Cynomi 2025 Year in Review

David Primor Publication date: 22 December, 2025

As 2025 comes to a close, the cybersecurity landscape looks different than it did even just twelve months ago. Regulatory, contractual, and procurement demands have intensified, AI has reshaped expectations, and organizations increasingly look to their MSPs and MSSPs for strategic cybersecurity leadership.

For service providers, this pressure has created a clear inflection point. The need for cybersecurity advisory has never been greater.

At Cynomi, our mission has always been clear: to make CISO-level cybersecurity accessible, scalable, and repeatable for every organization. In 2025, we took decisive steps toward that vision by accelerating growth, expanding our platform, and enabling partners to move beyond one-off assessments into long-term, high-margin security services.

A Year of Acceleration and Momentum

2025 was defined by execution and scale. We doubled our partner base, expanded globally, and strengthened our position as the leading platform for scalable cybersecurity management.

In April, we marked a pivotal moment in our company’s history. Cynomi secured $37 million in Series B funding, an investment co-led by Insight Partners and Entrée Capital, with support from our existing investors Canaan, Flint Capital, and S16VC. We committed to reinvesting these funds directly into our people and our platform. By enhancing our engineering teams and expanding our global footprint, we have accelerated the development of platform capabilities that service providers use daily to reduce manual workload and boost margins.

For example: Our highly differentiated Tasks engine prioritizes actions based on compliance requirements, criticality and risk impact—helping service providers deliver prescriptive, proactive, high-value guidance and demonstrate measurable progress to customers.

Another capability partners love is our Revenue Insights engine that allows service providers to prospect across their accounts for new revenue opportunities tied to services they can deliver, and compliance control gaps across their existing customers that need prioritizing.

This investment validated our vision and fueled our journey to become an “AI-first” company. This isn’t about us adding AI in front of every feature and jumping on the latest “trend.” We’re creating a truly agentic platform that puts our partners in the driver’s seat to ask natural language questions, build custom reporting and deliver enhanced cybersecurity protection to their customers with embedded CISO level intelligence, every step of the way.

The market response has been incredible. Following a year where we saw 3x ARR growth in 2024, this funding has positioned us to support an even larger ecosystem of partners who are ready to expand their cybersecurity offerings without linearly increasing their headcount.

How the Cynomi Platform Evolved

Over the last year, the Cynomi platform evolved from a cybersecurity management system into a true growth enablement engine for MSPs and MSSPs.

Expanded Compliance Framework Coverage

To reflect the regulatory realities facing service providers, we significantly expanded framework support across regions and industries. New frameworks added this year include:

CMMC 2.0
HITRUST
Cyber Essentials v3.2
NIST AI RMF 1.0
EU AI Act
CJIS v6.0
ISO 42001:2013
NCSC CAF v3.2

These additions allow partners to expand the recurring revenue services they offer that address these compliance use cases, while standardizing delivery and reducing operational overhead.

Third-Party Risk Management (TPRM)

Managing vendor risk has historically been a time-consuming bottleneck for security teams. To solve this, we launched a dedicated TPRM module that combines automation, shared intelligence, and purpose-built workflows.

The impact on efficiency is measurable and significant. Partners using this module have cut vendor assessment times from an average of 7-16 hours down to just 1.5-4.5 hours. By slashing the time required for these assessments, partners can increase profitability with margins rising up to 20%, proving that rigorous security doesn’t have to come at the cost of operational efficiency.

Business Continuity Planning and Impact Analysis

Resilience is about more than just prevention. It’s about recovery. Our new Business Impact Analysis (BIA) and Business Continuity Planning (BCP) features allow service providers to prioritize security efforts effectively. These capabilities automate various tasks associated with continuity planning, ensuring that you can map risks, align assets, and build resilience for your clients—all within a centralized hub.

Revenue Insights Module

We understand that helping your clients often means identifying gaps in their current coverage. We introduced the Revenue Insights module to simplify the process of mapping client needs to your specific service catalog. It helps you identify security gaps and align existing services with customer requirements, effectively transforming assessments into revenue-generating opportunities.

Strengthening Our Community & Partner Ecosystem

Technology is only part of the equation. This year, we made significant investments in partner enablement and ecosystem growth.

The ELEVATE Partner Program

We launched the ELEVATE Partner Program, a tiered initiative designed to help MSPs and MSSPs grow their cybersecurity services with confidence.

ELEVATE provides access to enablement resources, strategic support, and performance-based benefits, supporting partners at every stage of maturity.

Pax8 and Strategic Alliances Across Global Markets

Our partnership with Pax8 reached a new milestone. After achieving Gold Vendor status, Cynomi is now used by nearly 200 MSPs within the Pax8 ecosystem.

We also deepened strategic relationships with organizations, including Deutsche Telekom, Grant Thornton, ECI, Deepseas, and others, expanding Cynomi’s reach and reinforcing our position as a trusted platform for cybersecurity and compliance management.

At the same time, we ventured into new verticals, providing solutions tailored to the unique needs of telcos, accountancy firms, and private equity firms. These new markets join our existing base of MSPs, MSSPs, and cyber consultancies, further diversifying our impact.

Expanding Leadership and Global Reach

To drive our next phase of growth and category leadership, we were thrilled to welcome Erin McLean as our new Chief Marketing Officer. A veteran in the channel security space, Erin spearheads our global marketing strategy, helping us amplify our mission and support the service provider ecosystem more effectively.

We also brought on Dror Hevlin as Chief Information Security Officer, adding extensive leadership experience and deep cybersecurity expertise to our team and Ohad Chereshniya joined us as our Chief Financial Officer, bringing valuable leadership and financial expertise to our continued expansion.

Our growth didn’t stop there. We also extended our presence across offices in the UK, Israel, and the US, strengthening our ability to support clients and partners worldwide. Together, these strategic additions reflect our commitment to driving innovation and delivering exceptional value at a global scale.

Industry Recognition and Brand Growth

Our commitment to excellence hasn’t gone unnoticed. We are proud to have been recognized by several prestigious industry bodies this year.

Some key accolades that highlight our dedication to innovation and client success include:

CRN Security 100
CRN 10 Hottest Cybersecurity Startups Of 2025
CRN 10 Hot Products And Services For MSPs
SC Award “Best Risk or Policy Management Solution”
Pax8 Breakthrough Vendor
TechRound Top 40 Cybersecurity Companies

Brand visibility was also a major focus, with Cynomi participating in 30+ industry events and unveiling a refreshed website to better support partners and prospects.

Looking Ahead

2025 was a year of building, scaling, and proving what’s possible when cybersecurity leadership is standardized, automated, and delivered at scale.

As we look forward, Cynomi’s focus remains clear: continue to innovate, expand automation and efficiency across the platform, and empower service providers to deliver consistent, CISO-level value to every client they serve. I am so proud of this global team and how everyone at Cynomi shows up for each other, and our partners. We hear you, we appreciate your support, and confidence, and we are excited to achieve our ambitious goals together in the year ahead.

Thank you for being part of Cynomi’s journey, and for allowing us to be part of yours.

Cynomi Raises $37M Series B to Redefine Cybersecurity for Service Providers with Agentic AI

David Primor Publication date: 23 April, 2025

Company News

I’m thrilled to share that Cynomi has raised $37 million in Series B funding. This is a defining milestone in our journey to transform cybersecurity and compliance for service providers through agentic AI.

The round was co-led by Insight Partners and Entrée Capital, with continued support from Canaan, Flint Capital, and S16VC. I’m incredibly grateful for their belief in Cynomi’s vision and for the trust they continue to place in us.

When my co-founder Roy Azoulay and I launched Cynomi in 2020, we were motivated by a simple but powerful mission: to make CISO-level cybersecurity accessible to all organizations, starting with the service providers who support them. Five years later, I’m proud to say that that mission is more relevant and necessary than ever.

