Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    “Five Eyes” Nations Cybersecurity Authorities Issue Warning to MSPs of Stepped-Up Cyberattacks

    “Five Eyes” Nations Cybersecurity Authorities Issue Warning to MSPs of Stepped-Up CyberattacksThe world’s five leading cybersecurity authorities have again issued a joint report about an increase in malicious cyber activity targeting managed service providers they expect to continue.

    If you’re not familiar with the “Five Eyes”, it’s a term used to reference the cybersecurity agencies in the United Kingdom (NCSC-UK), Australia (ACSC), Canada (CCCS), New Zealand (NCSC-NZ), and the United States (CISA, NSA, and FBI). These agencies have independently issuing warnings over the last few years, but it’s only now that the problem of cybercriminals attacking managed service providers (MSP) has become a problem.

    Much like the increases in supply chain attacks that have been observed over the last 2 years, MSPs serve the same purpose to a cybercriminal – providing elevated access to a multitude of customers by attacking the one MSP.

    In the “Five Eyes” joint report, several recommendations are made:

    • Improve the security of vulnerable devices including vulnerability management for all devices, with special focus on VPN solutions that provide external access.
    • Protect internet-facing services with particular focus on protecting against credential stuffing.
    • Defend against brute force and password spraying where pwned or compromised credentials can be used to attempt to gain access to MSP resources or networks.
    • Defend against phishing by using Security Awareness Training to educate users on how phishing attacks work, as well as phishing testing as a feedback loop to understand which users in your environment pose the greatest risk (and need more training).

     

    Return To KnowBe4 Security Blog

    Get Your Customized Automated Security Awareness Program, ASAP!

    Many IT pros don’t exactly know where to start when it comes to creating a security awareness program that will work for their organization.

    We’ve taken away all the guesswork with our Automated Security Awareness Program (ASAP).

    ASAP is a revolutionary tool for IT professionals, which allows you to create a customized Security Awareness Program for your organization that will show you all the steps needed to create a fully mature training program in just a few minutes!

    asap-monitor-1Here's how it works:

    • Answer seven questions about your organization’s goals, compliance needs, and culture
    • ASAP recommends suggested training content based on your answers
    • See a detailed calendar with a customized task lisk to get your program started
    • Easily export detailed and executive summary PDF versions of your program
    • Get a fully mature awareness program ready in 5 minutes

    Get Started Now

    PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

    https://www.knowbe4.com/automated-security-awareness-program

    Topics: Security Awareness Training, Cybercrime, Cybersecurity

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews