Are you up to speed with the latest cybersecurity challenges faced by managed service providers (MSPs) in EMEA? Read on to learn from Pax8 security expert Mostyn Thomas, who shares what he has learned from talking to partners and attending events across the region in the first half of 2024.
Mostyn Thomas, Senior Director of Security at Pax8, is a key figure in the cybersecurity space. He represents Pax8 at external events and delivers the popular Cybersecurity Masterclass events to partners. With a solid MSP background and extensive experience in the security landscape, Mostyn is a respected and trusted voice in the channel.
2024 events
Pax8 has hosted several Cybersecurity Masterclasses across EMEA so far this year, recently expanding this highly anticipated event into new regions, including the Nordics, Baltics, Benelux and DACH. We have also enhanced our masterclasses by introducing partner panel discussions to make things more relevant to our partners’ experiences.
To build on the excellent engagement we get at these events, we are excited to announce the launch of the Pax8 Cybersecurity Masterclass #201, which focuses on providing proven strategies for MSPs to effectively sell cybersecurity solutions to their clients. It is a natural progression for those who have attended our initial masterclasses. The event will equip attendees with the tools and techniques to find process gaps that leave clients more vulnerable to cybersecurity threats as well as provide actionable insights to mitigate these risks effectively. Keep an eye on the Pax8 events page for details of upcoming sessions.
In addition to hosting Pax8 events, I have been lucky enough to attend a number of insightful industry events this year, including CompTIA cybersecurity events in London and the Netherlands, the Cloud & Cyber Security Expo in Birmingham and the Stockholm Tech Show. These events have provided us with invaluable opportunities to engage with partners and gain a deeper understanding of their specific cyber challenges to help shape our future initiatives.
Cybersecurity challenges in EMEA
To protect your clients from cyberattacks, it is crucial to stay informed about the evolving threat landscape. The following are the main cybersecurity challenges in the EMEA region, each requiring proactive strategies for enhanced protection.
Credential theft
Cybercrime is a global business, and everyone is vulnerable. Among the most pressing cybersecurity threats that EMEA partners must be aware of is credential theft. Since the launch of ChatGPT in November 2022, vishing, smishing and phishing attacks have increased by 1,265%. Once stolen, credentials can be used many times to break into systems, perform social engineering and facilitate many other scams and cybercrime.
MSPs must ensure that their clients understand the significance of this threat. They should advocate for improved security by strongly recommending that their clients use password managers, set up multi-factor authentication (MFA) on all systems and consider going further with single sign-on (SSO) or biometric-controlled systems. Spear phishing and phishing are the number one attack vectors that cybercriminals use to gain credentials, yet we still see many businesses without sufficient knowledge or protection.
Supply chain attacks
In EMEA, supply chain attacks are another area of concern. ‘Supply chain compromise of software dependencies’ is the highest-ranking threat in the European Union Agency for Cybersecurity’s (ENISA) Foresight Cybersecurity Threats for 2030 report.
A supply chain attack is a type of cyberattack carried out against suppliers or service providers of a business to gain unauthorised access to that business’s systems or data. Attackers target less secure elements in the supply chain to infiltrate into connected networks. There have been some recent high-profile attacks, such as the recent ransomware attack on London hospitals, caused by hackers targeting a hospital supplier, resulting in long-term implications for patients. Examples like this highlight the need for regular supply chain reviews, and businesses must do their due diligence to properly vet suppliers and their associated supply chains before engaging.
AI and cybercrime
Advancements in artificial intelligence (AI) are supercharging the reach of cybercrime. However, AI itself is not the threat; it just adds fuel to the fire. AI helps make phishing emails completely believable, enables deepfake voice calls in social engineering and allows criminals to exploit software vulnerabilities faster. The cyberthreats themselves will not change, but AI will make them more efficient, accessible and believable.
AI will most likely bring new threats in the future, but we are currently dealing with existing threats that are becoming more powerful through AI. It is also important to highlight the role of AI in fighting cybercrime. AI is an amazing force for good; for example, security solutions use machine learning to run millions of possible scenarios to flag potential malware and new threats.
The future challenges on my radar are identity management and the implications of AI-generated deepfakes. We are early in the game regarding deepfake video and voice imitation, but it will likely become something that MSPs must focus on over the next few years. I am paying close attention to this area, and Pax8 is committed to ensuring our partners are informed of the latest developments in the threats landscape and how to protect against them.
Regulatory compliance and the NIS2 Directive
This year the Network and Information Security (NIS2) Directive is a key focus for Pax8 EMEA partners. NIS2 is legislation aiming to achieve a high common level of cybersecurity across the European Union (EU). MSPs and their clients will be included in this directive and should know how to implement controls to comply with it. Appropriate measures include 24/7 monitoring, vulnerability management, a robust incident response plan and NIS2-compliant reporting procedures.
This increased visibility of cybersecurity across the region creates an excellent opportunity for MSPs to start a conversation about cybersecurity with their clients to ensure they are protected and compliant. Small and medium-sized businesses (SMBs) will look to their MSPs to help them achieve NIS2 compliance, so now is the time to act. At Pax8, we are dedicated to supporting our partners in achieving compliance by providing comprehensive cybersecurity training, essential resources and impactful events.
Choosing the right solutions
Another challenge partners face is selecting the right solutions for their clients. A wealth of security solutions are available, each with a slightly different offering, and it can be a complete minefield for partners to navigate. This is where the Pax8 team can help, providing our partners with expert advice and guidance to better identify their clients’ security needs. Furthermore, the new Pax8 Marketplace offers game-changing features, assisting partners in identifying clients with security gaps and capitalising on new sales opportunities.
Conclusion
The current cybersecurity landscape presents both challenges and opportunities in the EMEA region. Pax8 is dedicated to helping our partners navigate this complex environment, offering access to an extensive array of security resources, on-demand training and in-person events.
Make the most of your partnership with Pax8. Check out our events page to stay informed about our upcoming Cybersecurity Masterclasses and discover which industry events we are attending across EMEA in the coming months.
