Access conversations among Managed Service Providers (MSPs), Datto experts, and other thought leaders on trends in the channel, emerging opportunities for MSPs, and innovative best practices that will help you grow your business.
…
continue reading
The CyberCast is purpose built for MSPs, MSSPs and IT Practitioners.In each episode you will learn about a new security control, how it maps to the different frameworks, the impact it has, building a policy around it, how the threat actors exploit it - via MITRE ATT&CK - what you can do to defend against it - MITRE Shield, common mistakes or oversights made when implementing into their tech stack and trends.Sponsors:Datto - CIS Control 3 - Data ProtectionNetwrix - CIS Control 3 - Data Protec ...
…
continue reading
1
CIS Control 18 - Penetration Testing - Sponsored by Hacket Cyber
1:06:26
1:06:26
Play later
Play later
Lists
Like
Liked
1:06:26
Penetration testing is something that more companies and organizations should be considering a necessary expense. Pen Testing is an important aspect of discovery and identifying potential critical vulnerabilities within your organizations external network, internal network, applications, or systems. They provide a valuable insight on how your digit…
…
continue reading
1
CIS Control 17 - Incident Response Management - Sponsored by Exigence
53:38
53:38
Play later
Play later
Lists
Like
Liked
53:38
The biggest takeaway from CIS Control 17 is that planning and communication are critical when responding to an incident. The longer an intruder has access to your network, the more time they’ve had to embed themselves into your systems. Communicating with everyone involved can help limit the duration between attack and clean-up. Establish a program…
…
continue reading
1
CIS Control 16 - Application Software Security - Sponsored by Manicode
1:06:54
1:06:54
Play later
Play later
Lists
Like
Liked
1:06:54
CIS Control 16 - Application Software Security The way in which we interact with applications has changed dramatically over years. Organizations use applications in day-to-day operations to manage their most sensitive data and control access to system resources. Instead of traversing a labyrinth of networks and systems, attackers today see an openi…
…
continue reading
1
CIS Control 15 - Service Provider Management
1:02:48
1:02:48
Play later
Play later
Lists
Like
Liked
1:02:48
LastPass and the recent Rackspace Exchange incident are two prime examples of "why" this Control is Critical!! Develop a process to evaluate service providers who hold sensitive data, or are responsible for critical IT platforms or processes, to ensure these providers are protecting those platforms and data appropriately. Identify your business nee…
…
continue reading
1
CIS Control 14 - Security Awareness and Skills Training - sponsored by Phin Security
1:17:30
1:17:30
Play later
Play later
Lists
Like
Liked
1:17:30
MSP/MSSPs should offer solutions to provide users with frequent security awareness training to increase its overall security posture. The information provided by the security awareness training should be relevant and provide insights into recent security incidents. Training should also reiterate the necessity of using strong passwords, spotting and…
…
continue reading
1
CIS Control 13 - Network Monitoring and Defense - sponsor by ConnectWise
1:06:16
1:06:16
Play later
Play later
Lists
Like
Liked
1:06:16
Network monitoring and defense is one of only two controls that does not contain any Implementation Group 1 Safeguards in Controls version 8. This control is geared towards mature MSPs, MSSPs & organizations who have a mindset of continuous improvement that involves people, process, and technology. Service providers need a well-trained staff that e…
…
continue reading
1
CIS Control 12 - Network Infrastructure Management - sponsored by Domotz!
57:28
57:28
Play later
Play later
Lists
Like
Liked
57:28
Abstract: Network Infrastructure Management - Establish, implement, and actively manage network devices, in order to prevent attackers from exploiting vulnerable network services and access points. Network infrastructure devices can be physical or virtual and include things such as routers, switches, firewalls, and wireless access points. Unfortuna…
…
continue reading
1
CIS Control 11 - Data Recovery - sponsored by Datto!
1:04:20
1:04:20
Play later
Play later
Lists
Like
Liked
1:04:20
Abstract: Data loss can be a consequence of a variety of factors from malicious ransomware, threat actors using "Double Extortion" and exfiltration, human error and natural disasters like hurricanes. Regardless of the reason for data loss, we need to have a process established (RPO/RTO) to recover our data. Key Takeaways for Control 11 Prioritize y…
…
continue reading
1
CIS Control 10 - Malware Defenses - sponsored by Malwarebytes!
