TubbTalk 113: Cybersecurity, Phishing & Automated Human Risk Management for MSPs

An Interview with Alex Martin

Alex Martin is the cyber security analyst for UK-based LMS Group, a role he took on after achieving a degree in cybersecurity and forensic computing. LMS support a range of businesses of different sizes; they provide consultancy, break/fix, security compliance and virtual CIO services.

The Tools and Cybersecurity Solutions LMS Group use

LMS Group use a range of tools to support their business. Firstly, they use ConnectWise for PSA and Automate for RMM. Furthermore, remote access control is done with ConnectWise Control.

Much of their own systems and those of their clients is done through Microsoft 365. Then, they use Cisco Meraki to support remote and hybrid working. Finally, they’ve started using usecure. Alex describes it as a security awareness and phishing training platform to assess human risk. 

How LMS Use usecure Internally and With Clients

Internally, LMS use usecure as part of their induction process. “We’ve selected a range of different courses depending on the role of the new starter. Those in finance will be beginners, whereas the technical desk requires more detailed information.

“Employees have a set time to complete courses and they are all automated. Other platforms are manual and you have to add courses. But usecure saves us time and billing is done automatically too.”

And for clients, usecure shows them how much risk there is in their business. LMS run free phishing simulations to track when and where staff have clicked a spoof email or entered their credentials. Businesses underestimate the level of risk from users, so the tool helps them understand better.

How Alex Supports Clients with Cybersecurity Phishing Tests

“Clients are often confused at first. Because our reports are quite high level, o we need to support the user to understand what they’ve done. The staff don’t always know they’ve been part of a test. So, they click on something bad, raise a ticket and that comes to me.

“Therefore, I can reassure them that they’ve done the right thing by asking for help. The key is to help them understand that they haven’t done anything wrong and won’t get into trouble.”

A phishing simulation tool encourages people to talk about the risks and to get involved. Anyone can make a mistake. And while MFA is great, not all platforms support it. There’s legacy software that can cause a problem. So everyone can learn from these tests.

What is phishing? Read this explanation.

The Relationship with usecure

Alex says usecure is one of the best vendors he’s worked with.” They’ve helped us set up automated billing and provided marketing collateral. And they’re very quick to respond to queries and resolve problems. Most have been on the Microsoft side!”

How a Cybersecurity Tool Helps LMS Grow

Alex explains that LMS offers usecure to clients as part of a compliance package or to help with a big project. It often comes in handy during the client onboarding process, too.

Many businesses are looking for cybersecurity and user technical training to ensure compliance to various frameworks. “It’s often at the forefront of those initial meetings, because we can show them the security risks through a free phishing test.

“We carry out the test, present the results and highlight the risks. And then it’s up to them whether or not they want to add usecure to their services from us. Plus, we use it with existing clients who we think is a high risk. We do a phishing campaign with them over a couple of weeks and give them the report.” 

The Cybersecurity Challenge for MSPs

For MSPs, there’s a huge variety and a lot to learn. But Alex says when it’s busy it’s hard to get to grips with new potential threats quickly. And it varies from client to client, which adds an extra challenge.

MSPs work to harden client security, but there are always holes and things that need to be fixed – vulnerabilities are always coming. Clients are always looking for the next best thing; a product that’s more secure, efficient and effective for their business needs. However, Alex says it’s also his favourite thing about working in cybersecurity.

How to Connect With Alex Martin

• LMS Group
• Follow LMS Group on Facebook
• Follow LMS Group on LinkedIn
• Connect with Alex Martin on LinkedIn

How to Connect With Me

• Subscribe to TubbTalk RSS feed
• Subscribe, rate and review TubbTalk in iTunes
• Subscribe, rate and review TubbTalk on Stitcher Radio
• Subscribe and rate TubbTalk on Spotify
• Follow TubbTalk on iHeartRadio
• Follow @tubblog on Twitter

Mentioned in This Episode

• ConnectWise
• Cloud app management tool: Automate
• M365
• Cisco Meraki
• usecure
• Zen Software
• Podcast: Cyber Reason
• Podcast: Dark Net Diaries
• Book: David Sanger – The Perfect Weapon: war, sabotage, and fear in the cyber age
• Book: Kevin Mitnick – The Art of Deception: Controlling the Human Element of Security

You Might Also be Interested in

• Which Business Processes can You Automate Today?
• Cybersecurity Top Tips for Small Business Success and Growth
• How ConnectWise Helps MSPs Run More Efficient Businesses

You might like: