• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
Hartman Executive Advisors

Hartman Executive Advisors

Business & IT Strategy Consulting Firm

  • Business Strategy Consulting
  • IT Management Consulting
  • IT Strategy Consulting
  • Risk Management Consulting
  • Telehealth
  • About
    • Careers
    • Community
    • Our Team
    • Testimonials
  • Services
    • Business Strategy Consulting
      • CIO Consulting Services
      • CISO Consulting Services
      • Interim Executive Placement Services
      • M&A Advisory
      • Telehealth Consulting Services
      • IT Coaching & Mentoring
      • Organizational Development
      • Process Engineering
    • Risk Management Consulting
      • CMMC Compliance Services
      • Cyber Risk Assessment
      • Governance, Risk and Compliance
      • Incident Response Planning
      • IT Due Diligence
    • IT Management Consulting
      • Change Management
      • IT Portfolio Management
      • Vendor Selection & Management
    • IT Strategy Consulting
      • Core Banking System Selection
      • FinTech Consulting Services
      • IT Strategy Assessment
      • Software Evaluation
      • Software Selection
      • Virtual Event Technology
  • Industries
    • Construction
    • Education
    • Financial Services
    • Government Contracting
    • Healthcare
    • Human Services
    • Manufacturing, Retail & Distribution
    • Nonprofit & Association
    • Real Estate
    • State & Local Government
  • Resources
    • Blog
    • Case Studies
    • eBooks
    • Executive Technology Survey Results
    • Maryland CIO Roundtable
    • Speaking Engagements
  • Contact Us
(410) 587-0064 Request a Consultation
(410) 587-0064 Request a Consultation

MSPs Battle Ransomware Attacks — Could Your Organization Be Affected?

May 6, 2020 by Dave Hartman

Woman reacting negatively to computer hacking Imagine you wake up to a call from your IT department informing you that your company is locked out of all systems and data because your Managed Services Provider (MSP) was targeted with a ransomware attack. The attack targeted their systems, but now you’ve lost access to yours, and they can’t tell you when you’ll be able to gain access to your systems again.

As unlikely as that call may have been just a few short years ago, sadly, more and more CEOs and executive teams are facing that horrifying reality today.

Largely gone are the days when a small team of IT network administrators managed the IT resources, security and access for companies and organizations. With the proliferation of cloud services, cloud-based software and “technology-as-a-service” capabilities, scores of corporations and nonprofit organizations have embraced outsourcing their IT networks and infrastructure.

Today, those responsibilities largely fall to MSPs — companies that deliver critical network management services to dozens, hundreds, or in some cases, thousands of other companies, simultaneously and largely remotely.

For the most part, this has been a positive development for organizations as they can now outsource their IT support needs to a company dedicated to that endeavor, rather than focusing on an area of their business in which they don’t specialize.

These migrations, however, have not been without their hiccups. The quality and technical sophistication of MSPs varies greatly, as does the pricing of their services. Not all MSPs are created equally, which corporate and nonprofit executives alike have discovered in their searches for a provider that is the right fit for their needs.

Just when the business world has grown comfortable with this approach to managing critical data, access and systems, MSPs are facing a new threat.

Cyber threats and ransomware attacks, cyber targeting that infiltrates a computer network then denies access until a ransom has been paid or systems are recovered otherwise, have plagued companies large and small for years, as the business world struggles to stay at least a half step ahead (or behind, depending on your perspective) of the bad guys.

And now they’ve found a new target. Cyber criminals are infiltrating MSPs directly with ransomware attacks, leaving thousands of companies locked out of their critical data for days and weeks at a time, while helpless and powerless to do anything about it.

Employee with security breach on monitor In April 2020, the FBI reported through their Internet Crimes Complaint Center (IC3), that since the beginning of the COVID-19 pandemic, the Bureau has seen the number of reported cyber incidents increase from 1,000 per day to upwards of 4,000. Additionally, a late 2019 report from threat intelligence firm Armor found that 13 MSPs, and possibly more, were hit with ransomware attacks during the year.

