Whether it’s the Nigerian prince trying to deposit money in your bank account, or your ‘CEO’ – authorizing a large gift card purchase (provided you email the codes on the back), the Business Email Compromise (BEC) scam has been around for a while. Unfortunately, cybercriminals just tweak the scam, and employees continue to fall for it—to the tune of nearly $2 billion last year. Recently, they’ve used the COVID-19 pandemic as a cover, posing as trusted vendors with access to much-needed personal protection equipment. As cybercriminals continue to increase the sophistication of their attacks, education and protection are necessary but not enough. To adequately protect your customers, you must add a layer of detection—something that will identify malicious behavior, alert you to the threat, and provide the correct response. As an MSP, you need to provide the right education AND the right tools. Here are five things to look for that will allow you to respond quickly and appropriately.
- Monitor for Anomalous Behavior
BEC relies on looking like human activity. An increase in remote work means companies are relying more on cloud services like the Microsoft Office 365 and Azure AD offerings. This puts more data in a complex environment that’s currently under-protected. Once threat actors can get access to Office 365, getting to the juicy data is a few clicks away. You’re already expected to secure your customers’ Office 365 accounts. However, traditional on-premise security solutions, such as firewalls and network sensors, aren’t able to monitor suspicious activity in cloud-hosted applications like Office 365, SharePoint, or OneDrive. Your customers need the most protection here now more than ever before.
- Get Alerted on the Real Threats That Need to Be Addressed ASAP
When something is going down, you need to know immediately. Without dedicated and experienced security staff, mistakes made in incident response can cost your customer lost time, money, and trust. Active alerting means that a team of experts has determined that an activity requires your immediate attention, allowing your team to focus on what’s most important. - Have Visibility of Threats
As an MSP, you need insight into the risks affecting your customers. A dashboard view should provide you with a snapshot by customer, by client type, or even across your customer base. Imagine being able to let your customers know, regularly, the types of
threats you see most often. - Present Findings to Your Customers to Show Your Value
As SMBs are beginning to protect their cash flow, every contract is being re-examined. Every vendor must show the impact they have on business-critical efforts. Make sure your tools provide the ability to customize a report for each customer to show how you’re keeping them secure as new threats emerge and evolve. - Support This Level of Monitoring With Your Existing Team (or Outsource)
Is your team well trained and equipped to respond to BEC threats? As customer needs ebb and flow, you need to be able to scale effectively. With more valuable data being stored in the cloud and attacks increasing since COVID-19, you cannot afford to service
SMBs without proper detection measures for their Microsoft cloud infrastructure. If you don’t have the capabilities within your own team, you need the ability to outsource. Support from a Security Operations Center can provide experts in cybersecurity, at a fraction of the cost of adding headcount, allowing your team to continue to focus on what matters.Check for Part Two next week!