Top Cybersecurity News for MSPs: EPA Steps Up Inspections, SEC Requires Incident Plans, CyberArk Acquires Venafi, Lansweeper’s Channel-First Program, and Paris Olympics Cyber Threats

The U.S. Environmental Protection Agency (EPA) is stepping up cybersecurity inspections on water suppliers across the nation. Recent EPA inspections have revealed that over 70% of water systems do not fully comply with requirements in the Safe Drinking Water Act, with some systems having critical cybersecurity vulnerabilities. Common issues include outdated default passwords and easily compromised single logins.

In response to the increasing frequency and severity of threats to the nation’s water system, the EPA will increase the number of planned inspections and take civil and criminal enforcement actions where necessary. Edward Wu, founder and CEO of Dropzone AI, recommends that water providers leverage Managed Security Service Providers (MSSPs) to help them comply with the EPA’s cybersecurity requirements.

Meanwhile, the Securities and Exchange Commission (SEC) has issued new rules requiring certain financial institutions to have specific, written plans for handling cyber breaches involving customer information. This move aims to modernize and enhance reporting regulations for broker-dealers, investment companies, registered investment advisers, and transfer agents.

In the world of identity security, CyberArk has announced plans to acquire Venafi, a machine identity company owned by Thoma Bravo. This acquisition will establish a unified platform for end-to-end machine identity security at enterprise scale, offering organizations options for machine identity security all in one solution.

Additionally, Lansweeper is piloting a channel-first program in the Middle East, operating a 100% indirect sales model in seven countries. This initiative aims to impact the sales organization positively and will include selling to MSSPs and MSPs. The program is currently being piloted in select countries in the Middle East.

As the 2024 Paris Olympic Games approach, security experts are warning MSSPs and MSPs to prepare for potential cyber threats. Attackers are already using Olympic themes to launch phishing attacks, ransomware threats, and other deceptive attacks. MSPs and MSSPs can help organizations develop a solid understanding of their attack surface, enforce strong identity controls, and encourage a zero-trust security strategy to mitigate these threats.

Overall, government agencies are ramping up cybersecurity regulations, creating opportunities for MSPs and MSSPs to provide valuable services to ensure compliance and protect against cyber threats. Stay tuned for more updates on cybersecurity trends and news.