Building the Central Hub for vCISO Services

Since day one, our north star at Cynomi was that service providers deserve tools built for them. They needed solutions that make cybersecurity manageable, scalable, profitable, and impactful.

Cynomi has become exactly that: a purpose-built, AI-powered vCISO platform that empowers MSPs, MSSPs, and consultancies to deliver high-quality cybersecurity and compliance services to more clients, with less manual effort. Our partners have reported up to 70% reduction in manual work, allowing them to grow their businesses while improving service quality.

The traction we’ve seen reflects the need for this transformation. After achieving 4.5X ARR growth in 2023 and 3X in 2024, I’m more confident than ever in the future we’re helping to shape.

What This Investment Enables

With this new investment, we intend to accelerate our efforts across two key dimensions:

1. Deepening Cybersecurity Capabilities

Expanding Cynomi’s agentic AI and automation features, bringing even more powerful cybersecurity, compliance, and business intelligence tools to our partners. The goal is to help them operate with more precision, faster execution, and greater client impact.

2. Empowering Go-to-Market Success

Building features that support service providers not just in delivering services, but also for selling, positioning, and differentiating them. This will include partner enablement tools, advanced automation and other capabilities, intended to help our partners grow.

Additionally, this funding will support geographic expansion. Growing our presence in the U.S. and Europe will ensure we can better serve and support our global partner base.

Grateful for the People Behind the Milestone

I want to extend my deepest appreciation to our incredible team at Cynomi. You’ve brought this vision to life with passion, talent, and unwavering commitment. The work we’ve done together is transforming an entire category. I’m honored to do it alongside you.

To our partners, thank you for your trust and collaboration. Your feedback has made our product stronger, and your trust has fueled our growth.

A Pivotal Moment for Service Providers

The demand for cybersecurity and compliance services has never been higher, particularly among SMBs, who often lack the internal resources to meet growing cyber and regulatory requirements. This has created a massive opportunity for service providers, but only if they can scale their offerings effectively.

I believe Cynomi is uniquely positioned to support this transformation. Whether you’re an established MSSP or just starting your vCISO journey, Cynomi can help you standardize operations, reduce manual work, and deliver expert-level services at scale.

If you haven’t yet joined the vCISO revolution, now is the time.

Learn more about becoming a Cynomi partner and discover how we can help accelerate your vCISO journey.

Thank you again for believing in the future we’re building.

The best is yet to come.

Redefining Service Provider Growth with Cynomi

David Primor Publication date: 4 March, 2025

Company News

At Cynomi, we are driven by a bold vision: to empower service providers with the most innovative and effective technology to scale their businesses, enhance their offerings, and deliver top-tier cybersecurity services. Today, I am thrilled to introduce a groundbreaking new capability that is unlike anything else in the market—the Solution Showcase.

This isn’t just another feature. Cynomi is the only technology in the ecosystem that enables service providers to easily match their offerings with customer needs, ensuring the right services reach the right clients at the right time. By intelligently aligning products and services with client needs, Solution Showcase acts as a matchmaking tool that helps service providers optimize their portfolios, gain trust and strengthen client relationships.

A True Game-Changer for Service Providers

The introduction of Solution Showcase is a reflection of our unwavering commitment to helping service providers succeed. For years, cybersecurity service providers have faced a critical challenge: bridging the gap between their services and their clients’ unique security needs. Identifying the right offerings for each client has often been time-consuming and inefficient, leaving revenue opportunities untapped.

With Solution Showcase, we are solving this challenge head-on. For the first time, service providers can proactively match their solutions with client needs, uncovering new opportunities for engagement, value delivery, and growth. This capability not only enhances service visibility but also makes the process of upselling and cross-selling more effective.

Built for Growth, Designed for Success

Cynomi has always prioritized the needs of service providers, and Solution Showcase is a testament to that dedication. By harnessing artificial intelligence behind the scenes, we analyze all offered solutions and seamlessly align them with clients’ open tasks. With this capability, we are giving service providers the tools to:

Match their offerings directly to client needs on a timely manner with unmatched precision.
Turn cybersecurity assessments into business growth opportunities by identifying security gaps.
Increase efficiency and revenue through better service alignment and visibility.

More than just technology, this is a strategy for success. We understand that cybersecurity isn’t just about deploying more technologies — it’s about ongoing management, customer trust, business expansion and long-term sustainability. Cynomi’s mission is to enable every organization to achieve CISO-level cybersecurity. Solution Showcase is another step in making that a reality.

I see service providers as Cynomi’s true partners in our mission to empower businesses with CISO-level security. That’s why we work tirelessly to make it easier for them to provide each of their clients with the optimal security solutions—seamlessly, efficiently, and at scale. Solution Showcase is another step in that direction, providing the tools and insights to enhance their reach and strengthen the security posture of the businesses they protect.

Our Commitment to Innovation

As we continue to evolve, our commitment remains steadfast: to invest in features that empower our partners to scale, differentiate, and lead in the cybersecurity space. We listen to our partners, understand their challenges, and develop technology that drives measurable business impact.

The Solution Showcase is just the beginning. We are excited to continue delivering innovations that redefine what’s possible for service providers. As we roll out new capabilities, our focus will always be on helping you grow smarter, scale faster, and win more business.

I invite you to explore this new module and experience firsthand how Cynomi is transforming cybersecurity service delivery. Let’s matchmake the perfect security solutions for your clients and shape the future of cybersecurity—together.

From Risk to Resilience Elevating Cybersecurity with Security Posture

David Primor Publication date: 13 January, 2025

vCISO Community

From Risk to Resilience Elevating Cybersecurity with Security Posture

In an era where cyber threats evolve faster than organizations can adapt, focusing solely on risk management is no longer sufficient. While mitigating known risks remains important, it is security posture—the holistic measure of an organization’s overall resilience—that holds the key to enduring cyber resilience.

The Limitations of Risk-Based Approaches

Traditional cybersecurity strategies often prioritize specific, identifiable risks, such as phishing or ransomware. This approach mirrors the healthcare industry’s response to known viruses: identifying threats and creating targeted defenses. But what happens when the unexpected emerges? The COVID-19 pandemic serves as a sobering analogy. Despite vaccinations for known viruses, the novel coronavirus exposed vulnerabilities and highlighted the need for resilience beyond specific threats.

The same is true in cybersecurity. While a risk register may help mitigate familiar threats, unknown and unforeseen vulnerabilities continue to proliferate. Cybercriminals innovate, creating new attack vectors that exploit blind spots. It is this dynamic environment that underscores the importance of shifting focus from individual risks to overall security posture.

Security Posture: A Measure of Resilience

Security posture reflects an organization’s ability to withstand, respond to, and recover from cyberattacks—whether they are known or unknown. Unlike risk management, which is reactive and narrowly focused, security posture emphasizes proactive preparedness and adaptability. High-security posture encompasses robust cybersecurity practices, comprehensive threat anticipation, and strong recovery capabilities.

Organizations with strong security postures are inherently more resilient. They can absorb the impact of unforeseen threats and maintain operations, minimizing disruption. Simply put, a strong security posture transforms organizations from being reactive to becoming resilient.

Measuring What Matters

The distinction between measuring risk and assessing security posture is profound. Measuring risk identifies specific threats and mitigation strategies, but it does not account for the unknown. By contrast, evaluating security posture provides a broader understanding of an organization’s preparedness and resilience.

By prioritizing security posture, organizations achieve more than just risk mitigation—they build the foundation for long-term cyber resilience. This shift in focus enables them to anticipate, adapt to, and recover from cyber incidents with minimal impact.

Leveraging Frameworks for Resilience

Strengthening security posture requires a strategic, structured approach. The way to achieve that is by following security frameworks that take a holistic, comprehensive approach to cybersecurity and compliance.

