9 Lessons We Learned from Cybersecurity Experts in 2020

Shoering Up Security, CompTIA’s cyber-focused YouTube series, sheds light on the latest cyber threats and trends, including how we could all do more of to protect customers. Read show host MJ Shoer’s highlights and takeaways from each episode.
Cyber_Hack_Shoering_Up_Security_515

When we launched my YouTube series, Shoering Up Security, in late October, our goal was to bring more awareness to the CompTIA ISAO and to help businesses be more resilient in the face of unprecedented cybersecurity threats.

After all, for most small- and medium-sized businesses a breach could mean the end of that business. At the very least, significant damage to that organization’s reputation will take place. The hackers have been doing a much better job in sharing information about successful threat vectors, techniques, and hacks. The time is long overdue for the tech industry to share information to fight back against these bad actors and protect our global economy.

To promote that ideal, on Shoering Up Security I welcomed a technology industry expert, CompTIA ISAO partner or cybersecurity thought leader each week to discuss the latest cyber threats and trends and talk about what we could all do more of to protect customers. I think we hit upon some important themes and given the near daily news reports about new hacks, we do not expect this to change anytime soon.

In case you missed an episode, here are some highlights and takeaways from each show in the series:

Sharing Information to Strengthen Cybersecurity

In our first episode, I spoke with Arnie Bellini, co-founder and former CEO of ConnectWise. Back in August of 2019, Arnie brought the idea of a solution provider-focused ISAO to the forefront. It was the precursor to what is now the CompTIA ISAO and Arnie has generously provided financial backing to help us stand up the CompTIA ISAO going forward.

Arnie shared his concerns about the current state of cybersecurity within the solution provider community and the risk to the industry if we do not improve the way we share information. Competitors must set aside their individual concerns and come together to do what is best for the industry. CompTIA has an excellent track record of doing exactly that, getting competitors to come together and check their business cards at the door and work together to make things better for the entire industry. The cliché a rising tide floats all boats hold true for all CompTIA initiatives.

How the IT Industry Can Address Cyberthreats

The following week, I talked with Scott Algeier, my colleague and executive director of the IT-ISAC for more than 20 years. The CompTIA ISAO has a unique partnership with the IT-ISAC to provide a team of cyber analysts and help to manage our TruSTAR threat intelligence platform. He shared his insight into the current state of cybersecurity threats and how IT-ISAC members, mostly household name enterprises, work together to share threat intelligence and protect against common threats. We also discussed the ways that our organizations work together to bring the seasoned expertise of the IT-ISAC to the unique needs of the solution provider community served by the CompTIA ISAO.

Partnering to Secure Solution Providers & Customers

Jason Magee, CEO of ConnectWise, joined me for the third episode to talk about the importance of information sharing to successfully defending against cyber threats. Since taking over the CEO role from Arnie Bellini, Jason has built on the legacy of the company and brought a clear focus on cybersecurity strategy to the company. On the show, he talks about the role of each organization involved in the fight against the bad actors. Each company is a link in a chain and that any one weak link will weaken the chain, allowing hackers the advantage. We discussed how technology vendors can successfully partner with their customers to help improve the cybersecurity resilience of the end customers that we all serve.

Cybersecurity Is Everyone’s Job

In our fourth episode, I spoke with Paul Kurtz, co-found and executive chairman of TruSTAR, a platform partner to the CompTIA ISAO that provides our threat intelligence platform. This is the technology where we bring in all our threat intelligence feeds from public, private and open-source sources. Within this platform, our cyber analysts can correlate and qualify threats, ensuring that our members receive timely and actionable alerts that could impact them and their customers. CompTIA ISAO members with cyber expertise on staff can threat hunt directly in the platform and focus on the unique needs of their business. Paul has a fascinating background in both national security and cyber security matters and talked about how that influences the capabilities that TruSTAR brings to the CompTIA ISAO.

