Huntress CEO and Co-Founder Kyle Hanslovan, Huntress provides a list of hot takes for 2022.
The list contains a lot of snark and a lot of truth. It’s by having these brutal conversations that we shine a light on what really needs to change in the cyber community and specifically for MSPs and SMBs.
Kyle Hanslovan, CEO and Co-Founder of Huntress:
HOT TAKE #1: IT departments will enable auto-updates on the basis of risk-versus-reward
Anyone in the cyber community has seen the internet go up in arms when a patch causes a problem. But what about all those times when patches work seamlessly? This hyper-focus on bad patches makes auto-updating seem like the devil, when in reality patches are released every day that not only work seamlessly, but help keep your critical assets under lock and key. But let’s say you’re still cautious and decide you want to test the patch before you download it. Most businesses, large or small, don’t have the technology to accurately test the patches, so they choose time as their greatest validator. “Let’s see if the internet freaks out once this patch is released. If not, we’re good!” That type of thinking leaves a dangerous door open. Patches are often carefully constructed to fix vulnerabilities you might not even know exist. So while you’re waiting, you’re sitting there on a silver platter, vulnerable to any attack that a patch could have fought off. Don’t believe the hype – auto-updating is far more likely to keep you safe than it is to harm your network.
HOT TAKE #2: SMB IT/Security teams will mature their security operations and adopt enterprise metrics
Snark aside, we really hope this one actually happens…though it sadly seems unlikely. There is a myriad of different acronyms we could talk about here, but Mean Time to Detect and Mean Time to Respond (MTTD and MTTR) are two phrases we hear a lot at the enterprise level and almost never at the MSP level – and there’s a reason for that. These things are hard to measure. It’s unlikely that a small company is going to get hit with a cyberattack and automatically jump to “let’s spend thousands of dollars on getting the technology and data we need in order to gather forensics on how long this attacker has been in our network.” Why? Because it’s frankly a distraction from their top priority, which is taking immediate action to work towards recovery. The most realistic course of action for 2022 is to take steps in the right direction.
HOT TAKE #3: In 2022 people will use unique, strong passwords with 2FA across all applications
Okay, the snark is back: password reuse is dead and everyone’s going to make complicated passwords. YEAH RIGHT. This one has been on the list for years in one capacity or another. The one thing that has changed in the past couple of years is the addition of two-factor authentication, and that’s a good thing. We are starting to see a lot of vendors require things like 2FA, but it’s not going to be widespread enough in 2022 to make credentials bulletproof.
HOT TAKE #4: Technical folks will learn the differences between security offerings (AV, NGAV, EDR)
This one falls on vendors and practitioners alike. Let’s start with vendors: it’s not easy to understand what a product actually does when the SKU is changed every year. For example, Microsoft renames its Azure products all the time and no one can be expected to keep up with the name changes and relearn which products do what. Here’s a solution: come up with better names for your products that actually convey what the products do.
For practitioners, take the time to learn what you’re investing in and what you’re telling others to invest in. If you purchase a product from one vendor assuming that it has everything, you’re going to be majorly screwed when it comes time for audit season. You need to know what you’re signing up for.
HOT TAKE #5: MSPs will shift toward more mature and secure remote management solutions