ConnectWise announces launch of cybersecurity-focused organisation to boost resilience of technology solution provider industry
The TSP-ISAO, the first information-sharing body dedicated to cybersecurity for TSPs, will provide real-time availability of actionable threat intelligence.
ConnectWise today announced the creation of the Technology Solution Provider Information Sharing and Analysis Organization (TSP-ISAO). Its mission is to advance the cybersecurity resilience of the global TSP industry.
The TSP-ISAO is intended to serve as the focal point for dealing with all cyber threats to TSPs, and ConnectWise is extending an open invitation to companies interested in obtaining membership.
Last October, the US Department of Homeland Security (DHS) issued an alert warning of advanced, persistent threat activity exploiting managed services providers (MSPs), cloud services providers (CSPs) and managed security services providers (MSSPs).
According to the DHS, threat actors are exploiting the trusted relationship between TSPs and their customers to creep unnoticed into customers’ networks. In order to keep pace with the speed and stealth of America’s cyber adversaries, the DHS states that organisations of all types need to be able to share and respond to cyber risk in as close to real time as possible.
"In the five years since the Federal Trade Commission and the Department of Justice issued a statement clarifying that the aggregation and sharing of cyber-threat information would not result in antitrust violations, the industry has been slow to respond to the opening that statement provided; in particular, to weaponise the vast trove of threat data that technology solution providers amass on a daily basis against would-be attackers," said Todd Thibodeaux, President and CEO of CompTIA.
"CompTIA applauds the goals of the TSP-ISAO to address the information shortfall by creating a real-time, actionable platform. We look forward to supporting the work of this vital new group," said Thibodeaux.
The organisation is being established to provide members with the real-time availability of proactive, actionable threat intelligence; the analysis of potential impacts; co-ordinated countermeasure solutions and responses; cybersecurity best practice adoption; and role-based workforce education.
In addition, the TSP-ISAO uses a threat intelligence platform, powered by Perch Security, that will allow members to see threat intelligence for no additional fee. Perch automates intelligence sharing for all TSP-ISAO members; a critical piece to the value of an ISAO membership.
“ConnectWise is launching the TSP-ISAO and leading the campaign to get companies collaboratively involved with us because we think it’s of the utmost importance for the entire industry,” said Jason Magee, CEO of ConnectWise. “I’ve already reached out to several of my counterparts to begin these collaborative discussions, and I invite interested vendors to reach out to ConnectWise and get involved as well.”
“Cybercriminals have set their sights on technology solution providers, and it’s time the industry came together to do something about it,” said John Ford, CISO for ConnectWise. “To that end, the TSP-ISAO will provide services that help vendors of all sizes accelerate the maturity of their cybersecurity and compliance programmes.
“This includes providing information, intelligence and benchmarking information relative to the technology solution provider community, including the effective use of self-assessment tools. And, leveraging Perch, we have the threat intelligence platform needed to support an ISAO ready to go today.”
More details on the TSP-ISAO will be shared at IT Nation Connect 2019 in Orlando, taking place from 30 October to 1 November. IT Nation Connect attendees will also have an opportunity to learn more about the Cybersecurity Framework written by the National Institute of Standards and Technology (NIST). The Cybersecurity Framework provides a way for organisations, including small and medium-sized businesses, to assess security risks and provide guidelines for identifying, protecting, detecting, responding to and recovering from cyber threats. The widespread adoption of an industry framework such as this will be instrumental in helping to grow the reach and effectiveness of TSP-ISAO.