CompTIA represents global MSP community in strategic planning to enhance cyber security

A newly released strategic plan to better secure remote monitoring and management (RMM) software against malicious threats includes input from CompTIA, the nonprofit association for the IT industry and workforce, on behalf of the global managed service provider (MSP) community.

The Joint Cyber Defense Collaborative (JCDC), a public and private sector partnership, today released its JCDC RMM Cyber Defense Plan. The plan is intended to advance cyber security and reduce supply chain risk for small and medium critical infrastructure entities through collaboration with RMM vendors, managed service providers (MSPs) and managed security service providers (MSSPs).

“It is important that the unique experiences and perspectives of MSPs and MSSPs are considered and addressed in the new RMM plan,” said Wayne Selk, vice-president, cyber security programs, CompTIA, and executive director of the CompTIA Information Sharing and Analysis Organization (ISAO).

“These firms provide information technology and cyber security services to approximately 90% of US-based small and medium-sized businesses, who themselves account for about half the nation’s gross domestic product,” Selk added.

In January, the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint Cybersecurity Advisory to warn network defenders about malicious use of RMM software. Specifically, cyber criminal actors sent phishing e-mails that led to the download of legitimate RMM software, which the actors used in a refund scam to steal money from victim bank accounts. Additional types of malicious activity were also a possibility.

• Greater collaboration and collective action across the RMM community to enhance information sharing, increase visibility and fuel creative cyber security solutions.
• Greater amplification and education about the dangers and risks to RMM infrastructure, and how to implement security best practices.

CompTIA’s connections to the global MSP community generally, and in cyber security specifically, are extensive. MSPs in dozens of countries are participating in the CompTIA Cybersecurity Trustmark programme, which details a clear path to achieve foundational cyber security hygiene and position themselves as an organisation that follows proven cyber security best practices. Similarly, the CompTIA ISAO, an initiative that analyses the latest cyber security threats and provides actionable threat intelligence, has members around the world. It is built specifically for the IT channel ecosystem as a go-to resource on cyber security.