The IT Business Owner’s Survival Guide” and writer of the award-winning blog www.tubblog.co.uk

All Posts

You might like:

TubbTalk 170: How to Master Email and File Migrations for MSPs image

TubbTalk 170: How to Master Email and File Migrations for MSPs

Podcasts | By Richard Tubb
TubbTalk 169: Professional Musician to MSP Guru: the Amazing Luis Giraldo image

TubbTalk 169: Professional Musician to MSP Guru: the Amazing Luis Giraldo

Podcasts | By Richard Tubb
TubbTalk 168: Best-Kept Secret to Global Leader: The Remarkable Evolution of CompTIA image

TubbTalk 168: Best-Kept Secret to Global Leader: The Remarkable Evolution of CompTIA

Podcasts | By Richard Tubb
Bonusode: Live From Pax8 Beyond EMEA: Rob Rae on Amazing Events image

Bonusode: Live From Pax8 Beyond EMEA: Rob Rae on Amazing Events

Podcasts | By Richard Tubb
Travelogue: Pax8 Beyond EMEA 24 image

Travelogue: Pax8 Beyond EMEA 24

Events | By Richard Tubb
Bonusode: Live From Pax8 Beyond EMEA With Phylip Morgan: What’s New? image

Bonusode: Live From Pax8 Beyond EMEA With Phylip Morgan: What’s New?

Podcasts | By Richard Tubb
TubbTalk 167: Building a Culture of Success: Secrets from the UK’s Top ISP image

TubbTalk 167: Building a Culture of Success: Secrets from the UK’s Top ISP

Podcasts | By Richard Tubb
TubbTalk 166: Need More Free Time? Call Answering Services are a Game-Changer for MSPs image

TubbTalk 166: Need More Free Time? Call Answering Services are a Game-Changer for MSPs

Podcasts | By Richard Tubb
TubbTalk 165: The 20-Year Overnight MSP Success Story You Need to Hear image

TubbTalk 165: The 20-Year Overnight MSP Success Story You Need to Hear

Podcasts | By Richard Tubb
TubbTalk 164: Top Lessons from 25 Years Building a Successful MSP image

TubbTalk 164: Top Lessons from 25 Years Building a Successful MSP

Podcasts | By Richard Tubb
Travelogue: UptimeLIVE 2024: Business Growth for MSPs image

Travelogue: UptimeLIVE 2024: Business Growth for MSPs

Podcasts | By Richard Tubb
TubbTalk 163: Why Modern MSPs Need to be at UptimeLIVE image

TubbTalk 163: Why Modern MSPs Need to be at UptimeLIVE

Podcasts | By Richard Tubb

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore.

Share via
Send this to a friend