Cyber Threat Intelligence

Interview: Raffael Marty On How MSPs Can Secure Their Customers Amid A Turbulent Threat Landscape

ConnectWise’s Raffael Marty discusses the need for businesses to visualize their networks amid a turbulent threat landscape, the main challenges businesses are facing when it comes to harnessing their data, and how MSPs can help solve those challenges.

RaffaelMarty-ConnectWise-Interview

As the risks from cybercrime continue to rise, small- and mid-sized businesses are increasingly turning to their MSP partners for help improving their security resilience. But this can often be a challenge for MSPs as they tend to have a general focus on IT services, rather than cybersecurity. 

“We work with tens of thousands of managed service providers that are providing services to small and medium businesses,” Raffael Marty, EVP and General Manager of Cybersecurity Management at ConnectWise tells, Expert Insights. “Some of them have very small security staff, or no security staff. They’re supplying IT services.”

Raffael is a recognized thought leader in the cybersecurity and data analytics space, having authored two authoritative textbooks on how businesses can transform their data into meaningful security information. In his current role, Raffael uses his expertise to build innovative product strategies, elevate and motivate teams, and drive shareholder value.

In an exclusive interview with Expert Insights at RSAC 2023, Raffael discusses why organizations need to be able to visualize their networks amid a turbulent threat landscape and the main challenges businesses are facing when it comes to harnessing their data. He explains how ITSPs and MSPs can help solve those cyber challenges and how ConnectWise’s Asio platform can help fuel long-term growth for service providers.

You can listen to our full conversation with Raffael on the Expert Insights Podcast.

We Need To Integrate Our Security Tools 

Moving into the MSP space has been “eye-opening,” Raffael says. As well as supporting their clients with traditional IT services, MSPs are often offering “10 to 12” different security products to help secure their clients against cybercrime. This often starts with security awareness training to help users recognize and avoid phishing attacks. A truly comprehensive security package, however, should include vulnerability management and endpoint detection and response (EDR) to help ensure that if a client is affected by a vulnerability, it can be detected and remediated quickly.

“Vulnerability management is probably one of the most important things; [it ensures] that you understand what’s in the network, making sure you have no vulnerabilities. Our MSPs often start with EDR. Most of the time MSPs use [ConntectWise’s] managed EDR to deliver the service, because then they don’t have to run a 24/7 operation. If an alert goes off at two in the morning, they don’t have to pick up the phone right away and respond; our SOC team can. You want to be able to respond as quickly as possible.”

It is also important for MSPs to have strong network protection in place, Raffael says, “because you can have IoT devices, or machines that you cannot manage. [ConnectWise’s] SIEM comes in there. We can help protect the network layer, and make sure everything is covered. And then you add on email security and continue down this path depending on the technology stack of the customer.”

SaaS is another important security consideration for MSPs, Raffael explains. SMBs are relying on SaaS applications more than ever, with 56% of SMBs using five or more cloud-based apps to run their companies today. “More and more [data] is going into SaaS applications. You put your files into DropBox, or you use WorkDay, or Salesforce. SaaS security is very, very important as well.”

The range and scope of security services that MSPs have to manage—from EDR, to email security, to SaaS protection—can put extra complexity into the MSP workflow. “An MSP literally spends six to eight hours inside of a ticketing system because of customer submitted tickets,” Raffael says. “If you have the security tools on the side, you want the security tools in there as well, because otherwise they have to jump around between different systems. It’s crucial that all our security tools are integrated into the PSA [Professional Services Automation] and the RMM.”

“One of the largest concerns for MSPs is that they want more automation, and they want to have simplification,” Raffael says. “This is really where we come into play as ConnectWise—we do sell security services to MSPs, but also the unified monitoring, management, and the business management services. […] These are all about helping them run their business, from billing, quoting, ticketing, and tracking time. For the MSP space, it’s crucial that not just security, but RMM and PSA are integrated as well. That saves you so much time, and you get data that helps with security. That is absolutely crucial for MSPs.”

The ConnectWise ASIO platform aims to solve these challenges by offering a unified platform for MSP services, including RMM and their security services, such as vulnerability management. This means that “when the RMM finds a device, it will automatically show up in vulnerability management, which scans the device and uses the RMM straight away,” Raffael explains. “So, all these things are starting to play together.”

MSPs Are “In The Crosshairs” Of The Threat Landscape

Looking to the future, cybercrime is “not going to get any better,” Raffael predicts. “We’ve already seen with ransomware: it’s still around; it’s getting worse. The bad guys are making money with this stuff. And as long as they make money, they will be around.” 

Ransomware, in particular, was primarily targeting large enterprises for a long time, but now, SMBs and MSPs directly are being targeted by ransomware attacks. By targeting MSPs, cybercriminals can essentially multiply their return, Raffael explains. As attacking an MSP can also affect the critical services they run for their SMB clients, giving the attacker access to those clients as well as the initial MSP target. 

“We’re working with all of our partners to make sure they are secure themselves. We have something we call the ‘partner program’, where we help companies build and grow their security business—and one of the first steps when they come in is about getting their own house in order, making sure they are secure. Then they can apply the same techniques to help them keep their customers secure.” 

“The threat landscape will continue seeing MSPs in the crosshairs. On the MSP side, it’s not just the broad scale, very simple attacks anymore. They’re getting smart and targeted. AI plays some role in terms of the bad guys being able to scale quicker, because now they can leverage those systems and adapt their attacks to the target, and they can do that automatically. We’ll see quite a lot of this going on this year. I don’t see any slowdown; it’s just going to get worse. You have to be ready.” 

Listen On Spotify:

Listen On Apple Podcasts

About Expert Insights

Expert Insights provides leading research, reviews, and interviews to help organizations make the right IT purchasing decisions. You can find all of our podcasts here.