The Clip Episode 2 - Return of The Clips

Hello, I'm Dan Thomas Shefsky and this is the connecting it podcast.

So Dan, I can tell you, I think compliance, isn't just an opportunity for MSPs. I think it's the opportunity for MSPs. We've got a client now that's a law firm that has 11 different insurance companies that they represent that have put cyber security requirements in the contracts. Very specific things, not just like you have to secure data, but you must use things like multi-factor authentication. And one of them went further and said, that's at least 128 bit encryption. The biggest part of this is that people are afraid of the unknown. So there are MSPs that have told me, I don't want to get into compliance. I tried to read about HIPAA and I tried to read about, uh, NIST 801 71 and CMMC and[inaudible] and all this stuff, every one of these requirements, every one of these compliance requirements kind of has its own language, but it's just like any other language. If you are going to learn a foreign language, if you get off the plane in a foreign country, everything's going to whiz past your head. You're not going to understand a work. And then after a day or two, you'll start to understand some things. And maybe two days, three days later, you'll be able to order a Coke and find out where the bathroom is. And then you will understand things. And then you'll be able to speak the language once you can get through those barriers. And that's what we built into our Semel systems is to help MSPs understand these things quickly and understand, for example, the difference between[inaudible] NIST 801 71. And CMMC the difference between HIPAA and the high tech act and the MIPS merit-based incentive payment system. All of this is built in and it's focused on what MSPs need to know. So I want to help the MSPs overcome their fears of compliance and really there's no additional liability. If you're working with regulated clients, if you're doing the right things,

This NSP community has created this infrastructure that has enabled all of us to be able to walk out of our offices one day and still continue to be productive and run our companies and do our business. It's a really important thing. So one of the questions that gets asked very frequently, both for MSP tech customers, as well as general customers is the two factor authentication question. And so if you answer a yes, you do have to FAA turned on and then it turns out in the investigation that perhaps you didn't, it might be considered an error, but it also could be considered a decline. And so these are things that's really what we called, like the basic blocking and tackling. So two factor authentication is extremely important. The other thing that we're finding is, is credentialed stuffing. And so it's also sure that that password hygiene, and I know people talk about this all the time, but password hygiene is really important. And some of the dark web monitoring sides can be very helpful because not only for the MSP themselves, but also for their customers, we're finding that what they're doing is harvesting credentials. They relate the credential somewhat to the MSP and their related customer base. They break into the RMM tool and then they've stuck the credentials in and just keep running it automatically until they get a click unlock the key. And then boom, they're in.

I mean, I remember when I used to be, uh, I used to work as a system administrator for a police department in, um, in, uh, Kansas. And it was just like, it was always in the back of my head, like, you know, what the hell am I going to do if you know, things go down because, you know, I've, I've never practiced this. You know, I built, I built a system six months a year ago, two years ago. I don't know if that software is even available, how, you know, who do I turn to to recover it? I mean, it was just, there was always this sort of like this, this sort of nod in your gut about what's going to happen. You know, SMBs don't have to deal with that anymore. I mean, they can really go to these organizations and say, Hey, uh, you know, I mean, yeah, I mean, it's, it's not free. I mean, I'm not going to say that, but just knowing, just having that assurance that you can go out there and actually recover it. Um, you know, companies will, will set aside money, you know, we'll, we'll budget money to do that. I mean, I think it'd be foolish not to do that. What, what's your take on disaster recovery for SMBs? Oh yeah. I mean, I would say SMBs are starting, are really sitting in the sweet spot now, uh, for providing a disaster recovery. Uh, you know, when I've looked at some of the, the companies that are really what's going Mark, I did a, we did DCG did a top five report on all the one disaster recovery solutions, uh, earlier this year, I think, or maybe last year in fourth, quarter of 2019. And it was like when I started, when I, I actually stopped looking at enterprise solutions that have like these all-in-one disaster recovery solutions, cause you know what, they don't exist for the enterprise. Uh, you know, there's always a certain hesitancy of moving, you know, in adopting any MSP, but you know, disaster recovery is a, you know, is a clear and present danger and ale threat or concern for every, every organization. I don't think the everyday business owner understands when they click install, what they're actually doing when they click accept and install. So, I mean, it's a powerful message.

Um, and it really, and this sounds a little bit scary, but it really isn't scary. I mean, if you roll out an agent, you wait and then you lock it down. It's, it's not brain surgery, we're not talking about some magic. It's just the things that you are going to worry about. Like app updates, we've taken care of that for you. And we've literally have MSPs that have deployed thousands of seats at the end of a demo and locked down a week later. It's it really isn't that scary. It's quite simple. People shouldn't be running new software on their computer every day. Don't allow them to run new software. Then you don't have to deal with as alerts on your SOC and your, in your EDR because things aren't changing when they shouldn't be. And now you're in a controlled environment and bad stuff doesn't happen.

You know, what problems are you helping MSP solve? You know, if I come on as an MSP with you today, what, what is it that you're solving with me as an MSP?

