MSPs shut security door after horse has bolted

More than half of IT Managed Service Providers (MSPs) admit to investing in cybersecurity products only after being hacked, according to research by ESET.

The research surveyed 400 MSPs to uncover their attitudes and future plans around cybersecurity.

With the frequency of cyber-attacks growing year-on-year, the findings suggest that many MSPs still have their heads in the sand over the gravity of the threat. The study did, however, find that some MSPs are more proactive than others, with 41 percent of respondents saying that they invest in cybersecurity whenever they purchase a new device. Additionally, over a third said they have been prompted to protect themselves by reading stories about hacking in the news.

However, a big area of weakness appears to be smartphones, with nearly a quarter of the MSPs questioned saying they still don’t have any protection on their mobile devices.

When researching and buying cybersecurity products, the findings show that MSPs consider the price of the solution (49 percent) and its ability to perform spyware or malware scans (49 percent), above any other factors. Compatibility with existing systems (39 percent), and speed and download protection (36 percent) are also considered important for many.

David Mole, UK Channel Director at ESET said: “The growing threat of cyber-attacks for all types of businesses is widely publicised, so it is shocking that so many MSPs are waiting until they are attacked to invest in cybersecurity. Just one hack can result in thousands, or even hundreds of thousands of pounds worth of costs – and that’s not including the associated reputational damage on top. Delays to putting necessary protections in place simply aren’t worth the risk.

“Cyber-attacks and data breaches are becoming more sophisticated all the time, so the only way to keep your business safe is to be as proactive as possible about staying on top of the threats.

“Clients are relying on MSPs to help them keep their businesses safe, which means there is no excuse for a delayed or reactive approach. MSPs should be investing in comprehensive cybersecurity for all their devices and doing so as soon as these are purchased or brought onto their network. It is also vital to carry out regular reviews on all aspects of cybersecurity to ensure that the strategies and solutions in place are as up-to-date and effective as possible.”