CISO lends voice to MSPs & small businesses on ransomware task force

Datto headquarters (image courtesy of Datto).

Ransomware attacks against billion-dollar corporations tend to garner the most provocative news headlines, but meanwhile plenty of small- and medium-sized businesses have silently suffered from this cyber scourge.

Ransomware gangs are infiltrating small businesses in two ways: one, by individually assaulting them via phishing and exploit attacks; and two, by first compromising a managed services provider (MSP) and then leveraging that breach to infect their various small-business clients all at once.

As infosec representatives across multiple industries collectively put their heads together and debate how to tackle the ransomware crisis, it’s important that both MSPs and SMBs have a seat at the table. After all, incident prevention and response recommendations for larger enterprises may not be suitable for mom and pop operations that use their modest tech budgets to outsource IT security.

Ryan Weeks, chief information security officer at Datto, does not work at a small enterprise or an MSP, but he does understand their pain. The company provides cloud-based software and technology solutions for managed service providers (MSPs), many of whom typically cater to SMBs, fulfilling their IT and infosec needs.

This week, Datto was accepted as founding member of the Institute for Security and Technology’s (IST) newly minted Ransomware Task Force, which soft-launched this past December. While first and foremost Weeks hopes to combat ransomware across all sectors, he also knows it will be his responsibility to represent MSPs and their small-business clients, communicating their needs and struggles in the ever-evolving battle against cybercriminals.

SC Media spoke to Weeks Tuesday to better understand the unique perspectives and experience that he lends to the new task force.

Ryan Weeks, CISO at Datto

Tell me what you and Datto as a whole bring to the table as one of the founding members of the task force.

What we do every day is help MSPs and small- and medium-sized businesses recover from ransomware and other types of business-impacting events.

It hasn’t felt to me like as a community, as a…