So, so the big thing is, I mean, ransomware, I mean, that's the biggest reason people sign up for throughout locker. There's more to it than that. But as an MSP right now, what a lot of MSPs are facing where there's, I, I went out and I got an antivirus in it, and then I got ransomware. So they go like different antivirus or an EDR or threat hunting. And I'm still getting ransomware. And I don't understand, I keep spending more and more money on these technologies and I keep getting ransomware or, and I keep getting breached. And so we, we want to stop that. And what we want to do is say, okay, stop beating up on your antivirus company, because you've got to, you got to fit in nest chew to the moment. You've got to sit where they're sitting and say, what are they doing for me? Well, they're looking out and trying to identify bad guts. And th they're essentially, if you think about, you've got a room, pull it for the people and you've got to figure out who's good and balanced. It's a difficult task. I mean, that guy's wearing suit. He's probably okay, but maybe he's not, who knows, maybe he's a white collar equipment or maybe he's just a thief in a suit and that's what antivirus is doing. And they're trying to detect that. So what we're coming in and really saying, look, we want to do two things. Well, the end goal is to stop cyber breaches, but the way you stop cyber breaches is by stopping bad things from running. And the way you stop bad things from running is not looking for bad things, but instead, deciding what do you need in your environment, uh, and blocking everything else from running and then stopping even good tools that aren't needed from running. Because if you can reduce your surface area of attack, then you're going to stop potential areas where a breach, every application you're running, you're adding an area of breach into your sister. You're adding a vulnerability into your system. So if you don't need to run TeamViewer, don't allow that to run it. It's not about do I like team viewer? Don't I like team viewer. No one cares if you do, or don't the point is, is there a business need Brett? So from an MSP perspective, but we all took, I suppose the two biggest problems are malicious software being installed, but also shadow it, which needs to other breaches people deciding I want to work from home. So I'm going to install TeamViewer on my machine, or I've got an idea. This application is a better PDF reader. So I'm going to install it and not realizing that this application is not patched by my MSP. And you know, so w by, by taking away shadow it, we essentially take away the risk of ransomware, because we're now not requiring requiring the needs to detect ransomware and by taking away. And we're also taking away computers that are running out of control and people doing whatever they want.

Why don't you tell us a little bit about yourself and why you decided co-found

Threat locker?

So I I've been in the cyber security industry for a long time. Well, before it was even called cybersecurity, and I've done everything from enterprise it to white hat, a red team, blue team, uh, and as the years have gone on, we've seen more and more challenges or, um, small businesses. And my initial starting point was enterprise. And in the enterprise world, we kind of do things a certain way. We don't implement antivirus. Well, we do implement antivirus, but we don't rely on antivirus. We don't rely on detection. We implement a lot more controls and, uh, and you know, zero trust models and zero trust is a big buzzword today, but we take that kind of default deny approach in the enterprise world. And I previously had an email security company I'd sold that. And I was working on a number of recoveries for ransomware. Ransomware was the big thing we're in 2014. And I got asked to help a lot of MSPs recover from ransomware attempts. And I was trying to convey that you guys are doing this wrong. You can't rely on this. This was security. You need to implement a default deny approaches. You need to implement application white. And, and I was kind of banging my head against a wall. Everyone was looking at me like I had 10 heads or something. So I went off and said, look, let me help you with this and realize that I can see why they're not doing it now. Then it's too hard. It's one practical for an MSP or any kind of midsize or small business to implement a zero trust approach because there's too much overhead. There's too much management. So, and that's kind of where the idea of threat locker came from. We said, we've got to bring these tools that are being used by the department of defense being used by bank of America and big organizations. And we need to make them available and manageable for the MSP world and for the rest of the world, that isn't bank of America.

So what are the services that MSPs will need to offer in 2021 to thrive in this new normal? And are there any services that maybe become less important in 2021? Yeah. I mean, I think that a lot of what we're doing now, even when things open up and get back to, you know, what we call normal, um, things, a lot of what we're doing now is going to stay right. There's going to be a lot more companies that would be open to work from home. There'll be companies that embrace hybrid or in, in may that just say, you know, I don't want to pay for an office anymore. And I think, um, a lot of the services that are helping people work remotely now are still going to be extremely important going through next year. So I think security becomes really, really important as the network becomes much harder to secure when you're dealing with people's home networks and you don't control the entire network and all the kit, um, that's on there. Um, and then, uh, remote management tools to easily deploy software remotely when you can't physically access the machine is going to become, um, are going to continue to be extremely important.

This is a,

A pretty big topic. We keep hearing a lot, um, and,

Uh, compliance. Um, it's an aspect that, uh, we've discussed on this podcast previously with a couple other people and, uh, you know, and we expect the need for compliance services to grow in 2021. Um, how can MSPs, who may feel hesitant about compliance take advantage of this opportunity and what technologies do they need to address? Um, I mean, how do they address this growing field?

Yeah, I mean, automation here, I think is a big key to this and, you know, using tools that automate this process. So they don't have to do all of the heavy lifting of the, um, managing the, the compliance frameworks and making sure that the customer is fully compliant, uh, tools like compliance manager have the entire, um, set of, uh, of controls you need for multiple different compliance frameworks built into the systems. You don't need to be an expert in them, and then it automates the audit process. So you can get the overwhelming majority of your audit done with a fully automated scan of a network. So checking out tools, I can say a compliance manager can really help with that. And of course, um, Dan is, as you're well aware, part services can help them with actually selling compliance, right? So if you've never done a compliance still, you don't know how to go out and drum up business for it, or, um, actually close a client hard services that content library that can really help drive, um, your business in and, um, generating demand for compliance services. And then of course, um, uh, closing out the deals as well.

Got a final question for you guys in terms of predictions, as we go into 2021, in terms of the M and a space in the MSP space, what do you guys think this is going to look like in 2021,

It's going to be hot. I think that, um, most of the large MSPs that are roll-ups that I talked to in the summer were kind of hands-off, they're kind of wait and see by late summer, early fall, they were getting ready to start buying again. And I, that trend has continued all throughout the fall and into early winter. Um, I think that we're going to see a lot of M and a activity.