When the Cybersecurity and Infrastructure Security Agency (CISA) issued a Cybersecurity Advisory (CSA) for MSPs in May 2022, the detailed alert described how MSPs and MSSPs could more effectively secure and protect their software supply chains.
Dig a little deeper, and the advisory included these five backup and disaster recovery (BDR) best practices for MSPs and their end-customers:
- Organizations should regularly update and test backups—including “gold images” of critical systems in the event these need to be rebuilt.
- MSPs should regularly backup internal data as well as customer data (where contractually appropriate) and maintain offline backups encrypted with separate, offline encryption keys.
- Providers should encourage customers to create secure, offsite backups and exercise recovery capabilities.
- Customers should ensure that their contractual arrangements include backup services that meet their resilience and disaster recovery requirements.
- Specifically, customers should require their MSP to implement a backup solution that automatically and continuously backs up critical data and system configurations and store backups in an easily retrievable location, e.g., a cloud-based solution or a location that is air-gapped from the organizational network.
FBI, CISA: Repeated Security Warnings to MSPs
MSPs have received multiple FBI and CISA warnings in recent years — many of which have described how hackers are targeting MSPs.
The fallout of MSP-oriented cyberattacks can be massive. Indeed, a cyberattack on a single MSP or MSSP could wreak some $80 billion in economic losses across hundreds of small businesses, according to a 2021 report issued by Foundation for Defense of Democracies’ (FDD’s) Center on Cyber and Technology Innovation (CCTI) and Intangic.
