The following article originally appeared on Tech Data’s LinkedIn page on November 27, 2018. It is the first in a three-part series on cybersecurity, written by Alex Ryals, Tech Data’s vice president Security Solutions.
Cybersecurity threats have escalated in the last few years into a very organized, well-funded threat matrix. The threats are not amateur hackers; they are highly sophisticated, multi-month planned attacks from individuals, groups or nation-states aiming to steal information and data, and sell it on the dark web for profit. Nation-states such as China, Russia, Iran, and North Korea are the largest offenders. And they are well-staffed, with an almost unlimited army of cyber warriors ready to prey on unprepared victims.
With the explosion of information, critical cyber threats are certainly facing the market today, and global companies like Tech Data are not immune, making it important for all of us to learn about cybersecurity threats and what can be done to prepare.
Here are two of the top threats I see going into 2019.
Ransomware is still a growing issue for most companies. The most impacted segment of the market are small businesses because they are less capable of recovering from a ransomware attack in a timely manner. Unfortunately for the SMB market, 56 percent of all malware deployed in the first half of 2018 contained a ransomware variant, according to the 2018 Verizon Breach Investigation Report, and many of those companies didn’t survive the attack.
Ransomware is commonly deployed by convincing a user to click a malicious link in a phishing email, which encrypts the hard drive or individual files, denying you access to your information and data. It then sends you a note explaining that you will only receive a decryption key if you pay a ransom in bitcoin or some other form of cryptocurrency. The unfortunate truth is that paying the ransom only results in recovery of your data about 30 percent of the time.
The FBI currently recommends you do not pay the ransom for fear that it reinforces bad behavior from the hackers. However, for organizations like hospitals, – no matter how big or small – who have patients waiting on surgeries – and cannot access patient medical records, this is hard a choice. Ransomware is crippling and it does not look like its slowing down anytime soon.
2. Phishing and Spear Phishing Attacks
Phishing is another significant form of cyber-attack in companies today, and the more advanced version is called spear phishing. A spear phishing attack occurs when a bad actor develops specific emails to target employees at companies. These are well-planned attacks with the hope that the employee will respond by clicking a link or file, provide credentials, access data, or transfer funds to a third party bank where the attackers have an account.
There are many efforts to make these emails look legitimate. For instance, emails coming from an internal employee, such as the chief financial officer. They are very convincing.
Many companies have lost hundreds of thousands of dollars from spear phishing attacks this year. Some analysts estimate that over 60 percent of emails that come into a company on average are a phishing or spam attack. It only takes one click on a phishing email to cause a tremendous amount of damage.
Using a simplified sales scenario, I will illustrate why activation carriers matter in achieving the sale. In this example, you are negotiating a hardware sales opportunity involving laptops, smartphones, tablets and routers. The traditional approach involves selling the hardware without the activation service included, and then offering discounts based on the relationship, volume or (worst case) a competing bid from a competitor. Using this approach, your only option remaining is to offer special pricing/discount on an already wafer thin margin.
The other alternative –and likely the successful one– includes the carrier activation fee per each device (built in). This approach provides you pricing flexibility (should your need it) to compete more effectively against your completion resulting in greater success probability. Beyond the obvious increase in close ratios, a post-sale evaluation would reflect a favorable customer experience, better pricing and higher margins.
Setting Customers up for Success with a Holistic Security Approach
A holistic approach to cybersecurity means covering all or at least most of the vectors of an attack against a company. IDC defines seven major categories of security and under those; there are 32 sub-categories of security, so there is no shortage of ways to protect a customer
Here are some of the ways Tech Data sets its customers up for success.
1. Having a Robust Vendor Line Card
There are over 500 security vendors that sell into the North American market and Tech Data is intentional about partnering with vendors that can provide a well-rounded set of security capabilities for our partners to sell to their end customers. When possible, we avoid building relationships with multiple vendors who provide the same, single category of security offerings and instead, we diversify and focus on different security vendors to provide a complete end-to-end security portfolio across areas such as Identity and Access Management, Security Intelligence, Perimeter Security, Application Security, Cloud Security, Mobile Security, etc. In this way, we can provide multiple options for our partners that allow them to create a holistic security posture for their end-users needs.
2. Alignment to the NIST Cybersecurity Framework
The National Institute for Standards and Technology (NIST) Cybersecurity Framework is a leading standard for the industry to use to understand how to build a holistic security strategy. Tech Data aligns its RECON Security Suite – which has seven unique security solutions – to the five core categories of the NIST Cybersecurity Framework. These categories provide a set of specific activities that help customers achieve cybersecurity outcomes and minimize their risk in a holistic way.
The NIST Cybersecurity Framework core categories are:
- Identify - Develop an organizational understanding to manage cybersecurity risk to systems, people, assets, data and capabilities
- Protect - Develop and implement appropriate safeguards to ensure the delivery of critical services
- Detect - Develop and implement appropriate activities to identify the occurrence of a cybersecurity event
- Respond - Develop and implement appropriate activities to take action regarding a detected cybersecurity incident
- Recover - Develop and implement appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity incident
If you are thinking about all five of these core areas of your security posture, then you have a much higher likelihood of security success.
Employing the Practice Builder™ Methodology
To provide further growth opportunities for our channel partners, Tech Data has introduced Practice Builder, a unique methodology that helps our channel partners build security practices. In many cases, partners have been selling products to address individual problems or risks. They know that their customers are struggling with the weight of cybersecurity threats, and they are looking into risk mitigation strategies but are not sure how to go about it.
With more than 30 areas of security to consider, it is hard for channel partners to know where to start. In addition to this, currently, there is a global cybersecurity skills shortage, with almost 300,000 unfilled security positions in the United States alone, according to cyberseek.org.
Tech Data’s Practice Builder methodology is designed to accelerate growth for solution providers in next-generation technology markets, including cloud, security, IoT and analytics. Entering next-generation technology areas can be challenging and costly for solution providers. With the Practice Builder methodology, Tech Data is enabling and working hand in hand with our channel partners to deliver on the future with continued investment in resources, skills and enablement.
Our Practice Builder methodology eliminates the guesswork and minimizes the risk and costs for channel partners who are looking to make one or more of these technology areas a strategic part of their business models.
The Practice Builder framework encompasses the key components needed – strategy development, training and enablement, marketing, services and finally, sales execution – to help a solution provider build a new technology practice or accelerate an existing technology practice. Each Practice Builder engagement has defined deliverables, tools and resources to address the specific requirements for their aligned technology market.
Practice Builder coupled with our vertical industry expertise complement each other and can be leveraged to capitalize on emerging technologies and enter untapped vertical markets. More information on security and the practice builder can be found here.
Don’t miss part two of Alex’s three-part series on Dec. 19, 2018. Alex will be discussing what cybersecurity means for the healthcare, public sector, and retail markets – as they suffer from the same security risks that any other company does – and why you should leverage the RECON Security Suite.
Don’t want to wait? Sign up to be a part of the Tech Data Security Community.
About the Author
Alex Ryals is the vice president of Security Solutions for Tech Data.
 IDC's Worldwide Security Products Taxonomy, 2018