On April 19, 2022, the world’s leading software company dedicated to the success of IT solution providers, ConnectWise, announced a new Incident Response Service designed to help MSPs quickly and effectively respond to cyberattacks. The ConnectWise Incident Response Service is a comprehensive, end-to-end solution that helps MSPs rapidly assess and contain threats, minimize damage, and get back to business as quickly as possible.
- ConnectWise aims to help MSPs and their clients defend against cyberattacks with a new incident response service
- The ConnectWise Cyber Incident Response Service is designed to help MSPs quickly and effectively respond to cyberattacks
- The ConnectWise Cyber Incident Response Service will include a range of features such as a team of ConnectWise security experts who will work with MSPs to develop a custom incident response plan
MSPs are on the front lines of the battle against cybercrime, and they need all the help they can get. ConnectWise’s new Incident Response Service can be viewed as a major step forward in its mission to arm MSPs with the tools and resources they need to win the fight against cybercrime.
“It seems like a natural move for ConnectWise, being a prominent vendor in the MSP industry, to add value to their MSPs by providing cyber security services. I believe the move is smart for ConnectWise since they are already offering products, they just simply need to add on their services, and if you’re already a ConnectWise shop, then this would not be a substantial lift for ConnectWise to make,” said Nick Martin, Director of Managed Services at Mainstreet IT Solutions.
Can ConnectWise Help Level The Playing Field?
ConnectWise has always been about providing MSPs with the tools they need to be successful. The new Incident Response Service is yet another way they are aiming to help MSPs level the playing field against cybercriminals.
“The move by ConnectWise into an Incident Response Service business line is clearly a well-architected response to the recent spike in security incidents and a timely effort to open new avenues of revenue. The demand for this service is high and it makes sense that pre-existing MSPs might reach out to ConnectWise in a pinch for such needs, especially if they lack other immediate avenues of support. There is low-hanging fruit here that can be immediately harvested, so from a business perspective, this makes sense. It puts ConnectWise front and center with a large number of existing customers,” said Jeremy Kushner, Chief Executive Officer of BACS IT Consulting.
Said Michael Anderson, CEO & President of 365 Technologies, “In the wake of last year’s Kaseya ransomware attack and bad actors increasingly targeting MSPs for their access to client networks, MSPs are facing more stringent requirements to even qualify for cyber liability insurance. These requirements include having a robust incident response plan in place. For MSPs that do not have incident response resources on staff, ConnectWise’s new offering will allow them to meet these insurance requirements without taking on these expensive hires.”
Luis Alvarez, President and CEO of Alvarez Technology Group chimed in, “Many cyber insurance carriers are recommending or requiring that policyholders have a Breach Coach available in case of an incident, a third party that can help guide and represents the client throughout the process. Many insurance carriers are also no longer mandating the use of their own forensics and instead of leaving it up to the company that has suffered the breach to find someone to help. This is a smart move on the part of ConnectWise—-a natural evolution to their cybersecurity offerings.”
ConnectWise Throws Out The Lifeline
In ConnectWise’s 2022 MSP Cybersecurity Threat Report, the findings uncovered that there was a 10-15% increase in ransomware incidents by quarter in 2021, with 56% of ransomware incidents occurring in the second half of 2021. The ConnectWise Incident Response Service is a much-needed solution to help MSPs effectively respond to these attacks and avoid making mistakes that would prolong business disruption.
For MSPs and their clients who do not have the resources or expertise to effectively respond to a cyberattack, ConnectWise’s Incident Response Service provides a much-needed lifeline. Given the talent shortage, the increasing sophistication of cybercriminals’ techniques increasing, and the evolving regulatory landscape, MSPs need all the help they can get.