Frameworks like NIST, CIS Controls, and ISO 27001 provide valuable blueprints for enhancing security posture. While each framework offers unique advantages, the key lies in selecting one aligned with your organization’s specific needs and risk profile. A customized framework ensures resources are directed toward measures that maximize resilience, rather than compliance alone.

By adopting a security-first approach, organizations can focus on what truly matters—achieving a state of resilience.

Practical Steps to Building Cyber Resilience

Start by selecting a security framework that aligns with your organization’s goals and requirements. This will serve as the foundation for your cybersecurity efforts. Support this framework with a Business Impact Analysis (BIA) to understand the potential consequences of incidents and prioritize protection efforts accordingly. Next, ensure comprehensive knowledge of your assets through a structured asset management procedure to identify and safeguard critical resources. Follow this with a risk register, which will help address and mitigate known risks systematically. By taking these steps, you lay the groundwork for building cyber resilience and enhancing your organization’s overall security posture.

The Future of Cybersecurity: Resilience Over Risk

As the cyber threat landscape continues to evolve, the organizations that prioritize security posture will be best positioned to thrive. Resilience is not about eliminating risks entirely—a near-impossible task—but about preparing for and adapting to whatever comes next.

By building a strong security posture, organizations can navigate the unpredictable terrain of cybersecurity with confidence, ensuring their systems, data, and reputation remain intact. In this race against emerging threats, resilience is not just a strategy—it is the goal.

2024: A Year of Growth, Recognition, and Milestones for Cynomi and the Cybersecurity Ecosystem

David Primor Publication date: 17 December, 2024

vCISO Community

As we approach the close of 2024, I want to take a moment to reflect on what has been an incredible year for Cynomi and our partners. Together, we’ve achieved milestones that have not only strengthened our mission but also set the stage for even greater success in the years ahead.

Accelerating Our Growth

“This year, the Cynomi team expanded 2.5-fold to support rising demand. Each team member plays a crucial role in driving our vision forward, and I couldn’t be prouder of their dedication and impact. We also saw remarkable growth on the partner front, with a 200% year-over-year increase since 2023. Together, we’re empowering more organizations across the globe to achieve expert-level security with efficiency and confidence.

Our platform usage soared by 426% this year—a testament to the trust our users place in Cynomi to deliver tailored, scalable solutions that make cybersecurity management easier and more effective.

Industry Recognition and Trust

In 2024, we were honored to receive multiple industry awards, reinforcing the value Cynomi brings to the cybersecurity ecosystem. We were awarded the Tech Round Winner’s Top 40 Cybersecurity Startups award, Cyber Defense Magazine’s Top Infosec Innovator award, The Channel Company’s AI 100 and Stellar Startups awards and others! These accolades reflect not just our innovation but also the growing recognition of the vCISO model as a critical enabler for businesses of all sizes.

Fueling the Future

Earlier this year, we raised an additional $20M to advance our mission of bringing expert-level security to organizations worldwide. This funding will allow us to continue innovating, enhancing our platform, and supporting our growing community of users and partners.

Cynomi’s Contributions to the Ecosystem

At Cynomi, we are committed to not only providing solutions but also contributing to the broader cybersecurity ecosystem. This year, we launched and supported initiatives that have made a tangible impact:

The vCISO Academy: A free learning platform that helps MSPs, MSSPs, and consultants develop and expand their vCISO skills. With expert-led videos, practical tools, and real-world exercises, the Academy empowers service providers to succeed.

The vCISO Directory: A vendor-neutral directory connecting organizations across the globe with professional vCISO service providers. It’s free for both users and providers, ensuring easy access to trusted cybersecurity partners.

Sponsoring the PowerGRYD Community: We proudly supported the PowerGRYD Community, fostering collaboration and innovation in the cybersecurity space. Our sponsorship has helped amplify knowledge-sharing and connections within the ecosystem.

The 2024 State of the vCISO Report: This year’s report highlights the rapid rise of vCISO services, showcasing their benefits while addressing the challenges providers face, such as bridging security expertise gaps. It’s an essential resource for understanding this growing trend.

Looking Ahead

As we celebrate our successes, we remain focused on the road ahead. Our mission to empower every business with robust, scalable, and automated security solutions continues to guide us. We’re excited to bring even more value to our partners and users in the coming year.

To our team, partners, and community—thank you for being part of our journey. Your trust, feedback, and collaboration drive everything we do. Here’s to an even more successful 2025!

With gratitude,
David Primor
CEO, Cynomi

Strengthening the vCISO Ecosystem by Launching the vCISO Academy

David Primor Publication date: 22 October, 2024

Education

At Cynomi, we believe every organization deserves CISO-level cybersecurity management, which is why we are committed to elevating the vCISO profession by providing education and resources for service providers

Introducing the vCISO Academy – designed to empower MSPs, MSSPs, security consultants, and CISOs develop their vCISO capabilities and thrive in the ever-evolving cybersecurity market. By enhancing the proficiency of these professionals, we aim to ensure that businesses of all sizes have access to the high-quality cybersecurity management they need to stay secure.

We launched the vCISO Academy in response to a clear market need: the Virtual CISO (vCISO) market is rapidly gaining momentum, with 94% of service providers recognizing the growing demand for vCISO services.

In our new 2024 State of the vCISO Survey, we interviewed 200 senior security leaders (CEOs, CIOs, CISOs, COOs, vCISOs, Heads of Security and Senior Security Consultants) in MSPs and MSSPs. It’s become clear that, for MSPs and MSSPs, offering vCISO services is quickly becoming essential. In fact, 98% of service providers who don’t currently offer vCISO services plan to introduce them in the future, highlighting the critical importance of these services for SMBs. Of those planning to expand into vCISO offerings, 39% aim to do so within the next few months, with another 35% targeting the end of 2025. This rapid adoption indicates that MSPs and MSSPs without vCISO services on their roadmap may soon find themselves at a competitive disadvantage.

However, over 25% of providers report lacking the cybersecurity and compliance expertise needed to offer vCISO services and capitalize on this opportunity. This gap is exactly why we created the vCISO Academy —to empower service providers with the knowledge and skills they need to thrive in this evolving landscape.

The vCISO Academy is designed to equip service providers with the knowledge and skills needed to build and expand their vCISO offerings, enabling their clients to achieve robust cybersecurity resilience.

vCISO Academy provides free, self-paced, hands-on training in crucial areas like developing a CISO mindset, effectively communicating risk to the board, creating compelling reports, packaging and pricing services, and conducting both risk and compliance assessments. Providers can access videos, tools, and resources anytime, anywhere, and benefit from practical exercises and real-world examples to solidify their understanding.

vCISO Academy is designed to:

Broaden your perspective: The vCISO Academy provides a deeper understanding of what is a vciso with specialized training to address the cybersecurity skills shortage. By equipping professionals with vCISO expertise, we are helping fill a critical gap in the industry, ensuring businesses have access to the security leadership they need.
Empower professional growth: The vCISO Academy is designed to advance professionals’ careers by developing their vCISO skills, positioning them as trusted advisors, and making them invaluable to their clients. Courses are created by industry experts who share practical knowledge and real-world experience.
Scale your practice: For MSPs and MSSPs, adding vCISO services is a strategic move that opens up new revenue streams and strengthens client relationships. The vCISO Academy’s comprehensive training and resources will help you scale your vCISO practice with confidence.

Join us in strengthening cybersecurity leadership

Whether you are just establishing or looking to expand your vCISO services, the vCISO Academy provides the tools and knowledge you need to succeed. The Academy will continue to grow, with future courses offering even more advanced resources, training, and opportunities for service providers to stay ahead in the ever-changing cybersecurity market.

Be a part of this exciting journey. Together, we can shape the future of cybersecurity.

