Technology Reseller v49

01732 759725 20 CYBERSECURITY Digital Risk Protection is an easy add-on to an MSP’s cybersecurity offering that is becoming ever more useful in the fight against cybercrime. James Goulding finds out more from Skurio CMO David Chalmers cyber risks, such as the emergence of ransomware-as-a-service, more regulations and a severe shortage of people with cybersecurity expertise, small and medium-sized organisations are increasingly looking to outsource their cyber security to MSPs or specialist MSSPs, for which the Skurio platform is an attractive addition. “MSSPs normally offer traditional network monitoring, network protection and endpoint protection services, and what we provide is very synergistic to that. We enable MSSPs to say ‘We’re already monitoring for threats and breaches inside your network. Now we can also monitor outside your network.’ It’s a very simple add-on for them and doesn’t require much effort to expand wallet share with those customers.” As an example, he cites Nasstar’s recently launched cybersecurity service for SMEs, which does all the basics like Microsoft 365/on-prem scanning, EDR, training and patching but also includes the Skurio platform for digital risk protection – “It’s a starter package that provides DRP as well as those elements that are traditionally required for IT security services," explains Chalmers. He adds that Digital Risk Protection services are also of value to MSPs that have not yet developed a significant cybersecurity capability. “Managed service providers that offer generic IT services, whether it's managing Microsoft 365 or Outlook, are looking for ways to grow their business. Cyber security is quite a tricky area to get into beyond simple email monitoring or virus checking, but this solution is so straightforward and easy to use that you don’t need to be an expert cyber threat intelligence analyst to run our product. Unlike many threat intelligence services, which are like a NASA control room in terms of their user interface, ours is deliberately simple and straightforward.” While Chalmers concedes that DRP might once have been considered nonessential, he argues that it makes sense for a business that is investing in services to patch Windows environments, say, to use Skurio’s automated monitoring services to check the surface, deep and Dark Web for evidence of any breach (known or unknown) that might have already occurred. “The Dark Web is obviously really hard for businesses to investigate manually and the automated monitoring capability we have really solves that problem for them. But we also look at Reddit and Telegram and other social media platforms, as well as pastebin sites and dump sites where people put sample datasets. We cast a wide net.” Knowing that Skurio is looking out for mentions of a company name on the Dark Web or instances of its data being offered for sale gives businesses reassurance that their data is safe or, if it is discovered, that they can act quickly to address a breach – something that has become important now that cyber criminals have changed ransomware tactics and no longer just lock down a victim’s data but also exfiltrate it and sell it on regardless of whether the ransom is paid or not. New monitoring services In the last 12 months, Skurio has expanded its core monitoring and post-breach investigation services with additional capabilities, including domain registration monitoring, which looks for domains that replicate or spoof a client’s own domain, for example by switching letters or using a Cyrillic character in place of a Roman one or adding a plausible prefix/suffix. “Ransomware attacks, phishing attacks and malware attacks generally all use a fake domain with a fake email address or a fake website and try to get people to go there and then steal their information or spread malware. We now have a monitoring service, where you can put in all your domains, and we will alert you if a spoof is found so that you can ask the With growing awareness of the need for layered defences against cyber criminals, shouldn’t MSPs be adding Digital Risk Protection (DRP) to their services portfolio? Skurio certainly thinks so. As part of its broader channel strategy, which also includes a major focus on international expansion in the Middle East through a growing relationship with regional distributor Bulwark Technologies, Skurio has been making significant inroads in the UK’s MSP community. Chief Marketing Officer David Chalmers says that much of the impetus for this has come from MSPs themselves. “Over the last year we’ve been very much focused on international expansion, but at the same time we’re continuing to grow in the UK and continuing to add partners, especially on the managed service provider side. MSPs are coming to us because they want to offer a Dark Web monitoring service or a post-breach investigation service. That’s been a big step change in the last year; people coming to us, saying we need to offer these services.” He describes partnerships with MSPs as ‘a big part of the way forward’, pointing out that at a time of rapidly evolving Why MSPs should embrace DRP continued... David Chalmers