“I can see there being a strong market for an incident response team within the MSP market when it is already difficult to hire and keep cyber security experts. This can give many smaller MSPs access to expert advice as they navigate a cyber security incident together. The biggest thing that would play a factor would be the variables. It makes sense on “paper”, but once you’re in a cyber security incident together, that’s when there are a lot of emotions flying around from the customer, MSP, vendors, etc. Will ConnectWise be a value-add to the MSP when their backs are against the wall? Only time will tell,” said Martin.
Every second counts in the fight against a cyberattack, and one cyber threat or attack can easily cost an MSP millions of dollars in damages. ConnectWise’s Incident Response Service is a welcome addition to its arsenal of MSP tools and resources and will help MSPs better defend their clients against the ever-present threat of cybercrime.
“For MSPs, getting a cyber incident “right” is going to be a critical need so that they don’t get drug into court after the fact by their clients for negligence. The success of this new service, though, depends on ConnectWise educating its customers on how it works. They’re aiming for the majority of MSPs who have not set up a sophisticated cyber security practice and those folks will need help understanding why they need it,” said Alvarez.
Will MSPs Use The Incident Response Service To Amplify Their Defense?
Will MSPs be interested in ConnectWise’s new Incident Response Service? ConnectWise is banking on it. The company has made a significant investment in this new service, and its success will depend on MSPs’ willingness to use it. “ConnectWise’s plan to offer cybersecurity incident response services to MSPs represents a positive move for the company and should be of interest to MSPs,” said Anderson.
“I’m surprised they haven’t offered this already as they already acquired StratoZen for their SOC and most SOCs do this work. I think it’s a good move for them, but I like to keep my security vendors and my operations vendors separate. We use Sophos Managed Threat Response and we include it with every plan we offer”, said Eric Schueler, Senior VP of Information Technology at HRCT.
Said Kushner, “Raffael Marty, the General Manager of this new service line, comes from an extensive and storied background in the security space, so he is the right person to manage this new offering. Our immediate concern here, however, is that based on our experience with ConnectWise previously, can they move quickly and with a sense of urgency? Incident response is all about timeliness and ConnectWise has not shown previously that this is how they operate. Time and experience will show us how this plays out. We’ll be watching with a keen level of interest in the meantime.”
“We do not use any ConnectWise products, so I’m not sure this makes sense in our specific case for us to use. This seems to really stem from convenience and value-add for current customers. I know they are offering to non-customers, but the level of trust you would need to have in that vendor to let them offer cyber security services, such as incident response, would be substantial,” said Martin.
“With Managed Threat Response, if something gets by them they provide the incident response free of charge. Before we required MTR with every plan, we had a customer fall for phishing that ultimately ended with a ransomware attack. I can tell you from experience that after they filed their claim with their cyber insurance, that insurance company dictated every aspect of the incidence response, they hired the response team, the team replaced our AV, and we answered to them. It was a huge mess – especially since all the log data got erased the moment they removed our products,” said Schueler.
ConnectWise is not the only company offering incident response services, but its reputation and reach within the MSP community may give it a significant advantage. However, will ConnectWise’s recent acquisitions have any impact on how their Incident Response Service will impact MSPs?
“It’s very hard to give an accurate opinion on ConnectWise since they have no history with incident response. For example, both SentinelOne and CrowdStrike have a track record that can be referenced. For example, on a zero-day attack, will ConnectWise be the first to respond? ConnectWise did acquire Perch which is equivalent to AlienVault, which has a good track record. However, Perch alone doesn’t stop attacks they just let you know they are happening. So, bottom line is that we have no information as to how these combinations of acquisitions by ConnectWise will manifest themselves as an overall threat detection and response platform. Only time will tell,” said Anthony Buonaspina, BSEE, BSCS, CPACC, CEO and Founder of LI Tech Advisors.
ConnectWise’s new Incident Response Service may be a welcome sight to its MSP cybersecurity solutions. Incident Response services are needed in today’s threat landscape. MSPs must have the tools and resources to defend their clients against the ever-present threat of cybercrime. The ConnectWise Incident Response Service is available today.