48:34
48:34
Play later
Play later
Lists
Like
Liked
48:34
Abstract: With the continuing rise of ransomware, malware defenses are more critical than ever before with regard to securing your MSP and clients. Malware defenses must be able to operate in a dynamic environment through automation, timely and rapid updating, and integrate with other processes like vulnerability management and incident response. A…
…
continue reading
1
CIS Control 9 - Email & Web Browser Protections - sponsored by Cisco Secure MSP
56:13
56:13
Play later
Play later
Lists
Like
Liked
56:13
Abstract: Web browsers and email clients are very common points of entry for attackers because of their direct interaction with users inside an organization. Content can be crafted to entice or spoof users into disclosing credentials, providing sensitive data, or providing an open channel to allow attackers to gain access, thus increasing risk to y…
…
continue reading
1
CIS Control 8 - Audit Log Management - sponsored by Blackpoint Cyber
59:43
59:43
Play later
Play later
Lists
Like
Liked
59:43
Abstract: Log collection and analysis is critical for an organization's ability to detect malicious activity quickly. Sometimes audit logs are the only evidence of a successful attack. Attackers know that many organizations keep audit logs for compliance purposes, but rarely analyze them. Due to poor log analysis processes, attackers sometimes cont…
…
continue reading
1
CIS Control 7 - Continuous Vulnerability Management - sponsored by CyberCNS
54:37
54:37
Play later
Play later
Lists
Like
Liked
54:37
Note we discuss Log4j as this is a very timely topic to this control. Abstract: Cyber defenders are constantly being challenged from attackers who are looking for vulnerabilities within their infrastructure to exploit and gain access. Defenders must have timely threat information available to them about: software updates, patches, security advisori…
…
continue reading
1
CIS Control 6 - Access Control Management - sponsored by Appgate
52:06
52:06
Play later
Play later
Lists
Like
Liked
52:06
Abstract: It is easier for an external or internal threat actor to gain unauthorized access to assets or data through using valid user credentials than through "hacking" the environment. There are many ways to covertly obtain access to user accounts, including: week passwords, accounts still valid after a user leaves the organization, dormant or li…
…
continue reading
1
CIS Control 5 - Account Management - sponsored by Keeper Security
1:04:31
1:04:31
Play later
Play later
Lists
Like
Liked
1:04:31
Abstract: There are many ways to covertly obtain access to user accounts, including: week passwords, accounts still valid after a user leaves the enterprise, dormant or lingering test accounts, shared accounts that have not been changed in months or years, service accounts embedded in applications for scripts, a user having the same password as one…
…
continue reading
1
Control 4: Secure Configuration of Enterprise Assets - sponsored by ThreatLocker
45:36
45:36
Play later
Play later
Lists
Like
Liked
45:36
Abstract: Learn why the number one thing organizations can do to defend their networks against top attacks, is to implement secure configurations! Azure Breach (8/26/2021): According To Wiz who found the CosmosDB Vulnerability, they quote: "Database exposures have become alarmingly common in recent years as more companies move to the cloud, and the…
…
continue reading
1
Control 3: Data Protection (part 2) - Sponsored by Datto
31:15
31:15
Play later
Play later
Lists
Like
Liked
31:15
Abstract: CIS Control 3 is Data Protection and data is pretty much what's at stake for a high percentage of cyber attacks. Data is more valuable than oil and it fuels many organizations. Many of the baseline security recommendations from all of the security frameworks out there now recommend, or REQUIRE if you’re in a regulated industry such as hea…
…
continue reading
1
Control 3: Data Protection (part 1) - Sponsored by Netwrix
25:16
25:16
Play later
Play later
Lists
Like
Liked
25:16
Abstract: CIS Control 3 is Data Protection and data is pretty much what's at stake for a high percentage of cyber attacks. Data is more valuable than oil and it fuels many organizations. Many of the baseline security recommendations from all of the security frameworks out there now recommend, or REQUIRE if you’re in a regulated industry such as hea…
…
continue reading
1
Control 1 & 2: Inventory Control of Enterprise Hardware & Software Assets - Sponsored by CyberCNS
39:34
39:34
Play later
Play later
Lists
Like
Liked
39:34
Abstract: There is a cybersecurity saying; “you can’t protect what you don’t know about.” Without visibility into your information assets, their value, where they live, how they relate to each other and who has access to them, any strategy for protection would be inherently incomplete and ineffective. Note sponsors are at the end at minute 28:30 Th…
…
continue reading
1
Multifactor Authentication (MFA) - sponsored by Cisco Duo
36:19
36:19
Play later
Play later
Lists
Like
Liked
36:19
Google reports that Multifactor Authentication (MFA) prevents more than 96% of bulk phishing attempts and more than 76% of targeted attacks that are credential based. In this episode, learn how MFA maps to the different security frameworks, the impact it has, building a policy around it, how the threat actors exploit it - via MITRE ATT&CK - what yo…
…
continue reading
In this episode, we invite MSPs to dive into Datto's latest Global State of the Ransomware Report and share their insights, experiences, and thoughts on the findings. You'll hear why security is at the top of the agenda for your peers Mitesh Patel, Managing Director at Fifosys, CEO at Engage Property Technology, and Dan Sharp, Sales Director, Mirus…
…
continue reading
Join Datto security experts Ryan Weeks and Christopher Henderson as they discuss the impact of the global pandemic on the cybersecurity landscape and what managed service providers should consider as they look to increase security efforts and protect their clients and their own businesses in 2021.Guests:Ryan Weeks, CISO, Datto, Inc.Christopher Hend…
…
continue reading
1
2021 Predictions for MSPs and the Channel
48:36
48:36
Play later
Play later
Lists
Like
Liked
48:36
t’s no secret that 2020 was a year filled with challenges for MSPs and the businesses they serve but in this episode Greg Jones, Business Development Director, EMEA Datto, is joined by Bob Petrocelli, Datto's Chief Technology Officer, to discuss their predictions regarding new opportunities and trends that might arise for MSPs in 2021.…
…
continue reading
1
MSP Origin Stories - Jobecca Technology Group, LLC.
48:10
48:10
Play later
Play later
Lists
Like
Liked
48:10
This episode is part of our MSP Origin series where we interview MSPs on how their business got started, challenges they’ve overcome, and tactics they’ve used for growth! In our latest episode we interview Datto Partner, Michael Einbinder-Schatz from Jobecca Technology Group, LLC. to discuss his MSP Origin story. We take a deep dive into how Michae…
…
continue reading