Elevating the Global vCISO Ecosystem with a Newly Expanded Directory

David Primor Publication date: 20 August, 2024

vCISO Community

Elevating the global vCISO ecosystem with a newly expanded directory

On behalf of all of us at Cynomi, I am excited to share this announcement with you today. Thanks to overwhelming demand and remarkable growth, we’re thrilled to launch the first international vCISO Directory with enhanced functionality, and many new additions.

Initially featuring vCISOs only in North America, the directory has now expanded globally by 121%. It now includes experts from the UK and Canada, becoming a more comprehensive resource for small and medium businesses worldwide. This expansion highlights the growing trend of MSPs and MSSPs offering vCISO services and marks an important step forward for the cybersecurity industry.

Given the growing demands for cybersecurity and compliance, more MSPs and MSSPs are offering vCISO services. Currently, only 19% of these providers offer vCISO services, but this figure is projected to rise to 86% by the end of 2024, indicating a fivefold increase in adoption.

This growth is driven, in part, by the increasing need for SMBs and mid-market companies to strengthen their cybersecurity postures without the high costs associated with full-time CISOs. More and more SMBs are recognizing the advantage of hiring a vCISO to address their security needs. However, finding the right service provider can be challenging. Our directory simplifies this process by helping SMEs find qualified vCISO service providers and make informed decisions.

At Cynomi, our mission is to empower every organization with CISO-level security. This updated directory is a key component of that mission. By building this hub for the vCISO ecosystem, we make it easier for organizations across the globe to access their trusted cyber service providers, fortifying their defenses and promoting a secure digital environment for all.

If you’re not yet part of the vCISO Directory and want to join this distinguished network of professionals, with more potential clients and gain access to exclusive members-only benefits.

Together, we will transform the cybersecurity landscape on a global scale, elevating the defenses of organizations everywhere and navigating them through the most complex threats of our time.

The NIS 2 Directive: Impact on MSPs, MSSPs and Their Clients

David Primor Publication date: 8 August, 2024

Compliance Top Security Policies

NIS 2 has come into effect, and by October 2024 EU-member states are required to add this Directive to their legislation. For MSPs and MSSPs, NIS 2 is an opportunity to position themselves in front of their clients as a trusted partner and a security and compliance leader and expert. Below, we detail how you can help your clients meet the new requirements and even how to overcome any objections they may have.

Brief Reminder: What is NIS

The Network and Information Systems (NIS) Directive is an EU legislation designed to strengthen network and information system security in the EU. Adopted in July 2016, it was the first EU-wide legislation on cybersecurity.

According to NIS, organizations are required to adopt cybersecurity strategies to enable service continuity. They also need to report incidents that impact this ability. NIS applies to various sectors, including energy, transport, banking, financial market infrastructures, health, drinking water supply and distribution and digital infrastructure.

What is NIS 2? What Does it Add on to NIS?

NIS 2 is an update of the NIS Directive. It came into act in July 2023 and EU member states are required to add it to their legislation by October 2024. NIS 2 aims to expand NIS, adding new cybersecurity requirements and new sectors that are required to comply This is meant to enhance the resilience and incident response of the EU and its public and private entities.

The main additions include:

Broader Sector Coverage

A number of new sectors are required to comply with NIS2. These include digital infrastructure providers, public administration entities, food production and distribution, waste management and more. The expansion is meant to ensure a comprehensive approach across critical services to enhancing cybersecurity.

Mandatory Cybersecurity Measures

There are a number of specific cybersecurity measures NIS 2 requires:

Access controls
Incident detection and response
Regular security audits
Supply chain security controls
Employee training programs

These measures are designed to ensure that organizations have a robust cybersecurity framework in place to protect against threats.

Enhanced Incident Reporting Requirements

NIS2 mandates stricter incident reporting obligations. Organizations must report significant cybersecurity incidents to national authorities or CSIRTs within 24 hours of detection, followed by a detailed report within 72 hours. Impacted recipients must be notified immediately. This aims to ensure timely and effective incident response and coordination.

Stronger Risk Management and Governance

With NIS2, organizations are required to implement robust risk management practices. This includes regular risk assessments, the adoption of appropriate technical and organizational measures and ensuring top management is actively involved in cybersecurity governance and oversight.

Focus on Supply Chain Security

With NIS2, organizations are required to assess and manage the cybersecurity risks posed by their suppliers and service providers. This includes ensuring that third-party vendors comply with relevant security requirements and integrating supply chain security into overall risk management strategies.

Penalties for Non-Compliance

Non-compliance with NIS 2 can lead to significant penalties. These can even reach €10,000,000 or 2% of the global annual revenue, whichever is higher.

Harmonization Across the EU

NIS2 sets common standards and requirements. This is intended to reduce disparities in cybersecurity practices and enhance the overall security posture across the EU.

Increased Cooperation and Information Sharing

NIS2 advocates for increased cooperation and information sharing between member states, national authorities and organizations. This includes participating in information sharing groups, reporting incidents, and sharing threat intelligence to improve collective cybersecurity resilience.

How MSPs and MSSPs Can Help Their Clients Meet NIS 2

Your clients are busy, and sometimes do not have the time, bandwidth or resources to ensure they are planning for NIS 2 compliance. This is where you can help. Follow these practices:

1. Conduct Comprehensive Risk Assessments

Perform detailed risk assessments for each of your obligated clients, to identify vulnerabilities and areas that need improvement, based on the NIS 2 framework. Use these assessments to tailor security measures to each client’s specific needs. An automated and AI-based vCISO platform that supports compliance capabilities can assist, streamlining the process, ensuring a comprehensive and structured assessment can create a clear report that can be shared with the client.

2. Recommend the Implementation of Robust Security Measures

Advise your client to deploy essential security controls. These include access control, firewalls, intrusion detection/prevention systems, endpoint protection and encryption. Ensure these measures are continuously updated and monitored. While they are not all listed in NIS 2, they all allow meeting the NIS 2 requirements for basic security hygiene.

3. Develop and Manage Incident Response Plans

Work with your clients to create customized incident response plans. The plan should outline procedures for detecting, reporting and responding to cybersecurity incidents; backups and redundancy for business continuity; and authority reporting procedures. Regularly test and update these plans to ensure they remain effective.

4. Provide Continuous Monitoring and Logging

Set up continuous monitoring systems to detect and respond to security threats in real-time. Implement logging solutions to record security events, ensuring logs are regularly reviewed and maintained. This will help with quick response to incidents and with reporting to authorities about incidents, as required by NIS 2. It can also help your clients maintain transparency and trust with their own end-users.

5. Facilitate Compliance Training and Awareness

Offer regular cybersecurity training and awareness programs for your clients. Explain to them what they are required to do under NIS 2 and how it strengthens their security strategy. This will help them prepare and also instill confidence in their ability to meet NIS 2 requirements.

6. Develop Comprehensive Security Policies

Assist customers in developing and maintaining comprehensive security policies and procedures that align with NIS2 requirements. Ensure these policies are regularly reviewed and updated. An automated platform can help develop such policies with AI.

7. Enhance Supply Chain Security

Evaluate the cybersecurity practices of your clients’ third-party vendors and service providers. Help customers integrate supply chain security into their overall risk management strategies. You can use the same platform you used to assess your clients, on their suppliers (with their consent).

8. Prepare for Incident Reporting

Establish clear processes for timely and accurate incident reporting to relevant national authorities or CSIRTs. Ensure customers understand what constitutes a reportable incident. how to report it and when. An automated vCISO platform can help generate immediate reports that shorten the process.

9. Utilize Automated Compliance Tools

Automated compliance tools can help customers manage and document their compliance efforts. These tools can simplify the process of gathering evidence, tracking progress and generating reports. For example, an AI-based vCISO platform helps assess the client’s compliance posture based on the specific required framework, identify gaps, create a plan, track it and generate reports.

