Cybersecurity insurance continues to be a hot topic for MSSPs and MSPs. Rates have now leveled off, and some customers may be finding it easier to get insured, regardless of whether they have certain basic security controls in place, sources tell MSSP Alert.
In this environment we’ve seen partnerships between cybersecurity vendors and cybersecurity insurance carriers, and Stellar Cyber is rolling out a cybersecurity insurance extension to its XDR plan today. Watch our site for the story later today.
Meanwhile, if you are close to Austin and you care about the issues around cybersecurity insurance, you absolutely need to be at the panel discussion we have planned on Wednesday, Oct 16, the final day of MSSP Alert Live. Our panel of experts from MSPs and rival companies will be talking about the trends in the market, MSSP best practices, cyber warranties and how they fit in, plus best practices for reporting a breach.
MSSP Alert Live in Austin, Oct. 14-16 will also take a deep dive into the questions of breach liability and how MSPs and MSSPs can protect themselves. If you are an MSP or MSSP and would like to attend this session or the whole day of programming on Oct. 16, drop me an email today with the subject line “DISCOUNT” and I will get you a special rate to attend. Send it to [email protected]. You can also send me any news, tips or insights to me for this column at that email address, too.
Today’s MSSP Market Update
1. Open XDR Expands to Insurance - Stellar Cyber is partnering with Converge Insurance to provide discounted cybersecurity coverage to MSSP customers. The partnership allows Stellar Cyber to assure security controls align with the MITRE ATT&CK framework, demonstrating lowered risk for MSSP end customers. Stellar Cyber plans to extend the program to other insurance providers as part of its Open XDR platform. Watch for a full story on this development later today.
2. Microsoft Management Console remote execution vulnerability - Microsoft's October Patch Tuesday addressed 117 vulnerabilities including a high severity and important one that is currently being exploited -- the Microsoft Management Console Remote Code Execution (RCE) Vulnerability or CVE-2024-43572. A remote attacker can exploit this vulnerability by convincing a victim to download and open a specially crafted Microsoft Saved Console (MSC) file which could lead to remote code execution. The security update mitigates this vulnerability by restricting the opening of untrusted MSC files.
3. A look at behavioral analysis - A recent Huntress blog post examines behavioral analysis in cybersecurity that may be a key to detecting many threats. For instance, the blog points, out, according to Verizon’s 2023 Data Breach Investigations Report (DBIR), 60% of breaches involve tactics that signature-based defenses miss entirely. The company said that behavior analysis transforms the way we all approach cybersecurity.
4. What countries have the most cyberattacks? - The most recent BlackBerry Global Threat Intelligence Reporttakes an in-depth look at 90 days of attacks stopped by its Cylance cybersecurity solutions and services, the company reports in a blog post. The top attacked country is the United States. Next is North Korea, Japan, Australia and New Zealand. A Blackberry VP noted that the countries with the greatest internet penetration tend to be home to the most attacks. The number of politically motivated threat actors is increasing, too, he said.
5. Securing candidates' mobile devices - Republican presidential candidate Donald Trump’s campaign is now using specialized, encrypted mobile phones and secure laptops purchased from Santa Barbara, California-based Green Hills Software to protect staff following a series of successful Iranian hacks, according to a Reuters report. Green Hills develops a proprietary, security-focused operating system already used by multiple U.S. agencies, the company's CEO told Reuters.
6. Archive.org breach - The Internet Archive’s “The Wayback Machine” suffered a data breach after a threat actor compromised the website and stole a user authentication database of 31 million unique records. The organization also suffered a DDOS attack, according to a report from BleepingComputer. The site archives web pages that may no longer be available from their original source, making it a source of truth in a digital age when historical records can be wiped out.
Looking for more news and a list of industry events? Check out the daily news column on our affiliate site ChannelE2E here.
