SAAS SECURITY
CONTINUED
like GDPR and CCPA, and helping them navigate complex choices among tools like CASBs, secure APIs and real-time monitoring solutions,” he says. “It's crucial to highlight proactive, future-proof security measures such as zero trust architecture and AI-driven threat detection to help clients prepare for evolving threats like ransomware and AI-based attacks. “Additionally, resellers should emphasise the role of employee training in reducing human error, often a significant security risk, to ensure customers can fully leverage the tools and meet compliance requirements.” Akhil adds that resellers should go beyond simply selling solutions by helping customers build a comprehensive SaaS security strategy. “This starts with explaining the shared responsibility model so that clients understand the importance of internal practices – SaaS providers can’t handle everything,” he says. “Resellers should also guide customers on resilience planning, including incident response and data backup strategies, to ensure operations can continue if a breach occurs. Resellers should also address the issue of 'shadow IT' – unauthorised apps that bypass security measures and recommend tools to detect and secure these apps.” Resellers should also discuss the importance of zero trust principles, MFA and drift detection as essential layers of protection, adds Pieter. “They should also address the value of continuous monitoring, threat intelligence, and incident response capabilities to quickly identify and mitigate threats,” he says. “Additionally, it’s crucial for resellers to outline how regular updates, training, and best practices in user behaviour can strengthen the overall security posture, ensuring customers are well-equipped to handle evolving cyber risks.” Ian notes that resellers should emphasise the need for proactive security measures, as threats can come from
Pieter Vaniperen CISO
multiple angles. “Advising customers to implement solutions that enable real-time threat detection and response is crucial,” he says. “Businesses must ensure that their networks remain secure as new threats emerge, such as updated and more sophisticated malware.” But MSPs and resellers need to talk about risk more and cybersecurity less, according to Chris. “Clearly, there are advantages to moving workloads to the cloud – mostly because of efficiency gains and cost reductions. What needs to be discussed is what are the risks associated with moving workloads to the cloud, and how they can be minimised,” he says. “By communicating what’s at risk – data theft, account takeover, ransomware attacks, hosting DDoS and advanced persistent threats – then business decision makers can weigh the costs of implementing MDR and SASE security solutions versus the costs of not protecting their SaaS platforms, or keeping certain, more sensitive workloads on-premise, rather than the cloud.” Education is key Randall Degges, head of developer relations and community at Snyk, adds that resellers should look to be educators and supporters. “Assisting organisations in getting the most out of their development and security platforms, as CONTINUED
owndata.com
“
Advising customers to implement solutions that
enable real-time threat detection and response is crucial.
”
Sebastian Gierlinger VP of engineering
storyblok.com
28
Powered by FlippingBook