january-acrbo-blog-imageEvery day we see new headlines about data breaches and the latest malware, but some still believe they are immune to attacks, which comes from the misconception that only enormous corporations are targeted by cyber-crime.

Unfortunately, this is wishful thinking that reveals a troubling disconnect between what MSPs know is dangerous versus what customers think is safe. This form of complacency is a major issue, and it’s a challenge for end users and businesses.

The following comments from Webroot CTO Hal Lonas highlight the challenge. Lonas notes, “What we’re seeing is that businesses don’t even know they’ve been targeted until it’s too late. They don’t imagine they would be the object of an attack. A good example is healthcare organizations and hospitals that have been targeted recently by ransomware. The business bad guys have found the soft underbelly of some of these concerns and they figured out how to monetize that.

“Another problem is that people tend to believe in ‘security by obscurity.’ They think, ‘Well, I certainly wouldn’t be targeted here in this crowded airport,’ or, ‘With all the other high profile things going on, surely my little company wouldn’t be hit.’ They tend to bury their heads in the sand and think it won’t happen to them.”

Additionally, Lonas says that the expectation of 24/7 uptime compounds the issue: “Work, home, and private life barriers are increasingly blurred. We used to think, ‘If I’ve got my laptop inside the four walls of my company, then I’m pretty safe. The company’s protecting me with firewalls, and a filtering software, and all kinds of other great technology.’”

“But what happens,” he said, “if I take that same laptop, pick it up, and walk over to the coffee shop or the airport hot spot? Am I still going to be protected? Maybe, maybe not. It’s really become an interesting environment to try to protect people in this porous IT landscape.”

When asked if MSP customers resist new tech because of threats, Lonas had this to say, “I don’t know that they resist, but there’s a little bit of a friction between convenience, being able to share data, and security concerns. Putting data in the cloud, rather than storing it locally, has certainly brought great productivity gains to all of us. That’s a wonderful thing. We love to see companies adopt that.”

He adds, “Sometimes putting the data in the cloud is actually more secure than keeping it local, depending on your local security practices and what your local IT infrastructure looks like. There are pros and cons to that approach, and I do think it causes people to worry. We see so many high profile security stories here of companies that have been breached or that have become victims of some kind of an attack. That certainly has instilled fear in customers as they ponder their security future.”

Regardless, customers tend to downplay fears. Lonas explains, “We tend to be optimistic, especially in the business world. We add functionality, we add new capabilities, and then security is basically an afterthought. After a big attack is when security is added. It’s rarely baked in from the beginning. I find this concerning. It’s human nature, but it’s highly problematic from a security standpoint.”

So, what’s the bottom line? It’s paramount that MSPs communicate and educate their customers about the risks that face businesses of all sizes today, and it’s paramount that MSPs educate their users on why next-generation endpoint security should be the first consideration when trying to ensure comprehensive protection.

Want to find out if Webroot has what it takes to protect your customers? See for yourself with a no-risk FREE trial. You don’t even have to uninstall existing security. Want to learn more about how Webroot partners with MSPs to delight customers, lower costs, and boost profits? Learn more.