In one instance that was well documented in the news, a California company, Synoptec, was impacted by a ransomware incident that brought thousands of its clients to their collective knees for several days. More recently, during the height of the COVID-19 crisis, an MSP that serves mostly healthcare organizations experienced an attack that impacted hundreds of its health services clients, who were already struggling to provide services through these difficult times.

The threat is real, and the enterprise-wide risk to CEOs and business owners is significant. The solution isn’t to bring IT services or cloud-hosted platforms back in-house. Outsourcing network administration is still the right answer, and there are hundreds of outstanding service providers throughout the country who provide reliable services to organizations and create much needed flexibility and nimbleness.

That said, there are a few steps that all business leaders can take to provide reasonable assurances that their MSP is utilizing best practices to ensure their systems won’t be infiltrated, and that if they are, they can recover without issue. Depending on how an organization utilizes MSP services, actual risk may vary greatly. The steps are as follows:

  • Review your MSP’s capabilities, network architecture, backup and recovery procedures, to ensure they have made the necessary investments to reasonably protect themselves and their clients’ data. If you are a healthcare provider or are an organization that works with healthcare data and providers, your risk may be even greater. Have you taken the appropriate steps to ensure that your partners aren’t putting you, your data and your clients’ data at risk?
  • Review your MSP contracts to better understand your own rights and obligations should your MSP be hit with a ransomware attack.
  • Conduct an enterprise asset risk assessment to understand which aspects of your data and network are most at risk and provide the most significant impact to your business and your clients’ businesses. Where are the single points of failure? How can and should you mitigate those risks?

Employee running digital evaluation test Hartman Executive Advisors, as one of the only truly independent technology advisory firms, can conduct a thorough, yet cost-effective review to help organizations currently engaged with an MSP evaluate their risks and develop a plan for mitigation.

The bottom line is that your MSP relationship can’t be a ‘set it and forget it’ endeavor. These relationships, like all critical vendor relationships, need consistent and effective management in order to ensure continued effectiveness. For these relationships, this has never been more critical.

Filed Under: IT Strategy

Primary Sidebar

Types

  • Article
  • Press
  • Vlog
  • Webinar

Topics

  • Associations & Nonprofits
  • Construction
  • COVID-19
  • Cybersecurity
  • Digital Transformation
  • Education
  • Featured
  • Financial Services
  • Hartman News
  • Healthcare
  • Human Services
  • Interim Executive Placement
  • IT Due Diligence
  • IT Management
  • IT Strategy
  • Leadership
  • Manufacturing
  • Mergers & Acquisitions
  • Real Estate
  • Risk Management Consulting
  • State & Local Government
  • Strategic Services
  • Systems & Software
  • Telehealth

Related Blogs

Senior Living Technology Trends

Senior Living Technology New Year’s 2023 Resolutions: What Trends to Watch for  

January 27, 2023

The effect of globalization has catapulted the need for digitization. For senior living providers to remain competitive, they must stay on their A-[...]
Read More

Smart city

The Future Of Smart Cities & Steps Small Cities Need To Take To Get There

January 18, 2023

More than half of the world's 8 billion people live in cities, generating more than 80% of the global GDP. Today, cities are getting smarter. The [...]
Read More

Nonprofit Professional on the phone

Leveraging Data-Driven Analytics To Drive Mission Impact Throughout The Nonprofit Sector

January 11, 2023

Mission impact is an important metric for nonprofit organizations, but are nonprofits leveraging the tools they need to reach mission goals and [...]
Read More

Footer

It's Time to Reach Out
Are you ready for independent IT Leadership?
Contact Us

Hartman Executive Advisors

1954 Greenspring Drive Suite 320 Timonium, MD 21093
410-587-0064

Services

  • Business Strategy Consulting
  • Risk Management Consulting
  • IT Management Consulting
  • IT Strategy Consulting

Resources

  • Blog
  • Case Studies
  • eBooks
  • Executive Technology Survey Results
  • Maryland CIO Roundtable
  • Speaking Engagements
Sign Up for Our Newsletter
Subscribe to Hartman Executive Insights
  • This field is for validation purposes and should be left unchanged.

© 2023 Hartman Executive Advisors · Powered by 321 Web Marketing · Website Privacy Policy & Terms of Use