Simplifying the Stack for MSPs to Defend Against the Modern Threat Landscape
Justin Weller, Director of Business Development at Blackpoint Cyber, presented the following keynote at XChange NexGen 2023: "Who is Blackpoint Cyber? Well, Blackpoint Cyber we're a cybersecurity innovator and we're hacker disruptors. And what we do is we provide a cybersecurity ecosystem that's powered by 24/7 managed detection and response technology for Windows and Mac devices that focus solely on the tradecraft side of the House. And who we serve is small to medium sized businesses, MSPs and enterprise level organizations around the world. So why do we do what we do? Essentially, we want to deliver an ecosystem of security products that are based on industry best practices allows you to standardize, simplify, and most importantly, create a high watermark for cyber resiliency. If you don't know what to protect, you can't protect it, right? This is where we're going to take a look at things like network maps. We're going to want to make sure we have great documentation now that we know what to protect. We got to harden it. We got to harden the network. We got to harden the systems. This is going to be just basic I.T. hygiene, right? This is going to be multifactor authentication, principle of least privileged. Listen, Kaseya did a pretty good job in responding to that from a cybersecurity standpoint. That's all I'm going to say there. Okay. They did a good job. And the reason why is this what it allowed them to do is they immediately took down the cloud version of the RMM because they didn't know where the breach was, which has allowed an organization like ours to be able to go in and immediately isolate all of the devices that were on premise. So for us, Kaseya was a non-issue. Hey, Mr. and Mrs. End User, here's what we have done as an MSP. We are focused on cybersecurity. We start with cybersecurity. We have industry standard best practices. Here's what defense in depth means, here's what frameworks are, here's what we've built and here's how we've aligned ourselves to it. As new attacks come forward, we're staying ahead of the game and we are going to continue to add pieces to these pillars to keep you as far from that as possible. However, in the worst case scenario, the best laid plans of mice and men right? If that were to happen in something where we've still got you taking care of on the recovery side of the house as well. This is how you sell cybersecurity today. Fear, uncertainty and doubt is a terrible way of selling it. If you spend your entire time talking to your customers about the boogeyman, that's going to come get them. Do you want to know what doesn't happen that often? Boogeymen don't come and get them that often. But I still got to have business continuity and disaster recovery, right? It's the same exact process. It's where we're at today. So what this allows you to do by standardizing your stack and aligning it to industry standard best practices, whether you use our stack or you don't. Listen, I love our stack. It's orchestrated. We see things. Everything comes into our platform. We see the attacks unfolding as they come along. But if you build it yourself, align it to something that way, it's easily to digest from your customers. And now you can say, Hey, we're forward thinking. What we do is we align ourselves to industry standard best practices. It allows you to put the cart before the horse. The value is in that not and whether or not they caught something. The current battle. So here's what we're kind of seeing a lot of. We're seeing a lot of cloud compromise business email compromise through the roof, through the roof, initial access we're seeing exposed ports for some reason. For some reason, people started opening ports back up again. Ransomware pre and post attack. We're seeing watering holes. Lateral movement is the biggest thing that we're seeing live off the land technology, but also RMM tool abuse. We provide solutions for SOC analysts. APG intelligence is what fuels our product innovation and the industry threat bulletins and publications are coming out from that. If you do decide to come on, take a look at us at Blackpoint here. What we also do is we offer a lot of great resources for MSPs. We've got Blackpoint University, there's a cool sales talk tracks that are in their finance talk tracks that are in their insurance talk tracks that are in there. Our Adversary Pursuit group, we give you dedicated support, personal assistance, partner success manager and then market development funds. We want to be able to kind of raise you up. Awesome. Thanks, everybody. Really appreciate you guys."