Uploaded byMSP360
PPTX, PDF59 views

Cybersecurity 101 - A Masterclass in Securing MSPs and IT Pros Understand Hacker Tactics and Strengthen Your Defenses

The webinar by Tyler Wrightson discusses the unique security risks faced by Managed Service Providers (MSPs), emphasizing that MSP clients' vulnerabilities translate directly to the MSP's own risks. Key systemic issues include password management, excessive access permissions, and a culture of complacency among IT staff. Recommended practices focus on improving admin policies, enforcing multi-factor authentication, minimizing access privileges, and continuous training to address these security challenges.

Download to read offline
MSP Security Masterclass Webinar 1 of 3 Tyler Wrightson Leet Cyber Security Twitter: @tbwrightson
@tbwrightson
Takeaway
Do Hackers even Target MSPs?
Do Hackers even Target MSPs?
MSP Risk is Unique
MSP Risk is Unique • Inherent risk from all primary tools
MSP Risk is Bidirectional
MSP Risk is Bidirectional
MSP Client Client Client Client Client Client
MSP Client Client Client Client Client Client Hacked
MSP Client Client Client Client Client Client Hacked
MSP Client Client Client Client Client Client Hacked
MSP Client Client Client Client Client Client Hacked Hacked
MSP Client Client Client Client Client Client Hacked Hacked
Thus • Your clients vulnerabilities are your own • Your clients risks are your own • Your clients ARE your attack surface
MSP Top Three Systemic Issues 1. Password Issues 2. Minimum Necessary 3. Complacency
1. Password Issues • Password Reuse
Password Reuse
Password Reuse
MSP Client Client Client Client Client Client Hacked SuperS3cretCrazyPassString99!!
MSP Client Client Client Client Client Client Hacked SuperS3cretCrazyPassString99!!
1. Password Issues • Password Reuse • Password Systems
MSP IBM Acme XYZ Hacked SuperS3cr3tIBMPass!!
MSP IBM Acme XYZ SuperS3cr3tIBMPass!! SuperS3cr3tAcmePass!! SuperS3cr3tXYZPass!!
But I have MFA….
1. Password Issues – How are they Compromised
1. Password Issues - Compromise • Phishing • Vishing • Breach creds • Wateringholes • Season Passes – Winter23!, Winter2023!, Fall2023!, Autumn23$ • In Memory • Pass The Hash
2. Minimum Necessary • Too many people with access they don’t need – CEO, Admin • Too many old systems that ‘we tried once’
3. Complacency • Tech jobs are hard • Many repetitive tasks – Which are quick, in the moment • IT People suffer from Technician Mindset
Recommendations 1. Admin policy & Training to avoid password reuse – Make specific to your MSP – Mostly remote vs In Person 2. MFA Everything (of value) 3. Minimum Necessary & Least Privilege – Define what you have • Data access & Systems 4. Complacency – Recurring Checks – Recurring Training
Questions
Thank You @leetsys blog.leetsys.com @tbwrightson Email: TW@LEETSYS.COM

