Top Threats

Joint Cybersecurity Advisory Protecting Against Cyber Threats to Managed Service Providers and their Customers

  • 1.  Joint Cybersecurity Advisory Protecting Against Cyber Threats to Managed Service Providers and their Customers

    Posted May 12, 2022 03:16:00 AM
      |   view attached
    Hi All,

    The cybersecurity authorities of the United Kingdom (NCSCUK), Australia (ACSC), Canada (CCCS), New Zealand (NCSC-NZ), and the United States (CISA), (NSA), (FBI) are aware of recent reports that observe an increase in malicious cyber activity targeting managed service providers (MSPs) and expect this trend to continue. This joint Cybersecurity Advisory (CSA) provides actions MSPs and their customers can take to reduce their risk of falling victim to a cyber intrusion. Tactical actions for MSPs and their customers to take today:
    • Identify and disable accounts that are no longer in use.
    • Enforce MFA on MSP accounts that access the customer environment and monitor for unexplained failed authentication.

    This advisory describes cybersecurity best practices for information and communications technology (ICT) services and functions, focusing on guidance that enables transparent discussions between MSPs and their customers on securing sensitive data. Organizations should implement these guidelines as appropriate to their unique environments, in accordance with their specific security needs, and in compliance with applicable regulations. MSP customers should verify that the contractual arrangements with their provider include cybersecurity measures in line with their particular security requirements.

    ------------------------------
    Michael Roza CPA, CISA, CIA, MBA, Exec MBA
    ------------------------------