10. Ensure Regular Security Audits and Assessments

Conduct regular security audits and assessments to track progress and ensure ongoing compliance with NIS2 requirements. Use the findings to continuously improve security measures and address any gaps.

11. Support Business Continuity and Disaster Recovery Planning

Assist customers in developing and maintaining business continuity and disaster recovery plans. Regularly test these plans to ensure they are effective and up-to-date.

12. Promote Information Sharing and Collaboration

Encourage customers to participate in information sharing and collaboration initiatives with other organizations, sectoral bodies and national authorities. This can enhance their collective cybersecurity resilience and also encourage them to implement more security practices, which is an upselling opportunity for you.

How MSPs Can Convince Their Clients to Follow NIS2 Compliance

While complying with NIS 2 is non-negotiable, not all your clients might be enthusiastic about planning and executing its requirements. Here are a few strategies the can help you show them the value of doing so:

Highlight Regulatory Requirements – Clearly explain the legal obligations and requirements of the NIS2 directive. Emphasize that compliance is mandatory for their sector and non-compliance can result in significant penalties and legal repercussions.

Demonstrate Business Benefits – Show how NIS2 compliance can enhance their cybersecurity posture, reduce the risk of cyber incidents, provide a competitive advantage and protect their reputation. Explain that a strong cybersecurity framework can lead to increased customer trust and potential business opportunities.
Emphasize Risk Mitigation – Provide examples of cyber incidents that impacted similar businesses. Highlight how compliance with NIS2 could have mitigated these risks and protected the business from financial and operational disruptions.
Offer Success Stories – Share testimonials and success stories from other clients who have benefited from NIS2 compliance, demonstrating its positive impact.
Offer a Compliance Roadmap – Present a clear, step-by-step roadmap for achieving compliance. Break down the process into manageable phases, showing that compliance is achievable without overwhelming their resources. A vCISO platform can help build such a plan.
Show Cost-Effectiveness – Illustrate how investing in compliance now can save money in the long run by avoiding fines, reducing the cost of incident response and minimizing downtime from cyber incidents.
Leverage Your Expertise and Tools – Demonstrate your expertise and experience in cybersecurity and compliance. Highlight the tools and services you offer that will simplify the compliance process, such as automated compliance management, continuous monitoring and incident response. This is also an upselling opportunity for you.
Provide Customized Solutions – Tailor your services to the specific needs and risks of the end-customer. Show how your customized approach addresses their unique challenges and aligns with their business objectives.
Promote Continuous Improvement – Emphasize that cybersecurity and compliance are ongoing processes. Offer to support them with regular updates, training, and assessments to continuously improve their security posture.
Build Trust and Relationships – Establish a strong relationship based on trust. Show that you are a partner in their success, not just a service provider. Regularly communicate and provide updates on progress and emerging threats.
Create Awareness Programs – Conduct workshops, webinars and training sessions to educate your end-customers on the importance of NIS2 compliance. Awareness programs can help them understand the directive and its implications better.

For Cynomi Users

Cynomi is an AI-based and automated vCISO platform for MSPs and MSSPs looking to grow revenue and streamlining security and compliance processes. Cynomi’s compliance coverage includes NIS 2. With Cynomi, MSPs and MSSPs can:

Conduct simplified and automated compliance assessments to determine client’s readiness for NIS 2
Create an automated remediation plan to address NIS 2 gaps
Report on progress with comprehensive and shareable reports that can also be used with management and auditors
Show value over time, positioning themselves as a business partner and compliance expert

Using Cynomi, you can assist your clients become NIS 2 compliant and grow your revenue, without straining your own resources or having to invest significant time and effort in becoming a NIS 2 expert. Start today.

What the 2024 CrowdStrike Incident Means for MSPs/MSSPs

David Primor Publication date: 31 July, 2024

Compliance Top Security Policies

CrowdStrike incident and business continuity plan

The CrowdStrike Incident is the most large-scale computing incident to occur in the past 14 years, impacting millions of businesses worldwide. Fixing this issue requires extensive IT efforts, but is also impacted by how each organization practices cybersecurity hygiene. In this article, we explain why MSPs and MSSPs should be involved in fixing efforts and how they can help their SMB clients in the short and long-term.

Why Should CyberSecurity Experts and MSSPs/MSPs Care?

The 2024 CrowdStrike incident resulted from a bug in the release. This seems to be a development/IT issue. Why should professionals engaged in cyber security take notice of this event? There are four main reasons:

First and foremost, the ability to fix the issue partially depends on cyber security hygiene. We provide more details below, but the main idea is that an organization’s cyber security practices directly impacted their ability to bounce back, making security teams and MSPs/MSSPs key players in this incident.
While the CrowdStrike incident is not a cyber security incident, its implications are similar. Security teams can leverage this incident to develop a plan to prevent similar incidents and an incident response tools that deals with them.
The incident compromised the availability of systems and information. Since cybersecurity deals with information confidentiality, integrity and availability, security teams should consider being involved in the fixing process and in the long-term plans to prevent such incidents from recurring in the future.
This bug was part of a security tool release, to a vulnerability scanner, which is part of the security stack and in their realm of responsibility.

Here’s more on why you should care, from William Birchet, founder of the vCISO network and vCISO consultant, and David Primore, CEO and co-founder of Cynomi.

What Happened?

On July 19, CrowdStrike issued a software update to their Falcon Sensor vulnerability scanner. The update was intended to fix a high memory utilization issue. A bug in the release disrupted dozens of millions of Windows users worldwide, showcasing the “blue screen of death”. Systems were forced into a bootloop of constant rebooting..

CrowdStrike issued an updated release to fix the issue. However, since many of the impacted devices were unable to connect to the internet to download the update, they remained stuck in the blue screen of death.

To overcome this, Microsoft has advised customers to reboot in Safe Mode or Windows recovery Mode. Then, admins could go into the Windows System Directory, remove the infected file, reboot and obtain the updated release. However, doing so requires local account access and privileges. Another option enables recovering from WinPE, but this requires BitLocker encryption keys, which are not always available. As of now, there is no other immediate available fix, though Microsoft and CrowdStrike are constantly working on new solutions.

There are millions of impacted businesses. These include airline providers, healthcare services, financial services, emergency call centers, news, SMBs and many more.

The Importance of Cybersecurity Hygiene

Fixing the corrupted CrowdStrike file touches upon two cybersecurity best practices.

Local admin access and privileges – Accessing Windows System Directory and rebooting through Safe Mode requires proper management of local admins and their ability to access sensitive files. This involves PAM – Privileges Access Management. However, many organizations have removed these local accounts, resulting in their inability to reboot in Safe Mode.
Storing backup encryption keys – To recover from WinPE, organizations might need their BitLocker keys. These are often stored in the Domain Controller, but in this case it is also stuck in the blue screen of death. If the organizations didn’t store their backup recovery keys elsewhere, they cannot use this option.

If you are dealing with these issues, continue to follow Microsoft and CrowdStrike updates for more future solutions.

How MSPs/MSSPs can Help Their SMB Clients: Short-Term

Small and medium businesses are exceptionally vulnerable to this incident, since they lack the resources to fix the issue or the pockets to sustain until it is. For security, many of them rely on MSPs and MSSPs. This is an opportunity for these service providers to act as trusted business and security partners and assist their clients until the issue is resolved.

One of the challenges MSPs/MSSPs face is how to access impacted devices. In most cases, you are probably accessing your clients’ networks remotely. However, in such an outage Remote Management tools are also offline. This requires MSPs and MSSPs to come to every site and touch every computer.

How MSPs/MSSPs can Help Their SMB Clients: Long-Term Business Planning

In addition to the immediate fix, this is an opportunity for MSPs/MSSPs to help build and develop their clients’ long-term business continuity plan (BCP).

