Digital Risk Protection is an easy add-on to an MSP’s cybersecurity offering that is becoming ever more useful in the fight against cybercrime. James Goulding finds out more from Skurio CMO David Chalmers
With growing awareness of the need for layered defences against cyber criminals, shouldn’t MSPs be adding Digital Risk Protection (DRP) to their services portfolio? Skurio certainly thinks so.
As part of its broader channel strategy, which also includes a major focus on international expansion in the Middle East through a growing relationship with regional distributor Bulwark Technologies, Skurio has been making significant inroads in the UK’s MSP community.
Chief Marketing Officer David Chalmers says that much of the impetus for this has come from MSPs themselves.
“Over the last year we’ve been very much focused on international expansion, but at the same time we’re continuing to grow in the UK and continuing to add partners, especially on the managed service provider side. MSPs are coming
to us because they want to offer a Dark Web monitoring service or a post-breach investigation service. That’s been a big step change in the last year; people coming to us, saying we need to offer these services.”
He describes partnerships with MSPs as ‘a big part of the way forward’, pointing out that at a time of rapidly evolving cyber risks, such as the emergence of ransomware-as-a-service, more regulations and a severe shortage of people with cybersecurity expertise, small and medium-sized organisations are increasingly looking to outsource their cyber security to MSPs or specialist MSSPs, for which the Skurio platform is an attractive addition.
“MSSPs normally offer traditional network monitoring, network protection and endpoint protection services, and what we provide is very synergistic to that. We enable MSSPs to say ‘We’re already monitoring for threats and breaches inside your network. Now we can also monitor outside your network.’ It’s a very simple add-on for them and doesn’t require much effort to expand wallet share with those customers.”
As an example, he cites Nasstar’s recently launched cybersecurity service
for SMEs, which does all the basics like Microsoft 365/on-prem scanning, EDR, training and patching but also includes the Skurio platform for digital risk protection – “It’s a starter package that provides DRP as well as those elements that are traditionally required for IT security services,” explains Chalmers.
He adds that Digital Risk Protection services are also of value to MSPs that have not yet developed a significant cyber- security capability.
“Managed service providers that offer generic IT services, whether it’s managing Microsoft 365 or Outlook, are looking for ways to grow their business. Cyber security is quite a tricky area to get into beyond simple email monitoring or virus checking, but this solution is so straightforward and easy to use that you don’t need to be an expert cyber threat intelligence analyst to run our product. Unlike many threat intelligence services, which are like a NASA control room in terms of their user interface, ours is deliberately simple and straightforward.”
While Chalmers concedes that DRP might once have been considered non- essential, he argues that it makes sense for a business that is investing in services to patch Windows environments, say, to use Skurio’s automated monitoring services to check the surface, deep and Dark Web for evidence of any breach (known or unknown) that might have already occurred.
“The Dark Web is obviously really hard for businesses to investigate manually and the automated monitoring capability we have really solves that problem for them. But we also look at Reddit and Telegram and other social media platforms, as well as pastebin sites and dump sites where people put sample datasets. We cast a wide net.”
Knowing that Skurio is looking out for mentions of a company name on the Dark Web or instances of its data being offered for sale gives businesses reassurance that their data is safe or, if it is discovered, that they can act quickly to address a breach – something that has become important now that cyber criminals have changed ransomware tactics and no longer just lock down a victim’s data but also exfiltrate it and sell it on regardless of whether the ransom is paid or not.
New monitoring services
In the last 12 months, Skurio has expanded its core monitoring and post-breach investigation services with additional capabilities, including domain registration monitoring, which looks for domains that replicate or spoof a client’s own domain, for example by switching letters or using a Cyrillic character in place of a Roman one or adding a plausible prefix/suffix.
“Ransomware attacks, phishing attacks and malware attacks generally all use a fake domain with a fake email address or a fake website and try to get people to go there and then steal their information or spread malware. We now have a monitoring service, where you can put in all your domains, and we will alert you if a spoof is found so that you can ask the authorities for it to be removed or get it put on the Google watch list or put it into email spam filters,” says Chalmers.
“In the last year we’ve also done large- scale customer data monitoring so that if there is a data breach and customer data is found you can identify whether it was your systems that were breached or those of another supplier with the same customers. We can pull in data from your database, in a safe and secure way, and match it against any data breaches that are found to see whether you are the source.
“In this context, we have something called Marker, which creates synthetic identities to place into customer databases, so that if they appear in a breach you will know with 100% certainty that it is your data that has been impacted. We also have an email listening service, so that if you start receiving spam emails to a fake identity, you will know that your data has been stolen.”
MSPs can deploy Skurio monitoring services on a constant 24/7 basis or on a project basis, perhaps as part of a post- breach or post-ransomware investigation, with a variety of subscription options to meet varied requirements.
“There’s an annual subscription for MSPs that want to provide the full monitoring services, with different levels depending on what they will be offering – introductory, core and advanced. MSPs can also take a licence for a two-month or three-month project and pay on a periodical basis so they are not paying large amounts upfront. We also offer an NFR licence that MSPs can use to run demos for customer acquisition purposes.”
Chalmers adds that Skurio is also exploring options that would enable
an MSP effectively to rent its platform rather than pay for annual licences and subscriptions up-front, which he says might suit partners that want to offer a managed service on-demand without having to invest in the tools needed to deliver that service before they generate any service revenue.
Because of the different paths open to MSPs, Skurio is likely to take a more hands-on approach with those relationships, leaving its distribution partners – CMS Distribution in the UK and Ireland; Multipoint Group in Eastern Europe, Southern Europe and Israel; and Bulwark Technologies in the Middle East – to recruit and develop relationships with VARs.
Skurio is currently actively looking to recruit new partners via ether route as it believes MSPs and VARs have a vital role to play in strengthening the cyber defences of small and medium-sized businesses so that their data – and their customers’ data – remain safe, while also ensuring that data owners stay compliant with evolving privacy and security regulations.
“Cyber Threat Intelligence is normally for big banks and big organisations with armies of intelligence analysts, but there needs to be solutions that are available to small and medium-sized organisations, that are affordable and that they have the resources to run. That’s a big challenge. Together, Skurio and MSPs are part of the solution.”