72% of “service providers” do not take protection measures until after “digital attacks”

Proactive digital security measures are very important for service providers.

From the source

In a recent Kaspersky survey, 28% of managed service providers reported that a massive digital attack on supply chains targeting a managed software service provider, revealed in December 2020, affected their companies in one way or another.

The attack had a wide impact, and its repercussions extended to most service providers.

In contrast, 72% of managed service providers said that they quickly took protective measures in response to the aforementioned attack, even though they were not affected by it, i.e. they resorted to protection measures after the occurrence of digital attacks.

Such security incidents, targeting the IT services system, highlight the urgent need to improve the level of digital security among managed service providers, including internal protection and specialized security services for customers.

One risky aspect of incidents targeting ISPs is that they can affect their customers, whether the attack is a supply chain tactic or random hits using ransomware.

The said supply chain attack, which was carried out via Solar Winds Orion software, affected large corporations and IT companies, as well as government institutions. On the other hand, during a Kaseya RMMS attack launched in July 2021, the attackers exploited an underlying vulnerability in it to spread ransomware on a number of clients' endpoints. Almost all (98%) of the managed service providers affected by the Solar Winds incident took action to respond to the incident and prevent further attacks in the future. The most common steps were switching to other software providers (44% of them), updating terms of contract and liability with suppliers (42%), and hiring additional security experts (39%). Also, 35% of them perceive the need to hire risk management experts, perhaps to avoid such incidents and mitigate their impact on their business in the future.

These proactive digital security measures are very important for service providers who want to attract customers and be trusted partners.

In fact, digital security expertise is among the top three criteria for 37% of customers when choosing a service provider.

In this context, Mikhail Kolchin, Head of Business for Managed Service Providers at Kaspersky, stressed that the digital security challenges facing managed service providers “involve business opportunities,” according to a recent report issued by Canalys.