Don’t start from scratch. Download the BCP template and sample and hit the ground running.

Ensure you execute every step correctly by downloading the XLS risk assessment template.

Why BCP?

Various types of incidents – attacks, outages, wars, natural disasters, and more – can impact industries and businesses around the globe. A business continuity plan ensures that despite such incidents, businesses can continue to operate and deliver goods and services to their clients. A good business continuity plan can be the difference between whether your client’s business survives or not.

A business continuity plan consists of business impact analysis, risk assessment, recovery strategies, actionable plans, roles and responsibilities, incident response, communication plans, employee training, drills, IT disaster recovery, and more.

Cynomi offers a customizable business continuity plan policy, enabling you to develop, plan and track the implementation of the BCP for your clients’ specific needs. With Cynomi, you can scan and understand your clients’ readiness, build detailed policies with actionable tasks, track and measure progress and report the status to your clients’ leadership. To learn more about how to get started, click here.

Understanding CMMC 2.0: What MSPs & MSSPs Need to Know

David Primor Publication date: 12 June, 2024

Compliance Top Security Policies

William Birchett, President of Logos Systems, and myself discuss CMMC 2.0.

There’s growing interest in the Cybersecurity Maturity Model Certification (CMMC) 2.0 among all organizations that cater to the defense sector. This is particularly impactful for Managed Service Providers (MSPs)and Managed Security Services Providers (MSSPs) who must understand and meet these standards in order to ensure their clients take the right security measures This also presents a unique opportunity for MSPs and MSSPs to grow and differentiate their business.

I met with William Birchett, a seasoned CISO from Logos Systems, to discuss the critical aspects of CMMC 2.0 and its implications for MSPs and MSSPs.

What is CMMC?

CMMC is a formal certification process required for U.S. defense contractors to protect Controlled Unclassified Information (CUI). It ensures that companies involved in the defense supply chain meet specific cybersecurity benchmarks.

While companies may already have foundational cybersecurity practices in place, they are required to undergo the formal CMMC certification process to demonstrate their compliance with U.S. Department of Defense (DoD) cybersecurity requirements.

Who Needs to Comply with CMMC?

Any company that sells products or services to the DoD must comply with CMMC. This includes manufacturers of various items, from hardware to safety gear, making it a broad requirement across different industries.

What are the Levels of CMMC?

CMMC 2.0 includes different levels of certification depending on the sensitivity of information handled and the contract requirements:

Level 1: Basic cyber hygiene, often allowing self-attestation.
Level 2: Requires a third-party assessment, particularly for handling more sensitive data.

What’s the difference between CMMC 1.0 and the new update CMMC 2.0?

Level 1 organizations can now perform self-attestation. In CMMC 1.0 they were required to carry out third-party audits.
Level 2 organizations and above must perform third-party assessments, ensuring stringent security for higher-risk information.

What are some challenges of implementing CMMC 2.0?

Achieving CMMC compliance is complex and often misunderstood. Many organizations believe that they’re compliant but fail to fully adhere to the standards.

Accurate interpretation and implementation of CMMC requirements are essential – this involves integrating NIST 171 and 172 standards and meeting specific federal acquisition regulations.

What is the impact of CMMC 2.0 on MSPs and MSSPs?

CMMC 2.0 applies to Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) that work with clients that sell to the defense industry.

To determine the impact, MSPS and MSSPs should identify the following:

1. Service scope: What services are you providing and do they meet the requirements?

What encryptions are used?
Are you connected to the cloud? Are the cloud providers authorized?

Example 1: Does your RMM let you download files from a customer’s computer? With CMMC those features have to be disabled or they could bring the entire MSSP into the scope of CMMC regulations.

Example 1: Just because a service or product claims to be “FedRAMP equivalent,” does not mean that the requirements are met, it just means they haven’t paid the money to be assessed by the Federal Government – and therefore are not compliant.

2. Business offering: Do you want to continue providing the services you’ve been providing? Or do you want to offer specialized services for the defense sector to meet CMMC requirements?

What are some opportunities for MSPs and MSSPs?

Despite the complexities, CMMC presents a huge opportunity for MSPs and MSSPs to grow and differentiate themselves in the cybersecurity market.

MSPS and MSSPs can become a CMMC Registered Practitioner (RP) or Registered Provider Organization (RPO). This involves relatively low entry costs (starts around $5,500/year) and can open new business avenues. There are also levels above that such as C3PAOs, certified professionals, audit, etc..

Since CMMC certification will apply to all businesses wanting to do business with the DoD, no matter how down-stream they are, there will be many opportunities for MSPs and MSSPs to support their customers in this area.

How to apply for CMMC 2.0 certification?

Whether seeking certification for yourself or your clients, it’s critical to start the compliance process immediately since it will soon be required in every service contract.

The steps for certification are:

Determine your or your clients’ required CMMC level: Conduct a thorough assessment of current cybersecurity practices.
Schedule an audit: All CMMC certifications require an audit by a CMMC Third-Party Assessment Organization (C3PAOs).
Submit the audit to the CMMC: All audits must be submitted to the CMMC accreditation body to certify that it was completed by an authorized third-party. The CMMC accreditation body then issues the certification.

Many organizations who believe they are CMMC 2.0 compliant actually do not meet the formal compliance standards. This is an opportunity for you (MSPs and MSSPs) to help your clients better understand the requirements and ensure that they are in fact compliant with the new regulations.

Announcing: We’ve Raised an Additional $20M to Bring Expert-level Security to SMEs

David Primor Publication date: 16 April, 2024

Company News

As the co-founder and CEO of Cynomi, I’m excited to share a major milestone in our journey. We’ve successfully secured $20 million in funding! This investment was led by Canaan, along with return investors Flint, S16V and Aloniq. It will fuel our mission to bring more robust, comprehensive and standardized security and compliance services to SMEs worldwide. Cynomi addresses the CISO expertise gap for MSPs and MSSPs in an automated manner, enabling them to scale their business and provide expert-level and affordable security and compliance services to SMEs.

Our Vision: Robust Security for SMEs

When Roy Azoulay and I founded Cynomi, we were driven by a shared vision to address a significant gap in the cybersecurity market. Our backgrounds gave us a unique perspective: mine as a Lt. Colonel in IDF’s elite unit 8200 and the Technology Executive Director of Israel’s cyber authority, and Roy’s as a serial entrepreneur and the head of Oxford University’s startup incubator. We were able to clearly see the challenges faced by SMEs in securing their digital assets. We saw that despite SMEs’ inherent role in the global economy and their vulnerabilities in the eyes of attackers, they were often overlooked in the cybersecurity landscape.

AI-powered and Automated Cybersecurity Expertise

Cynomi is an AI-powered vCISO platform, designed to serve MSPs and MSSPs. This platform is a strategic solution that automates CISO expertise, capabilities and tasks. Based on the knowledge and experience of top global CISOs, it ensures MSPs/MSSPs can provide high-level cybersecurity and compliance services to their clients, without having to hire an in-house CISO.

The response to Cynomi has been overwhelmingly positive, with over 100 service providers already leveraging our platform to protect their clients more effectively. We expect this number to significantly grow in the upcoming years, as vCISO services are among the fastest-growing segments in cybersecurity today. According to our findings, 86% of MSPs and MSSps plan to provide or add vCISO services by the end of this year, a 500% increase!

Expanding Security and Compliance Reach

This funding round will help us scale our operations internationally, further enhance our platform, bring awareness to its capabilities and deepen our engagement with partners. Our goal is to continue innovating in a way that changes how cybersecurity services are delivered to SMEs worldwide. We’re also excited about the opportunity to continue helping our partners expand their business into strategic cybersecurity services, enjoy client retention and secure recurring revenue and upsell opportunities.

