At The Identity Organisation, we're here to help!

    Or drop us a mail!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail info@tidorg.com with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038 info@tidorg.com

    “Five Eyes” Nations Cybersecurity Authorities Issue Warning to MSPs of Stepped-Up Cyberattacks

    The world’s five leading cybersecurity authorities have again issued a joint report about an increase in malicious cyber activity targeting managed service providers they expect to continue.

    If you’re not familiar with the “Five Eyes”, it’s a term used to reference the cybersecurity agencies in the United Kingdom (NCSC-UK), Australia (ACSC), Canada (CCCS), New Zealand (NCSC-NZ), and the United States (CISA, NSA, and FBI). These agencies have independently issuing warnings over the last few years, but it’s only now that the problem of cybercriminals attacking managed service providers (MSP) has become a problem.

    Much like the increases in supply chain attacks that have been observed over the last 2 years, MSPs serve the same purpose to a cybercriminal – providing elevated access to a multitude of customers by attacking the one MSP.

    In the “Five Eyes” joint report, several recommendations are made:

    • Improve the security of vulnerable devices including vulnerability management for all devices, with special focus on VPN solutions that provide external access.
    • Protect internet-facing services with particular focus on protecting against credential stuffing.
    • Defend against brute force and password spraying where pwned or compromised credentials can be used to attempt to gain access to MSP resources or networks.
    • Defend against phishing by using Security Awareness Training to educate users on how phishing attacks work, as well as phishing testing as a feedback loop to understand which users in your environment pose the greatest risk (and need more training).

    Get Your Customized Automated Security Awareness Program, ASAP!

    Many IT pros don’t exactly know where to start when it comes to creating a security awareness program that will work for their organization.

    We’ve taken away all the guesswork with our Automated Security Awareness Program (ASAP).

    ASAP is a revolutionary tool for IT professionals, which allows you to create a customized Security Awareness Program for your organization that will show you all the steps needed to create a fully mature training program in just a few minutes!

    Here’s how it works:

    • Answer seven questions about your organization’s goals, compliance needs, and culture
    • ASAP recommends suggested training content based on your answers
    • See a detailed calendar with a customized task lisk to get your program started
    • Easily export detailed and executive summary PDF versions of your program
    • Get a fully mature awareness program ready in 5 minutes
    Get Started Now!

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/asap-partner?partnerid=001a000001lWEoJAAW

    Sign Up to the TIO Intel Alerts!

    Back To Top