More Related Content

PPTX
Getting Started with MSP360 Backup for M365/Google
byMSP360
 
PPTX
What's New at MSP360 webinar 09/16/2025
byMSP360
 
PPTX
Getting Started With Managed Backup webinar - 2025.pptx
byMSP360
 
PPTX
MSP360 Backup Scheduling and Retention Best Practices.pptx
byMSP360
 
PPTX
Webinar - Top 5 Backup Mistakes MSPs and Businesses Make .pptx
byMSP360
 
PPTX
Webinar - Protecting Your Microsoft 365 Data
byMSP360
 
PPTX
Endpoint Backup: 3 Reasons MSPs Ignore It
byMSP360
 
PPTX
What's New in MSP360 RMM webinar February 2025
byMSP360
 
Getting Started with MSP360 Backup for M365/Google
byMSP360
 
What's New at MSP360 webinar 09/16/2025
byMSP360
 
Getting Started With Managed Backup webinar - 2025.pptx
byMSP360
 
MSP360 Backup Scheduling and Retention Best Practices.pptx
byMSP360
 
Webinar - Top 5 Backup Mistakes MSPs and Businesses Make .pptx
byMSP360
 
Webinar - Protecting Your Microsoft 365 Data
byMSP360
 
Endpoint Backup: 3 Reasons MSPs Ignore It
byMSP360
 
What's New in MSP360 RMM webinar February 2025
byMSP360
 

More from MSP360

PPTX
What's New in MSP360 Backup -webinar 11/22/2024
byMSP360
 
PPTX
What's New in MSP360 - webinar November 2024
byMSP360
 
PPTX
Ransomware Evolution: What to Expect in 2025
byMSP360
 
PPTX
Getting Started with the MSP360 Platform
byMSP360
 
PPTX
The State of Ransomware in 2024: Trends, Threats, and Effective Countermeasures
byMSP360
 
PPTX
Storage 101: A Deep Dive into Cloud and Local Storage With MSP360
byMSP360
 
PPTX
Setting Up Backup Policies for Success webinar
byMSP360
 
PPTX
Whats new at MSP360 Webinar - June 2024
byMSP360
 
PPTX
Webinar - Generating More Revenue with MSP360
byMSP360
 
PPTX
Seamless Data Protection with MSP360 + Wasabi
byMSP360
 
PPTX
Getting Started with MSP360 RMM webinar April 2024
byMSP360
 
PPTX
Webinar - Unlocking the Critical Value of Cloud Backup and Storage - FINAL
byMSP360
 
PPTX
MSP360 Managed Backup: Secure Data Protection for Microsoft 365 and Google Wo...
byMSP360
 
PPTX
Getting Started with MSP360 Managed Backup: Secure Your Data and Save Money ...
byMSP360
 
PPTX
The Role of Backup and Recovery in the New Ransomware Economy
byMSP360
 
PPTX
Getting Started With Managed Backup: Configuration Best Practices
byMSP360
 
PPTX
Cybersecurity 101 - A Masterclass in Securing MSPs and IT Pros Secure Your F...
byMSP360
 
PPTX
Cybersecurity Essentials for Educational Institutions
byMSP360
 
PPTX
MSP360 Cybersecurity Master Class part 2
byMSP360
 
PPTX
Getting Started With Managed Backup - 2023.pptx
byMSP360
 
What's New in MSP360 Backup -webinar 11/22/2024
byMSP360
 
What's New in MSP360 - webinar November 2024
byMSP360
 
Ransomware Evolution: What to Expect in 2025
byMSP360
 
Getting Started with the MSP360 Platform
byMSP360
 
The State of Ransomware in 2024: Trends, Threats, and Effective Countermeasures
byMSP360
 
Storage 101: A Deep Dive into Cloud and Local Storage With MSP360
byMSP360
 
Setting Up Backup Policies for Success webinar
byMSP360
 
Whats new at MSP360 Webinar - June 2024
byMSP360
 
Webinar - Generating More Revenue with MSP360
byMSP360
 
Seamless Data Protection with MSP360 + Wasabi
byMSP360
 
Getting Started with MSP360 RMM webinar April 2024
byMSP360
 
Webinar - Unlocking the Critical Value of Cloud Backup and Storage - FINAL
byMSP360
 
MSP360 Managed Backup: Secure Data Protection for Microsoft 365 and Google Wo...
byMSP360
 
Getting Started with MSP360 Managed Backup: Secure Your Data and Save Money ...
byMSP360
 
The Role of Backup and Recovery in the New Ransomware Economy
byMSP360
 
Getting Started With Managed Backup: Configuration Best Practices
byMSP360
 
Cybersecurity 101 - A Masterclass in Securing MSPs and IT Pros Secure Your F...
byMSP360
 
Cybersecurity Essentials for Educational Institutions
byMSP360
 
MSP360 Cybersecurity Master Class part 2
byMSP360
 
Getting Started With Managed Backup - 2023.pptx
byMSP360
 

Recently uploaded

PDF
Database Performance at Scale: The TL;DR
byScyllaDB
 
PDF
From Pixels to Insights: Getting Started with Imagery in FME
bySafe Software
 
PDF
Q3'25 Financial Results and Earnings Presentation
byDropbox
 
PPTX
Odoo_by_Infinys_All_in_One_Business_Solution_for_Small_Companies.pptx
byAgusto Sipahutar
 
