You may now view the rest of Nuzoo in all its glory!

Click anywhere to proceed and fill your face with news, glorious news!

Nuzoo blog: Governments coming down on MSPs following increase in cyberattacks

The last couple of weeks have seen a series of headline-making cyberattacks globally, across different industries.

The Health Service Executive (HSE), which is responsible for healthcare and social services across Ireland, was forced to shut down all its IT systems following a ransomware attack three weeks ago. The country’s health service is still suffering from significant disruption more than three weeks after falling victim to the attack.

Elsewhere, Colonial Pipeline, which supplies almost half of fuel to the United States eastern seaboard, was also hit by a ransomware attack. The firm ended up paying more than $4 million in Bitcoin in exchange for the decryption key. And most recently, meat processor JBS was recently hit with a ransomware attack by the REvil criminal group, while Fujifilm has also fallen victim to a ransomware attack in recent days.

The increase in ransomware attacks have led to governments in both the US and UK to urge organisations to take such threat seriously. Why this is of even greater interest to the channel is that leaders are pinpointing the role of managed service providers (MSPs) in such attacks.

MSPs have become an increasingly common target for cybercriminals, as they are often a single point of access to their clients’ sensitive data. Perch Security from ConnectWise recently pointed to an increase in ‘Buffalo Jumps’, a new tactic used by criminals to ransom a service provider and many of their customers at once.

As a result, the UK government is now considering a new cybersecurity framework for MSPs to prevent third-party attacks. The proposals could require MSPs to adhere to a set of 14 cyber security principles, called the Cyber Assessment Framework. The framework sets out measures organisations should take, such as having policies to protect devices and prevent unauthorised access and ensuring data is protected at rest and in transit. It also advocates for keeping secure and accessible backups of data and training staff and pursuing a positive cybersecurity culture.

The proposals have been welcomed by MSPs, who feel more needs to be done to ensure that any IT systems and data managed by partners remains secure. Channel Futures this week quoted several UK MSPs that a central regulation will benefit both suppliers and customers, especially as too many MSPs “are just doing the bare minimum” for security for their clients.

Others, meanwhile, are already adhering to these measures – and more – with their own best practice procedures and existing certifications – so there is possibly no need to “reinvent the wheel” with a new framework.

Nevertheless, we will wait and see what the next step is in the UK government’s plans to introduce the framework and continue to monitor the reaction from the channel.

New website design

Separately, you probably won’t have be able to miss that Nuzoo has undergone a website refresh this week! Nuzoo monitors hundreds of channel news sites, videos and podcasts and filters just the content that is relevant to you, all in one place – and it’s free to use.

Now an updated UI and UX provides you with a much simpler experience, where you can choose the news that you want to see. At the same time, we’ve incorporated videos and podcasts which have their own space, plus a dedicated ‘Nuzoo Recommends’ page and quick filtering and search.

We hope you enjoy it!

Author: Christine Horton

Publish Date: 04/06/2021 14:10

© All Rights Reserved. The Nuzoo platform is built and managed by Purechannels Ltd. Registered in England. Company Number: 05485704.

Purechannels® is a registered trademark No: 017958605. Registered Office: 20 Havelock Road, Hastings, East Sussex, UK, TN34 1BP.