Cybersecurity 101: 20 Terms Every MSP Can Benefit from Knowing
In the wake of high-profile breaches — the attacks against MOVEit and LastPass being the latest to seize the headlines — businesses nationwide are waking up to the reality that cybersecurity is more than a “nice-to-have” feature. One of our clients, Sandeep Kaushal of TeamLogic IT, recently shared that he has found the message of cybersecurity is so effective that he has made it a cornerstone of his sales pitch.
If you’re exploring the possibility of adding a cybersecurity solution to your MSP’s service portfolio, consider this glossary a starting point. We have over the past few months written at length about nearly every term on this list to highlight the advantages of adopting a proactive cybersecurity strategy.
So, in no particular order of importance, here are 20 terms you can benefit from knowing.
Cybersecurity 101: 20 Terms that Matter to Your Business
1. Attack Surface Management:
Attack surface management is the practice of understanding and reducing the risks associated with the points where an attacker could potentially enter or extract data from a system. It involves identifying all possible points of vulnerability and taking steps to minimize these risks. The process takes aim at the entire IT ecosystem and can be divided into two broad categories that share the same goal — identifying and mitigating risks before attackers can exploit them.
Attack surface management can help MSPs to better understand their clients' security risks, reduce the time and effort required to manage security, and build stronger relationships with their clients.
Read more: Beyond Perimeter Security: The Role of Attack Surface Management
2. EPSS (Exploit Prediction Scoring System):
EPSS is a data-driven framework that uses machine learning to predict the likelihood of a vulnerability being exploited in the wild. The EPSS score is a number between 0 and 100, with higher scores indicating a greater likelihood of exploitation in the next 30 days. This score can be used to prioritize the remediation of vulnerabilities, ensuring that resources are allocated effectively.
As an MSP, integrating EPSS into your vulnerability management strategy can help you provide more targeted and effective security solutions to your clients.
Read More: EPSS Scoring: A Quick Guide for MSPs on Vulnerability Prioritization
3. Vulnerability Management:
Vulnerability management is a continuous process that involves identifying, classifying, prioritizing, remediating, and mitigating software vulnerabilities. It goes beyond a simple vulnerability assessment by ensuring that discovered vulnerabilities are appropriately addressed.
As an MSP, offering vulnerability management services provides your clients with ongoing protection against potential threats, reinforcing their trust in your services.
Read More: What Is Vulnerability Management?
4. Vulnerability Assessment:
This is a process of identifying, quantifying, and prioritizing vulnerabilities in a system. It allows organizations to understand their weaknesses and where they are most susceptible to threats.
As an MSP, conducting vulnerability assessments for your clients helps uncover potential weaknesses in their systems, allowing you to take the necessary steps to strengthen their security posture and protect against potential cyberattacks.
Read more: 7 Common Questions MSPs Have About Cyber Vulnerability Assessments
5. Common Vulnerabilities and Exposure (CVE):
CVE is a list of publicly disclosed cybersecurity vulnerabilities. Each vulnerability in the list has a unique identifier, description, and at least one public reference.
As an MSP, understanding and tracking CVEs can help you identify vulnerabilities in your clients' systems and implement the necessary protections or patches to mitigate the risks.
6. Compliance Benchmarking:
Compliance benchmarking involves comparing an organization's compliance performance with industry standards or best practices. It helps organizations understand how they stack up against others in terms of regulatory compliance.
For MSPs, providing compliance benchmarking services can help your clients understand their regulatory compliance status and make necessary improvements, thereby avoiding potential fines and penalties from non-compliance.
7. Patch Management:
This is the process of managing the deployment and updating of software patches in a computer system. It is a crucial aspect of maintaining system security as unpatched software can provide an entry point for cyber threats.
As an MSP, providing patch management services ensures your clients' systems are always up to date, reducing the risk of security breaches.
8. Cloud and Local Active Directory Auditing:
This involves monitoring, tracking, and auditing of changes to the Active Directory, which is a directory service for Windows domain networks. It helps to track user activity and detect potential insider threats.
As an MSP, offering Active Directory auditing services, whether in the cloud or locally, helps ensure your clients' networks are secure and any suspicious activities are promptly detected.
9. NIST Cybersecurity Framework:
The Cybersecurity Framework, developed by the National Institute of Standards and Technology (NIST) at the U.S. Department of Commerce, is a valuable resource for businesses of all sizes that want to improve their cybersecurity posture. Although it is voluntary, businesses that want to adopt best practices for cybersecurity protection should not overlook the importance of this framework.
By using the NIST Cybersecurity Framework to initiate an informed discussion with clients about the volatile threat landscape, MSPs can demonstrate the importance of focusing on the first two of the framework’s five core functions: identify and protect. That way, you can help your clients reduce the number of episodes that require activation of the next three steps (Detect, Respond, Recover).
