Advice to MSSPs: Prepare for the New Generation of Security Threats
Managed Security Service Providers (MSSPs) must prepare to handle a new generation of threats and challenges, like massive DDoS attacks, shadow IT and microservices.
Today, the Managed Security Service Providers (MSSPs) who set themselves apart from the MSSP pack are the ones who deliver next-generation approaches to security, at all levels of the software stack.
Here’s what next-generation security looks like.
Once upon a time, cybersecurity defense strategies centered on securing the perimters of environments with tools like firewalls.
Those days are gone
A new generation of threats has arisen, and forward-thinking MSSPs need to respond to the unique challenges that these threats pose.
The Modern Security Threatscape
Specifically, those threats include:
- Shadow IT. MSSPs can’t count on organization-wide security and IT governance policies to be followed or enforced. More than half of departments within organizations build their own infrastructure without official permission. This is known as shadow IT. Shadow IT creates unpredictable security challenges because it makes it very hard for MSSPs to know which kinds of environments and platforms they’re dealing with. They also can’t count on cybersecurity best practices to be followed.
- Complex service dependencies. Modern applications are built with microservices and deployed in highly distributed environments. While this approach provides a great deal of flexibility, it also makes software environments highly dynamic and difficult to monitor from a security perspective. For example, a sign of an intrusion that appears within a database service may actually be caused by a vulnerability in an entirely different part of the application. MSSPs need to be able to trace service dependencies and map environments quickly to interpret modern threats.
- Complex delivery chains. The means by which software is delivered have also grown more complex and created new layers that need to be secured. Take containers, for example. To secure a containerized environment, you have to secure the code that goes into container images, the registry where the images are stored, the network connection over which images are delivered to users and the containerized application once it is running.
Insider threats. MSSPs can’t assume that security attacks always come from outside of the organization or network. 43 percent of data breaches are inside jobs. - Massive DDoS attacks. Distributed-Denial-of-Service, or DDOS, attacks are not new. But they have assumed a new frequency and level of complexity in recent years. Attackers have used massive DDoS attacks to shut down entire portions of the Internet, as happened in October 2016 in the Dyn attack. DDoS attacks can be hard to stop — especially when the victims are just users of a service that is stopped, rather than being direct targets. MSSPs must therefore be prepared not only to help their customers prevent DDoS attacks against their own infrastructure, but also develop strategies for mitigating the impact of DDoS attacks that occur against their customers’ service providers.
Innovative MSSPs must be prepared to handle these new types of threats. They can’t just set up perimeter defenses and call it a day.