5 Ways to Capitalize on the Security Skills Gap

Securing customers’ information is becoming more important than ever. Damages from cybercrime are expected to exceed $6 trillion annually by 2021. Malware is constantly evolving; DDoS attacks are on an exponential rise and ransomware is no longer just a threat to enterprise organizations, but to every company that is online.

With state-sponsored cyberattacks growing in frequency and sophistication and threat actors being governments and professional organizations who focus on hiring the best talent, the profile of a cybercriminal is no longer an early-twentysomething hacking from his mother’s basement.

It goes without saying, the cybersecurity field is in HIGH demand. There is a negative unemployment rate and a huge skills gap with an expected shortage of 2 million positions by 2019. Only one in three IT leaders believe they have the skills in-house to address their needs. That means demand for security professionals and solutions is only growing and it comes from businesses of all sizes and industries. That is where channel selling partners come in.

If you are not yet offering security, get in front of it now because opportunities continue to grow in volume and size, your customers don’t have the knowledge or skillset to address what they don’t know and could fatally affect their businesses. Adding a few security products to your portfolio means protecting your customer, expanding your consultancy practice and incremental revenue. The biggest vulnerabilities your customers face and what you should be addressing now include:

DDoS Attacks
A distributed denial of service (DDoS) attack is an attempt to block an online service by flooding it with traffic. You may be familiar with last year’s DDoS attack on Dyn which disrupted thousands of sites across the US and Europe. For any company that has a mostly online presence like an ecommerce retailor or someone who captures leads online, a DDoS attack could be very costly to their business.

Short for malicious software, malware comes in a number of forms from viruses and worms to spyware and Trojans, all designed to be undetected and transmit personal data. Credit card numbers still have their value but it is pennies compared to the premium paid for healthcare records on the black market. These threat actors make their way in through social engineering, outdated software, EOL machines, non-password protected IoT devices and basic human error.

Ransomware happens as a result of social engineering and phishing schemes and attempts to extort money out of victims by locking them out of their files. No matter how smart people are, they do stupid things like click an email from a “Nigerian Prince”.

Social Engineering and Human Error
Referenced as a cause for all the items listed above, human error happens. The best line of defense against these cyberthreats is well trained personnel. As attacks become more sophisticated, even the most email-savvy employees fall victim to social engineering. Poor password hygiene and incomplete exit strategies for departing employees also leave companies in vulnerable positions.

5 ways you can help without having to become a security expert:

1. Network
Find out what sort of traffic is riding over your customer’s network. Once you understand their day-to-day activities and strategic initiatives, you can help protect with customized solutions. Aside from private/encrypted networks, solutions like cloud connects, SD-WAN and NFV can offer a more secure network architecture.

Solutions to Consider: Verizon Secure Cloud Interconnect, AT&T NetBond, AT&T FlexWare, Masergy Hybrid Networking, SD-WAN and NFV solutions varied by vendor

2. Routers
Every single business has a router. And any carrier can provide a managed router. Set yourself apart by helping your customers through network segmentation, this is especially important with guest networks and internal IoT traffic.

Solutions to Consider: The network provider would be your best source of a managed router

3. Firewalls
How are your customers protecting the perimeter of their network? Cloud-based and network-based firewall solutions are their first line of defense against DDoS attacks. While most routers come with a standard firewall built in, there are many reasons to upgrade to a managed firewall including patch management, proactive updates and tier 1 support from manufacturers like Fortinet and Check Point. Enhance firewalls with unified threat management (UTM) to include features like content filtering and intrusion detection.

Providers to Consider: AT&T, CenturyLink, Level 3, Masergy, MetTel, Verizon

4. DDoS Mitigation
While your firewall will block the influx of malicious traffic, a DDoS attack will overwhelm your bandwidth and block internet access. With DDoS Mitigation, the carrier will reroute your traffic, scrub it for malicious/bad IP addresses and send any valid traffic back through keeping you up and running during an otherwise costly event.

Providers to Consider: AT&T, CenturyLink, Level 3, Masergy, SingleHop, TierPoint, Verizon

5. Managed Security
Your customers with smaller IT staffs or those looking to outsource some of their security needs can get started by outsourcing management of end-points, firewalls, content filtering and more. They can also utilize expert security consulting to assess cyber-incident risks resulting from human error and social engineering all while having a team of experts on retainer in the event of a breach.

Suggest an MSP or consider Managed Security from these Providers: AT&T, CenturyLink, Level 3, Masergy, Rackspace, SingleHop, TierPoint, Verizon

An enterprise version of a jump drive, backup as a service (BaaS) is a way to retrieve data. This is a great solution to present to customers who have a mostly virtualized environment but need a plan for files. BaaS offers immediate access to files in the event of ransomware, just make sure you have a scheduled backup planned every 24 hours.

Providers to Consider: SingleHop, TierPoint

TBI 2017 Washington DC Boot Camp

Security does not need to be your core business, but to exclude it from your portfolio is leaving both your customers vulnerable and money on the table. Utilize vendors to close your skill gap and know your customers have their first line of defense in place.


About the Author
As Marketing Manager at TBI, Rachel Bruce is responsible for TBI's digital campaigns and marketing systems. She develops strategic programs to cultivate leads, enhance agent and service provider relationships and enable sales. In addition, Rachel collaborates across multiple departments to provide valuable resources for TBI's agent partners and customers. You can contact Rachel at rbruce@tbicom.com or connect with her on LinkedIn.