Pair joins forces to develop and distribute tools for service firms looking to educate clients in the ongoing battle against phishing, ransomware, social engineering, and other threats
Security education specialists InfoSec Institute and channel industry organization The ASCII Group late last month announced a partnership that aims to deliver a comprehensive security awareness training toolkit for MSSPs and MSPs.
The Lowdown: Powered by InfoSec Institute’s SecurityIQ platform, the new offering, dubbed the MSP Toolkit, gives MSPs and MSSPs a collection of best practices and implementation strategies to deal with the growing number of threats targeting client end users such as phishing, ransomware, and business e-mail compromise.
The Details: The MSP Toolkit is designed to help service providers craft security awareness training programs that engage clients’ employees and motivate them to detect, avoid, and report security threats. The toolkit features customizable learning experiences with more than 300 training modules covering phishing, suspicious hosts, ransomware, and password security.
The toolkit also offers step-by-step program guidance; tools to automate training content creation and distribution; automated reporting features; and an administration dashboard for managing multiple awareness programs simultaneously on the critical steps to implement the process, as well as recommended best practices.
The Impact: The Infosec Institute, ASCII Group joint effort should prove particularly helpful to MSPs without formal security practices that are increasingly called upon to deliver not only technical security controls for networks and endpoints but end-user behavioral training as well.
The Buzz: MSP early adopters give the new toolkit good reviews. “The MSP Toolkit provides a structured method of engaging with our client base and takes the guess[work] out of proper process and procedure,” said William Chan, president of Syzygy 3, an MSP based in New York. “The training is well received by our client base and [provides] the right balance of engaging and educational.”
Channelnomics Point of View: End users continue to be the weakest security link in most business IT environments, with research like Verizon’s Data Breach Investigations Report showing last year that 30 percent of phishing messages get opened by targeted users and 12 percent of those users end up clicking on malicious attachments or links. With SMBs disproportionately at risk, MSPs need to up their security awareness game when it comes to delivering effective, varied, well-documented user training programs, an effort that requires capabilities outside the skillset of the average IT services provider.
Purpose-built tools like the MSP Toolkit are much needed and long overdue in the channel.