Red Piranha’s MSP Partner Assurance Program is our highest partner level,
designed to secure MSPs and gives Crystal Eye XDR customers confidence in their supply chain.
Cyber threat actors look for any way into organisations, including through their suppliers and partners.
- Supply chain attacks are on the rise as cybercriminals are increasingly targeting them.
- Cybercriminals look to exploit MSPs remote access technologies. From there, they have remote access to multiple customer networks where they can install ransomware.
- MSPs and other third parties become a supply chain risk which needs to be managed.
- As an MSP, give your customers assurance that you're secure and stand out from the crowd.
- Customers are starting to deal with third party risk in their own compliance programs and seeking out suppliers and service providers who can prove they have sufficient risk management programs and meet best practises.
Many of the compromises involving customers of MSPs occurred because MSPs themselves were the initial point of attack. That is to say that the customer was not the initial victim; the MSP was the vector to compromise their customers. An MSP must manage the security risks they pose to their customers by protecting their own network from basic intrusion attempts and preserving the trust relationship with their customers.
CSO Online describes the growing threat succinctly as:
“The risks associated with a supply chain attack have never been higher, due to new types of attacks, growing public awareness of the threats, and increased oversight from regulators. Meanwhile, attackers have more resources and tools at their disposal than ever before, creating a perfect storm.”
The MSP Partner Assurance Program provides an added level of confidence and improves the standard of cybersecurity offerings across our MSP partners. The program provides a level of assurance about our partners' security and compliance position, while ensuring they are operating in a controlled environment consistent with industry best-practice cybersecurity processes and controls.
The Program
The program is designed for MSPs on the path to achieving ISO27001 as the end goal. It is based on ISO27001, so our partners can understand the security standards they’re expected to meet and it provides confidence that our risk management assessments are conducted uniformly. The program includes the following components:
- Crystal Eye XDR platform
- eCISO service
- Consulting services
- ISO27001 compliance
The Process
Partners interested in the realising the benefits of the program are invited to apply to the program as follows:
- Partners register their interest
- Partners complete the 3rd party risk questionnaire
- Red Piranha Compliance team reviews response
- Certification awarded or remediation plan provided
"Following a $1.7m phishing scam, US manufacturing company, Boardman Molded Products, took legal against its MSP, Involta, for breach of service order, professional negligence and malpractice because it didn’t provide the necessary service or training required to stop the crime. Partners can avoid this kind of situation and benefit from securing the supply chain to position themselves for inclusion in contracts that require high assurance levels."
Malicious cyber activity shows no sign of slowing, so now’s the perfect time to sit down and look at enhancements to your security practices and make changes where appropriate.
Resources:
Questions to ask Managed Service Providers – Australian Cyber Security Centre
Managed Service Providers: How to Manage Risk to Customer Network - Australian Cyber Security Centre
Get Started With Our MSP Partner Assurance Program
Register here and a member of our team will be in touch