Read more: Understanding the Big Picture of Cybersecurity Starts with NIST
10. Cyber Defense Matrix:
The Cyber Defense Matrix was created by Sounil Yu, a seasoned security scientist, to help visualize and understand the relationship between various components of an organization's cybersecurity program. It consists of a grid that outlines five fundamental functions of cybersecurity: Identify, Protect, Detect, Respond, and Recover, in alignment with the NIST Cybersecurity Framework. The matrix also represents five classes of resources that these functions apply to: Devices, Applications, Networks, Data, and Users (DANDU).
In conversations with clients, MSPs can use this matrix to highlight gaps in security controls, plan security strategy, and ensure a balanced investment in cybersecurity.
Read More: How the Cyber Defense Matrix Can Help MSPs Sell Cybersecurity Solutions
11. Cyber Essentials:
Cyber Essentials is, in the words of the UK-government, “a set of basic technical controls organizations should have in place to protect themselves against common online security threats. Cyber Essentials is suitable for all organizations, of any size, in any sector.”
As an MSP, offering services in line with the Cyber Essentials scheme can provide your clients with the assurance that their basic cybersecurity needs are being addressed.
12. The Zero Trust Model:
The Zero Trust Model is a security concept centered on the belief that organizations should not automatically trust anything inside or outside its perimeters and instead must verify anything and everything trying to connect to its systems before granting access.
Even though a complete Zero Trust implementation may not be possible or essential for all small to medium-sized businesses (SMBs), MSPs can still utilize its principles to provide more effective and tailored services to their clients.
Read More: The Zero-Trust Model: Implications for MSPs
13. Zero-Day Attack:
A zero-day attack refers to a software security flaw that is known to the software vendor but doesn't have a patch in place to fix the flaw. It is called "zero-day" because it is not publicly reported or announced before it becomes active, leaving the software's author with zero days to create patches or advise workarounds to mitigate its actions.
As an MSP, understanding zero-day attacks can help you provide more robust security services and advise your clients on the necessary measures to mitigate risks associated with such attacks.
Read More: The Lessons from Log4j and Other Zero-Day Attacks
14. Cyber Insurance:
Cyber insurance covers a company's liability for a data breach that includes sensitive customer information. This could include things like Social Security numbers, credit card numbers, account numbers, driver's license numbers, and health records.
As more and more small to medium-sized businesses (SMBs) seek cyber insurance coverage, MSPs can benefit from understanding the factors involved and how they can use this trend to their advantage. Specifically, you can help clients fulfill a number of critical requirements, such as vulnerability management, configuration management, and Active Directory monitoring and management.
Read more: Q&A: Attorney Eric Tilds on What MSPs Should Know About Cyber Insurance
15. PII Scanning:
Personally Identifiable Information (PII) scanning involves scanning data repositories for information that could potentially identify an individual, such as names, addresses, social security numbers, etc. It's an essential part of any organization's data protection strategy.
As an MSP, offering PII scanning services can help your clients maintain compliance with data privacy regulations and protect their customers' sensitive information.
16. Biden’s Cybersecurity Strategy:
The Biden administration's cybersecurity strategy emphasizes strengthening cybersecurity defenses, international collaboration, and enhancing incident response. It aims to safeguard the country's infrastructure against the increasing threat of cyberattacks.
The Biden Administration's cybersecurity strategy calls for shifting the burden of cybersecurity away from individuals, small businesses, and local governments, and onto organizations that are most capable of reducing risks for all of us. This is of particular significance to MSPs, who are well-positioned to help organizations implement and manage cybersecurity solutions.
Read More: Biden’s Cybersecurity Strategy: Will MSPs Have to Take Responsibility?
17. SOC 2 Certification:
SOC 2 (Service Organization Control 2) is a type of audit or certification developed by the American Institute of CPAs (AICPA). This certification provides assurance that a service organization has implemented controls that are effectively managing data to protect the interests and privacy of its clients.
For an MSP, working with a cybersecurity provider that is SOC 2 certified ensures a high level of trust and confidence in the provider's operations and the manner in which it handles sensitive client data.
Read More: ConnectSecure Achieves SOC 2 Type 2 Certification, Enhancing Customer Trust and Security
18. Penetration testing:
Also known as pen testing, this is a simulated cyber attack against your computer system to check for exploitable vulnerabilities.
As an MSP, offering penetration testing services helps you uncover weaknesses in your clients' networks before they're exploited by malicious actors, allowing you to demonstrate the value of your services.
19. Risk management:
Risk management in the context of cybersecurity involves identifying, assessing, and minimizing cyber risks. This could involve implementing security controls, purchasing cyber insurance, or establishing continuity plans. For an MSP, providing risk management services can help your clients understand their cybersecurity risks and take steps to mitigate them, further showcasing your expertise and value.
20. Threat hunting:
Threat hunting is the proactive search for malware or attackers lurking undetected in a network.
As an MSP, adopting threat hunting practices and offering these services can help you detect and neutralize threats before they cause damage, demonstrating your proactive approach to cybersecurity to your clients.
Contact ConnectSecure
How can you begin to leverage your cybersecurity knowledge? The answer is the ConnectSecure cybersecurity platform. Made by MSPs for MSPs, it features everything you need to harden the attack surface of your clients and position yourself as the expert to lean on in an era of rising cyber threats.