N-able, Inc. announced the result of research into the fast-changing security
landscape for its partners, conducted by an independent research firm
and commissioned by N-able.
The
research found that managed services providers (MSPs) are quickly
overtaking their customers as a primary target for cybercriminals. The
research also revealed that while 90% of the surveyed MSPs suffered a
cyberattack in the last 18 months, the number of attacks these MSPs are
preventing has almost doubled, from 6 to 11.
The report, State of the Market: The New Threat Landscape,
reflects the responses of 500 participants-sourced from the U.S. and
Europe by an independent research team-about their security experiences
before the COVID-19 pandemic and today, to discover what had changed.
There has been an assumption that the increase in hybrid working has
meant a shift in how threat attackers are operating. N-able's research
looks at that shift and what it means for MSPs.
"MSPs
have worked tirelessly throughout the pandemic to ensure that the
businesses they support can stay online and connected as circumstances
changed," said Dave MacKinnon, chief security officer, N-able. "But the
cybercriminals they're protecting against are working equally as hard to
make use of these shifts against their targets. MSPs need to understand
how the threat landscape continues to evolve and make the changes
needed to protect both their customers and themselves, and make the most
of the enormous opportunity that enhancing security provides."
The research reveals:
- Almost
all (90%) MSPs have suffered a successful cyberattack of some sort in
the last 18 months, and the same amount have seen an increase in the
number of attacks they are preventing each month. On average, the number
of attacks being prevented has risen from six to 11.
- 82%
of MSPs have also seen attacks on their customers rise, though not
quite at the same rate, with an average of 14 attacks prevented per
month.
- While
some progress is being made on important security processes, such as
automating backup, many basics are still not in place. For example,
while most MSPs offer two-factor authentication to their customers, only
40% have implemented it in-house.
- DDoS and ransomware are among the main attacks MSPs are detecting, but the top attack remains phishing.
- The
effects of cyberattacks are wide ranging. Over half of MSPs say that
financial loss and business disruption resulted after a cyberattack, but
many said they have lost business (46%), suffered reputational effects
(45%), and even saw their customers suffer a loss of trust (28%). While
MSP budgets are only increasing at an average of 5%, they are focusing
this extra investment on key areas, including data security, cloud
security, and infrastructure protection.
- There's
good news. The majority of SMEs, seven in every 10, are planning to
increase their security budget. For MSPs, this means a big opportunity
is available.
- Automating
key functions is critical to making headway against cybercriminals.
Automated backups are the most common form of automation used by MSPs to
keep their customers' businesses secure, used by 85% of all
respondents.
The report can be downloaded at https://www.n-able.com/resources/state-of-the-market-the-new-threat-landscape.