PPTX
Enhancing Web Security: Key Concepts & Strategies.pptx
byParham Abolghasemi
 
PDF
AWS re:Invent 2025 Event Presentation Slides
byZilliz
 
PDF
Transparency Exchange API: How Do You Find the SBOM for a Smart Light Bulb?
byPavel Shukhman
 
PPTX
GenAI GraphTalk - Kuala Lumpur - 4 Nov 2025
bygourisachdeva2
 
PDF
Wrapping up unowned UTF8 C strings: CStringView
byIgalia
 
PDF
Exclusive Hands-On Workshop: Agentic Automation with UiPath (First Edition)
byanabulhac
 
PPTX
Expanding Your Toolbox: Beginners Guide to Controlling Kubernetes Logs
byEric D. Schabell
 
PDF
Analyze and Store Logs - RHCSA (RH124).pdf
byLinuxCert Guru
 
PDF
Open Source SecurityCon 2025 in Atlanta - Transparency Exchange API: Where To...
byPavel Shukhman
 
PDF
Private Governance: How Decentralized Mechanisms Can Regulate the Crypto Economy
byFederico Ast
 
PDF
How Tridens DevSecOps Ensures Compliance, Security, and Agility
byTridens
 
PDF
Cybersecurity in ASEAN and Singapore Columbia SIPA 2025.pdf
byBenjamin Ang
 
PDF
Access Linux File System in RHEL - RHCSA (RH124).pdf
byLinuxCert Guru
 
PDF
Manage Local Users and Groups - RHCSA (RH124)
byLinuxCert Guru
 
PDF
MathML Core in WebKit
byIgalia
 
PPSX
AppSec Role Based Training OWASP Global AppSec USA 2025-11-06
byRobert Grupe, CSSLP CISSP PE PMP
 
Database Performance at Scale: The TL;DR
byScyllaDB
 
From Pixels to Insights: Getting Started with Imagery in FME
bySafe Software
 
Q3'25 Financial Results and Earnings Presentation
byDropbox
 
Odoo_by_Infinys_All_in_One_Business_Solution_for_Small_Companies.pptx
byAgusto Sipahutar
 
Enhancing Web Security: Key Concepts & Strategies.pptx
byParham Abolghasemi
 
AWS re:Invent 2025 Event Presentation Slides
byZilliz
 
Transparency Exchange API: How Do You Find the SBOM for a Smart Light Bulb?
byPavel Shukhman
 
GenAI GraphTalk - Kuala Lumpur - 4 Nov 2025
bygourisachdeva2
 
Wrapping up unowned UTF8 C strings: CStringView
byIgalia
 
Exclusive Hands-On Workshop: Agentic Automation with UiPath (First Edition)
byanabulhac
 
Expanding Your Toolbox: Beginners Guide to Controlling Kubernetes Logs
byEric D. Schabell
 
Analyze and Store Logs - RHCSA (RH124).pdf
byLinuxCert Guru
 
Open Source SecurityCon 2025 in Atlanta - Transparency Exchange API: Where To...
byPavel Shukhman
 
Private Governance: How Decentralized Mechanisms Can Regulate the Crypto Economy
byFederico Ast
 
How Tridens DevSecOps Ensures Compliance, Security, and Agility
byTridens
 
Cybersecurity in ASEAN and Singapore Columbia SIPA 2025.pdf
byBenjamin Ang
 
Access Linux File System in RHEL - RHCSA (RH124).pdf
byLinuxCert Guru
 
Manage Local Users and Groups - RHCSA (RH124)
byLinuxCert Guru
 
MathML Core in WebKit
byIgalia
 
AppSec Role Based Training OWASP Global AppSec USA 2025-11-06
byRobert Grupe, CSSLP CISSP PE PMP
 

Cybersecurity 101 - A Masterclass in Securing MSPs and IT Pros Understand Hacker Tactics and Strengthen Your Defenses