IT NATION SECURE — ConnectWise’s partnership with the Cybersecurity and Infrastructure Security Agency (CISA) Joint Cyber Defense Collaborative (JCDC) is already improving MSP security and many partners don’t even know it.

That’s according to Patrick Beggs (pictured above, right), ConnectWise‘s CISO. He hosted a JCDC fireside chat during the final day of IT Nation Secure. He spoke with Abby Thoennes (center) and Bree Johnson (left), CISA JCDC cyber operations planners.

Earlier this year, ConnectWise partnered with the CISA JCDC to enhance cybersecurity for MSPs. The partnership aims to provide MSPs with the resources and tools to strengthen their cybersecurity posture and protect their clients. ConnectWise is working closely with CISA JCDC to develop new solutions and services that address MSPs’ latest cybersecurity challenges.

Beggs told us some ConnectWise partners won’t see what’s resulting from the partnership because “it’s so automated and seamless.”

“Anything the JCDC gives us, we can point it right to (vice president of global security operations) Drew Sanford’s group and they can put it into the protection mechanisms seamlessly,” he said.

JCDC’s Vision, Mission Relevant to MSP Security

Johnson said JCDC’s vision and mission are inherently applicable to MSP security.

“JCDC’s vision is for our nation to achieve collective security in cyberspace,” she said. “And really that’s centered on the notion that together we can achieve far more than we can apart. That is a systemic shift in the balance of power from malicious cyber actors to cyber defenders. CISA’s mission is to unite the global cyber community in the collective defense of cyberspace. So really, the very nature of what so many of you in this audience are doing to try to become aware of and stay ahead of cybersecurity issues, secure yourselves and secure your customers, and so many of which are SMBs, is really in line with ultimately what JCDC is trying to do. And so we’re really excited for the push for that and supporting you all in that.”

Part of JCDC’s work is creating cyber defense plans, Thoennes said. And cybersecurity vendors are involved in this process.

“Part of that is also creating a core planning team … and as we go down the pyramid, we … see you all as MSPs fitting into that role, and then the SMBs,” she said. “And so what’s been really enlightening and really exciting is that when some sort of conversation happens about a tip or some sort of information, we immediately are passing that to our analytical team as well as our threat hunting team. And then they’re going down the rabbit hole to make sure that we stop whatever’s going on. And then we’re passing the information back to our core planning team members to let them know that not only are they absolutely getting something out of their relationship with us, but we’re getting something out of them. And the fact that we’re having a mutual exchange of information is something that will always be a great way forward.”

Free Services for MSPs, SMBs

CISA offers free services that might be useful to MSPs and SMBs such as knowledge vulnerability management, Thoennes said.

“That’s a great tool that people can get, and it’s done by our vulnerability management office, and they’ll do a variety of assessments on your system,” she said.

CISA also provides alerts on the latest vulnerabilities, and MSPs can receive them and work with their customer sets to make sure they’re secure, Johnson said.

In addition, CISA has 10 regional offices to provide more localized support and service.

“Each has their own point of contact,” Thoennes said. “So as an MSP from Omaha, you’re going to reach out to your region because they’re going to have a much better understanding in terms of response because they’re right there on the ground, too. They know the highs and lows of the region. And so they’re going to have a better understanding of who you should reach out to, what type of critical infrastructure is vulnerable in this area of the country, as well as they are obviously going to be able to reach back to headquarters. I highly encourage you to know your [CISA] rep. That’s a good thing to have the relationship, that you’re immediately going to get information. It’s about sharing the information in a timely manner.”

Thoennes said seeing the eagerness of MSPs at IT Nation Secure wanting to do more and be involved more has been “eye-opening, because I think there is absolutely opportunity for everyone to be involved in some manner.”

“You all have a very variety type of customer … and you have an insight that will obviously always be faster than something that we are getting from news outlets or anything else like that,” she said.