As MSPs become more frequent targets for cyber attacks, industry leaders and other stakeholders have encouraged firms to adopt established cybersecurity industry standards. The goal of doing so is for MSPs to increase their level of internal security to protect themselves and, by extension, their customers.
Frameworks provide step-by-step instructions and best practices for risk mitigation, such as developing security awareness training programs, preventing email-based attacks, and protecting servers and web services. MSPs have multiple cybersecurity industry standards to choose from. Popular frameworks include the National Institute of Standards and Technology (NIST) Cybersecurity Framework; CIS Controls; and ISO frameworks. More recently, IT management software vendor ConnectWise introduced its own MSP-specific cybersecurity guidelines, dubbed the MSP+ Cybersecurity Framework.
“Because these frameworks offer specific guidance, they can be very effective for MSPs looking to improve their security policies or even get started with putting together a plan,” said Lewis Huynh, CSO for NinjaRMM, an MSP software vendor. “These frameworks aren’t necessarily a one-size-fits-all…
