Original release date: July 14, 2021
CISA has released CISA Insights: Guidance for Managed Service Providers (MSPs) and Small- and Mid-sized Businesses, which provides mitigation and hardening guidance to help these organizations strengthen their defenses against cyberattacks. Many small- and mid-sized businesses use MSPs to manage IT systems, store data, or support sensitive processes, making MSPs valuable targets for malicious cyber actors. Compromises of MSPs—such as with the recent Kaseya ransomware attack—can have globally cascading effects and introduce significant risk to MSP customers.
CISA strongly recommends MSPs and small- and mid-sized businesses follow the guidance provided in the CISA Insights and CISA Webpage: Kaseya Ransomware Attack: Guidance for Affected MSPs and their Customers to protect MSP customer network assets and reduce the risk of successful cyberattacks.