Raffael Marty, managing director of cybersecurity at ConnectWise, said no one can be 100% sure when it comes to cybersecurity. But that doesn’t mean the Tampa, Fla.-based provider isn’t doing anything and everything to help its partners and their customers work in an airtight environment.
At its IT Nation Secure event in Orlando, Florida this week, ConnectWise unveiled its partnerships with ControlCase, a compliance-as-a-service provider, and FifthWall, a cyber insurance broker, to provide training, automation, and support. assistance to help MSPs prepare for and purchase insurance, eliminating dozens of steps they and their customers would otherwise have to take.
“We’re going to make it a little easier for MSPs to get cyber insurance and show that they’ve actually done the things that reduce risk,” Marty said.
ConnectWise is no stranger to cybersecurity risks. In 2020, several ConnectWise partners were hit by ransomware via a software vulnerability in ConnectWise Automate. And last May, security firm Blackpoint Cyber published a blog post warning that it had observed the deployment of ConnectWise’s MSP remote control software by bad actors during cyberattacks.
“We have promised our partners to secure the ConnectWise Asio platform as cyber threats evolve, to keep data privacy in mind, to adhere to industry and government standards, and to comply with the latest product and service regulations,” a Connctwise spokesperson said. in a report. “In ConnectWise, we prioritize security. We also have specific teams dedicated to monitoring threats; we continuously research, detect and assess potential threats through the Cyber Research Unit (CRU). In addition to regularly sharing this information with the community, we have resilient and flexible programs, products, and services in place to help partners achieve their cybersecurity goals that protect their customers and their business.
CRN sat down with Marty at the show to talk about cybersecurity and what ConnectWise is doing to help partners minimize their security risks now and in the future.
You mentioned in the keynote that you can never be 100% sure. Why do you say that?
In cybersecurity, there is no target difficult enough not to penetrate. If you have enough time and money, you can enter anywhere, it doesn’t matter. If I had a billion dollars and went to an insider of an organization, I could probably bribe him to come in. There is always a way in. You might have a group of trusted people that you just can’t bribe, but if you wait long enough, you infiltrate someone into that group.
ConnectWise launched its ConnectWise research unit a year ago. How has it evolved over the past year?
We added more people and started putting more processes in place, like making sure we support our existing tools. They have been tightly integrated with the ConnectWise SIEM platform to create content for it. They have started building an infrastructure for their tasks and are connected to all sorts of threat intelligence sharing communities and 37 feeds that come into their intelligence platform.
We are a Microsoft MAPP (Microsoft Active Protections Program) partner where we have access to early information when Microsoft sees things.
Why is ConnectWise’s RMM platform better than Kaseya’s?
I don’t know Kaseya very well, but with the ASIO platform, we’re integrating all the different tools and pushing more and more security use cases. We have a partnership with Intel where they have an in-chip capability to find ransomware and so we build that into our RMM. You will see use cases appear in the RMM, it is only natural to add them. Nobody is going to buy RMM or security or EDR or MDR, they are going to buy use cases. They will say: “I want to protect my endpoint”. We’ll say, ‘That’s the price and that’s how we’re going to deliver it.’
You said some MSPs still don’t take security seriously, why do you think that is?
It is a question of competence. It’s a matter of prioritization. They say, ‘I’m not going to be a target. Why would anyone want my information? I don’t have any important information. They don’t realize it will have an impact if their customers are down. It is above all a matter of not understanding the risk and not prioritizing it.
What are you hearing from partners and their top cybersecurity concerns?
When they do business with us, it’s, “What are you doing to protect your platform? Then we hear, “What does good security look like?” What do we have to do? What is the minimum we should sell? How do we deliver the services?’ We are doing everything we can to make sure we are safe.
What is the confusion or challenges around cyber insurance?
The insurance industry has a challenge. They send out questionnaires and you answer them somehow, sincerely hoping, but there really isn’t a method to give them real proof. Sometimes they ask for proof, but how do you present that? The process isn’t there to do that, so the challenge with insurance companies is really making sure they understand the current situation. The second piece is the insurance company…they are mathematicians. They look at these actuarial charts and say, “Here’s the risk, that’s the number we’re going to insure you for. This is how their models work. So how do you provide a security posture and understand what that means for an EDR (endpoint detection and response) deployment? How does this reduce the risk? That’s where we’re also trying to work with some of these data providers that help insurance companies incorporate that kind of information into their risk models.
What cybersecurity trends are you monitoring right now? What do you think will emerge in the second half of 2022 and in 2023?
I look at what is happening for MSPs and the upcoming regulations that we will have to help them. And on the product landscape, where we should expand our offerings. What is most useful for MSPs to onboard and integrate into our platform? Because in the end, we don’t want to be a reseller on the product side. The more elements we bring to our platform, the more we can make this platform vision a reality.