Thank You

The need for robust, accessible cybersecurity and compliance has never been greater. Thank you to our investors, Canaan, Flint, S16VC and Aloniq, for the vote of confidence in Cynomi and the team. Thank you to our MSP and MSSP partners for sharing our vision to bring security to SMEs worldwide. Finally, thank you to the hard-working and dedicated team at Cynomi, who has built the leading vCISO platform. Together, we are making a significant impact in the world.

5 Quick Steps to Create Generative AI Security Standards [+ free policy]

David Primor Publication date: 24 January, 2024

Education vCISO Community

5 Quick Steps to Create Generative AI Security Standards [+ free policy]

Organizations are harnessing the power of Generative AI (GenAI) to innovate and create, and 79% of organizations already acknowledge some level of interaction with generative AI technologies¹.

However with great technology come increased concerns about security, risk, trust, and compliance. According to a recent Gartner^Ⓡ poll: Which risk of Gen AI are most worried about? Reveals that 42% of the organizations are concerned about Data Privacy². Dark Reading survey echoes these concerns, stating that 46% of enterprises find a lack of transparency in third-party generative AI tools³. The situation among SMBs (500-999 employees) is of greater concern, with 95% of organizations are using GenAI tool, while 94% of them recognize the risk of doing so⁴.

As the integration of Generative AI gains popularity, security professionals should be aware and well-informed of emerging challenges such as Prompt Injection, Model Poisoning, and Database Theft. In this unknown environment, organizations must establish a robust Generative AI Security Policy.

In this guide we lay out 5 quick steps and considerations in crafting a defense strategy that harnesses the power of Generative AI without compromising your security poster.

The Purpose of Generative AI Security Policy

A Generative AI Security Policy defines guidelines and measures safeguarding against potential risks, ensuring secure and responsible deployment of generative AI technologies within an organization.

Key Steps in Securing Your Generative AI

1. Gaining Visibility into Your GenAI Touchpoints

Establish real-time monitoring mechanisms to identify all GenAI touch points across your organization, closely tracking the usage of Generative AI tools. Knowledge is a powerful asset, and consistent observations help in recognizing anomalies, ensuring that any suspicious activity is promptly addressed.

This proactive approach is essential for upholding a secure and resilient digital environment.

2. Assessing Threat Landscape

When approaching your initial GenAI security roadmap, start by gaining a comprehensive understanding of the existing threat landscape. Address primary concerns, including the OWASP Top 10 Large Language Model (LLM) security vulnerabilities to identify potential vulnerabilities and proactively anticipate emerging risks and organizational concerns.

A meticulous threat assessment lays the foundation for customizing Generative AI applications to meet specific security requirements. This includes safeguarding source code, third-party GenAI-based applications, and original model development, among other areas of exploration.

3. Implementing Classification and Access Controls

Define stringent access controls for Generative AI tools. When leveraging or integrating GenAI tools, It is highly important to set classification and access control to unauthorized/authorized roles, departments, and classes, and define roles and responsibilities for individuals involved in GenAI development and deployment.

Limit access to authorized personnel, ensuring that only those with proper clearance can leverage these powerful capabilities. This helps prevent misuse and unauthorized access.

4. Regular Training and Awareness Programs

Equip your team with the knowledge required to responsibly use Generative AI tools. Conduct regular training sessions on security best practices and the ethical use of AI, as well as implement a real-time alert system to proactively deter employees from engaging in insecure practices or disclosing sensitive data to GenAI tools.

Fostering a culture of awareness ensures that Generative AI is harnessed for defensive rather than offensive purposes.

5. Following a Dedicated GenAI Security Frameworks

Since LLM and GenAI are conversational tools that also consistently evolve and learn it’s essential to use the right security measurements and solutions. Seamless integration with dedicated GenAI security and risk tools, empowers organizations to proactively identify, assess, and mitigate potential risks associated with generative AI, ensuring a robust security posture.

Stay ahead in the dynamic AI landscape by leveraging specialized frameworks tailored for GenAI security.

As we conclude, remember: shaping a Generative AI Security Policy today is the key to safeguarding tomorrow’s innovations. By embracing the crucial steps in crafting a robust security policy, you lay the foundation for a resilient and secure future in the dynamic landscape of GenAI.

Access Cynomi’s GenAI Security Policy now. As a service provider, we encourage you to share it with your customers and initiate a conversation about the need to use GenAI tool securely.

This blog post was written in collaboration with Lasso Security, a pioneer cybersecurity company safeguarding every Large Language Models (LLMs) touchpoint, ensuring comprehensive protection for businesses leveraging generative AI and other large language model technologies.

‍

¹McKinsey, The State of AI in 2023: Generative AI’s Breakout Year, 1 August, 2023.

²Gartner, Innovation Guide for Generative AI in Trust, Risk and Security Management, by Avivah Litan, Jeremy D’Hoinne, Gabriele Rigon. 18 September, 2023.

³Dark Reading, The State of Generative AI in the Enterprise, by Jai, Vijayan, December 2023.

⁴Zscaler, Key Steps in Crafting Your Generative AI Security Policy, 14 November, 2023.

Security Predictions for MSSPs and MSPs 2024

David Primor Publication date: 18 December, 2023

Education vCISO Community

Security Predictions for MSPs & MSSPs for 2024

Looking into 2024: Security Predictions for MSSPs and MSPs

2023 is coming to a close, marking the end of a year filled with remarkable technological advancements, from generative AI to new cybersecurity capabilities. As we prepare to enjoy the holiday season and welcome the New Year, it’s important to remember that many cyber attackers don’t observe holidays. As such, SMBs will increasingly rely on your expertise this coming year to protect their most valuable assets from being breached.

Here are my predictions for the SMB and cybersecurity landscape that will impact you as an MSP/MSSP this upcoming year. Looking ahead, by providing vCISO services you will be able to turn 2024 into a year of security and growth for SMBs. Therefore, vCISO services are poised to boost your revenue stream significantly and help you differentiate yourself among other service providers, making 2024 a growth year for you as well.

Here’s what I predict will happen in 2024:

1. Increased SMB Targeting by Cybercriminals

Small and medium-sized businesses are becoming more frequent targets for cyber-attacks and 2024 will be no different. In 2023, 73% of SMBs experienced a cyberattack, data breach, or both, according to the 2023 ITRC Business Impact Report. This is not only a high attack rate, it’s also a significant increase compared to the rates in 2022 (43%) and 2021 (58%), and rates will continue to remain high.

One of the reasons behind this alarming trend is that cyber attackers are no longer sparing SMBs of their malicious attention. The Verizon 2023 DBIR analyzed attack trends for SMBs and large businesses and found that differences between the two types of organizations were becoming increasingly blurred. This includes aspects like attack frequency, threat actors, motives and types of compromised data.

What Does This Mean for MSPs/MSSPs?

Equipped with these understandings, SMBs are realizing that cyber security is becoming a necessity, not a nice-to-have luxury. Therefore, MSPs/MSSPs are expected to experience heightened demand in 2024 for expert cybersecurity leadership. By providing comprehensive vCISO services, MSPs/MSSPs can address the growing customer need for proactive cyber resilience.

This growing need for vCISO services is also an opportunity for MSPs/MSSPs to grow their recurring revenue. By providing a new and crystallized offering to their customers, MSPs/MSSPs can increase sales and differentiate themselves from the competition. Finally, leveraging the vCISO offering to connect to SMBs leadership, allows MSPs/MSSPs to deepen their business engagement and build a stronger relationship with customers.

2. Rapidly Evolving Regulatory Landscape

New and updated regulations in cybersecurity and data privacy are expected to come into full effect by 2024. SMBs will be required to meet regulations for handling PII, financial information, and other types of sensitive data when working with governmental bodies. The rising concern over supply chain and third-party attacks will also lead large businesses to enforce stringent security measures on SMBs, leaving them with no choice but to conform if they want to conduct business with them.