Why MSPs are a Target for Malicious Actors

Vince Crisler, founder and CEO of Dark Cubed, a cybersecurity firm working to bring cybersecurity to small and medium-sized businesses that do not have the resources to implement security on their own, shared some fascinating information from Dark Cubed’s recent “Attacking the Gatekeeper” report which found that 100% of MSPs were targeted by cyberattacks. A link to this free report is available in the episode. Vince also brings a unique national security and White House perspective to the fight.

Dark Cubed collects anonymous and highly valuable data from MSPs and solution providers to share with the CompTIA ISAO. This critical feed of targeted cybersecurity information helps the CompTIA ISAO deliver alerts that are uniquely relevant to our community of members.

How to Recover from a Cybersecurity Breach

Ben Nowacky, senior vice president of Axcient, which helps customers recover from hacking, ransomware and other cybersecurity threats through backup, disaster recovery and business continuity solutions, communicated his experience working with MSPs to ensure they have an adequate data breach recovery plan in place, should they ever need it.

We also discussed how MSPs and solution providers need to improve their cybersecurity posture, through initiatives like engaging with the CompTIA ISAO in order to meet the growing preparedness requirements that insurance companies are placing on these companies.

MSPs Must Build Back Trust with Better Cybersecurity

Kevin McDonald, COO and CISO of Alvaka Networks and co-chair of CompTIA’s new Cybersecurity Advisory Council, is well known in cybersecurity circles and has extensive experience helping breached MSPs and solution providers recover from what would otherwise be devastating attacks. In this episode, Kevin gave his insight on what he sees wrong in the industry and about the opportunity that all organizations involved in the business of technology must capitalize on to improve their cybersecurity resilience and better protect their customers. Kevin’s wealth of experience and depth of expertise make him one of the most respected practitioners in the field of cybersecurity.

3 Trends in Cybersecurity Tech Companies Need to Know

In our eighth episode, Scott Barlow, vice president of Global MSP at Sophos, another CompTIA ISAO industry partner, and vice-chair of CompTIA’s board of directors, discussed insights from across the Sophos organization, including three trends that are shaping cybersecurity in 2021. Sophos is a highly respected cybersecurity company that works with enterprises and MSPs worldwide and Scott is well known in the MSP community for being singularly partner focused and helping MSPs succeed with their customers. Sophos maintains a robust threat intelligence feed through Sophos Labs and the CompTIA ISAO is grateful to Sophos for sharing this important feed with us.

Cybersecurity Goes Beyond the IT Department

For our ninth and final episode, I talked with Rebecca Herold, CEO and founder of The Privacy Professor and a member of CompTIA’s new Cybersecurity Advisory Council. We discussed Rebecca’s experience advising companies on implementing cybersecurity best practices. We also talked about how to hold supply chain partners to these same best practices, something that has proven to be extremely important as these partners often represent the weak link in your chain. Rebecca also shared her unique and fascinating career journey and shared her passion for diversity and advice for other women interested in tech careers.

It has truly been a pleasure to interview these nine impressive individuals throughout the course of the series. Each person brought something different to the discussion, but one thing they all shared was a common belief that information sharing and collaboration are the key to more effective cybersecurity. To our CompTIA ISAO industry partners, I am so grateful for your support of this important initiative. The thought leadership that each of these individuals shared with us is priceless.

If you’re not yet a member of the CompTIA ISAO, I encourage you to join us. You will be able to follow these individuals and more cybersecurity experts and thought leaders in our Cyber Forum, our online community where members share best practices, ask questions, submit threats, and access all of our timely and actionable reporting. Together, we will fight back against the bad actors and improve the cyber resilience of our businesses and more importantly our customers.

MJ Shoer is Senior Vice President, Executive Director of the CompTIA ISAO.

Want more info about the CompTIA ISAO?

Learn everything you need to know about the CompTIA Information Sharing and Analysis Organization (ISAO), including what it is, why it matters, and how any tech company and its customers can benefit.

Read More

Read More from the CompTIA Blog

Leave a Comment