COMBATTING RANSOMWARE
of steps and attackers only need one gap. “The more important question to ask customers is: if something gets in, can it move? That shifts the discussion toward resilience, uptime and business impact. It’s a much more concrete conversation that aligns directly with executive priorities.” Dominic says the conversation needs to move beyond technology into business risk. “Customers don't buy EDR or backup, they buy continuity, resilience and peace of mind,” he says. “Framing ransomware in terms of downtime, lost revenue, regulatory exposure and customer trust makes the conversation more tangible and urgent. It's also important to position security as an on-going service, not a one-off project.” Danny Hemminga, VP EMEA partner sales at Tanium, says resellers should challenge how customers think about security. “Many organisations have ended up with fragmented security stacks over time – often the result of layering new tools on top of existing ones as threats evolve,” he says. “The problem is that these disconnected solutions create blind spots and slow down response, industry research shows 78% of organisations are dealing with fragmented security stacks. “In conversations, that means shifting the focus to exposure. Where are the real risks across the environment? How quickly can they be identified and fixed? And how much visibility and control do you have across every endpoint? “Resellers should also ask how quickly
customers can respond when something goes wrong. If it takes hours or days to act, that’s where ransomware gains ground. “Customers don’t need more dashboards – they need the ability to act and become unstoppable. The role of the reseller is to help simplify that complexity and ensure risk is being actively reduced, not just monitored.” Future Dominic says ransomware will continue to evolve rapidly. “AI is accelerating the scale and precision of attacks, from highly convincing phishing campaigns to faster vulnerability exploitation,” he says. “We're also seeing increased focus on supply chains and MSPs themselves as entry points. MSPs need to stay vigilant, continuously adapt their security stack, and ensure they are not just protecting their customers, but also themselves.” Danny agrees that AI is having more of an influence. “Attacks are becoming increasingly automated,” he says. “AI and tooling are allowing attackers to move faster, scale campaigns, and adapt in real time, which compresses the window MSPs have to respond.” He adds that there will be more focus on identity and access going forward. “Rather than breaking in, attackers are logging in – targeting credentials, remote management tools and MSP environments to gain broad access quickly,” he says. “Extortion tactics will continue to escalate. Double extortion is now standard, but we’re seeing more aggressive approaches – data leaks, regulatory pressure and targeting reputational damage to force payment. “For MSPs, that means staying alert to where attackers are shifting – identity, access and speed. If you don’t have real-time visibility and control across your customers’ environments, those attacks become much harder to detect and contain.” n
“
We're also seeing increased focus on supply chains and MSPs themselves as entry points. MSPs need to stay vigilant, continuously adapt their security stack, and ensure they are not just protecting their customers, but also themselves.
”
www.newsinthechannel.co.uk
35
Powered by FlippingBook