FORT MEADE, Md. — In anticipation of increased malicious cyber targeting of managed service providers (MSPs), NSA joined cybersecurity authorities from the U.S., Australia, Canada, New Zealand, and the United Kingdom to release the “Protecting Against Cyber Threats to Managed Service Providers and their Customers” Cybersecurity Advisory.
MSPs make attractive targets for malicious actors, including nation-state actors, because compromising an MSP network allows for access to and compromise of the provider-customer trust relationships.
MSPs are entities that deliver, operate, or manage information and communications technology services and functions for their customers.
“This joint guidance will help MSPs and customers engage in meaningful discussions on the responsibilities of securing networks and data,” said NSA Cybersecurity Director Rob Joyce. “Our recommendations cover actions such as preventing initial compromises and managing account authentication and authorization.”
The Cybersecurity Advisory highlights best practices and mitigations for MSPs and customers. Some of the key actions include:
- Identifying and disabling accounts no longer in use
- Enforcing multi-factor authentication (MFA) on MSP accounts that access the customer environment and monitoring MSP account activity; and
- Ensuring MSP-customer contracts transparently identify ownership of information and communications technology security roles and responsibilities.
NSA partnered with the United Kingdom’s National Cyber Security Centre (NCSC-UK), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), New Zealand’s National Cyber Security Centre (NCSC-NZ), Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) to develop this report.
To mitigate against malicious activity, the agencies recommend that MSP customers verify that contractual arrangements with their provider include cybersecurity measures in line with their particular security requirements.
Read the full report here.
Visit our full library for more cybersecurity information and technical guidance.