In addition, in 2024, security compliance will not just be a regulatory requirement but also a business necessity. SMBs looking to position themselves as a trustworthy and security entity will actively seek to meet regulations or frameworks like NIST-CSF, CIS V8 or ISO 27001 as a way to demonstrate their security posture.

What Does This Mean for MSPs/MSSPs?

In 2024, we predict that MSPs/MSSPs will see increased demand for specialized compliance services. This will require them to expand their offerings to include compliance audits, risk management and enhanced security solutions. To effectively meet these challenges, MSPs and MSSPs will need to invest in new technologies and advanced cybersecurity solutions that can answer this need.

An automated vCISO platform can help MSPs/MSSPs provide compliance assessments. Achieving compliance will become a must-have, and service providers that are able to help SMBs understand their compliance status, highlight the gaps, and achieve compliance more quickly will gain the upper hand. These include automatically-generated tailored policies and strategic remediation plans with prioritized tasks to each client. A platform can also help track compliance, ensuring no regulation requirement falls between the cracks.

3. New Advancements and Risks in AI and Technology

The rapid advancements in AI, IoT and cloud computing have greatly accelerated business capabilities. They allow for unprecedented opportunities for SMBs, which were previously only available for large businesses. However, these advancements also bring new security challenges that are often more complex and sophisticated than traditional threats.

For example, AI systems can become targets of cyberattacks, resulting in data exfiltration or damage to the business. IoT systems often lack security protocols, making them vulnerable to attacks that can compromise the entire SMB network. Cloud computing vulnerabilities or excessive permissions can lead to data breaches and loss of control over sensitive information. For SMBs, the risk is heightened due to typically lower levels of investment in robust cybersecurity measures compared to larger enterprises.

What Does This Mean for MSPs/MSSPs?

As trusted security advisors, MSPs and MSSPs must evolve their services in 2024 to address the unique challenges posed by AI, IoT, and cloud computing, ensuring that their SMB clients can safely benefit from these technologies while minimizing potential risks. This adaptation involves implementing stronger security protocols and defenses, like misconfiguration identification, the principle of least privilege, embedded observability and responsible AI. It also includes educating SMBs about the risks and best practices associated with these technologies.

An automated vCISO platform is always up-to-date, ensuring your clients are always protected against the latest threats and risks with the latest policies. For example, GenAI policies that ensure safe use of GenAI.

4. Enhanced Cybersecurity Awareness Among Leadership

Growing awareness of digital threats has not escaped the attention of boards and management teams. Boards are becoming increasingly concerned about the reputational and financial risks associated with data breaches, which could result in regulatory fines, loss of customer trust and ceasing of operations. As a result, in 2024 there will be a growing demand from these leadership teams for investing in more robust and proactive security measures.

What Does This Mean for MSPs/MSSPs?

As cybersecurity increasingly becomes a board-level concern, there will be greater demand for executive team involvement in cybersecurity. Leadership will aim to constantly understand their current security posture, to enable them to manage risk effectively. MSPs/MSSPs can fulfill this need by simplifying cybersecurity, making the information accessible and summarizing the highlights and top-level insights in reports. By providing concise and clear information MSPs/MSSPs can support leadership’s strategic decision-making that aims to overcome security gaps.

Automated vCISO platforms enable offering full-fledged vCISO services, including the creation of comprehensive security dashboards and reports, providing a view of the company’s security posture based on data measurements and risk scores.

5. Geopolitical Impact

Businesses around the world will be deeply influenced by geopolitical factors in 2024. From diverse global regulations to varied threat landscapes, a globally interconnected world requires SMBs to adapt their security strategies. This complexity is heightened by the current geopolitical climate conflicts, particularly in regions like the Middle East, the US (due to their involvement in the conflict) and highly unstable Muslim regions like Yemen and Iraq. Political tensions can lead to an increase in cyber threats, often targeting Western countries, and the US in particular.

What Does This Mean for MSPs/MSSPs?

The interplay of global geopolitics and cybersecurity presents a unique challenge for MSPs and MSSPs. They must ensure they have strong and comprehensive security controls, and must be able to monitor threats at all times. It’s also important to develop incident response plans and have clear policies in place to handle any breach or attack. Regular training and testing are also essential to ensure employees are familiar with the security protocols. Given the high stakes, an automated platform can reduce the overhead, boost security expertise and help MSPs and MSSPs focus on working with the customer.

6. vCISO Opportunity for Growth

SMBs across the board will require comprehensive security solutions and top-industry cybersecurity expertise in 2024, due to the aforementioned reasons. These include the need to address the growing number of threats, new compliance requirements, evolving digital risks and as a way to reassure boards they are taking the necessary measures to secure their infrastructure and data. Yet, their budgets will not always allow for hiring an in-house team.

vCISOs who will be able to effectively meet this need are poised for unprecedented growth in 2024. They can expect to see growing demand for their services among SMBs, with the potential to build long-term business relationships. Cost-effective cybersecurity solutions like vCISO services will be particularly attractive as companies look to maximize the value of their investments.

What Does This Mean for MSPs/MSSPs?

MSPs and MSSPs that offer vCISO services will meet SMBs that are willing to pay for such comprehensive security services. This large and lucrative market provides an opportunity for MSPs and MSSPs to grow their revenue in the short and long term. It’s no wonder that the State of the Virtual CISO 2023 Report commissioned by Cynomi found that 45% of MSPs and MSSPs plan to add vCISO services to their offering by the end of 2024.

Offering vCISO services also enables MSPs and MSSPs to ride the above trends and differentiate while growing their business. Thanks to AI-based vCISO technologies, in-house expertise is no longer a bottleneck for MSPs and MSSPs. Automated vCISO platforms reduce the overhead by providing an automated solution to each service, from cyber profiling to risk assessments to tailored security policies across access management, and more. This expands the range of services MSPs/MSSPs can offer while making the process more efficient and reliable.

Looking Forward

As we approach 2024, it becomes clear that the cybersecurity landscape for SMBs is expected to become even more risky and complex. As a result, SMB demand for comprehensive cybersecurity and vCISO services is expected to surge.

This presents a unique and significant opportunity for MSPs and MSSPs. By embracing innovative technologies like automated vCISO platforms, you can offer comprehensive, efficient, and tailored cybersecurity solutions to your SMB clients.

Now it’s up to you, will you position yourself at the forefront of protecting SMBs? By taking proactive steps,including building the right plan and choosing the right tools, you can stay ahead of the 2024 curve and enjoy opportunities for growth and success.

Wishing you a prosperous 2024!

NIST CSF 2.0 and Its Impact on MSPs and MSSPs

David Primor Publication date: 31 August, 2023

Education Company News

NIST CSF 2.0 and Its Impact on MSPs and MSSPs

On August 8, NIST unveiled the draft for the updated NIST CSF framework. This new version includes several important changes designed to make the framework more effective and adaptable to the evolving cybersecurity landscape. David Primor, CEO of Cynomi, delves into the key changes in this new version and analyzes their potential significance and impact on the cybersecurity landscape.

A Brief Reminder: NIST CSF

NIST CSF is a powerful and popular cybersecurity framework for managing cybersecurity posture and reducing risk. It offers strategies, guidelines and best practices that guide organizations across the entire cybersecurity lifecycle: from identification to recovery. NIST CSF also aligns with various industry standards and is accepted by government agencies and leading organizations, further bolstering its credibility.

Thanks to its scope, structure, flexibility and scalability, NIST CSF has become one of the most popular and widely-adopted cybersecurity frameworks across organizations. While originally designed to protect critical infrastructure companies, NIST CSF is used by companies of different sizes (SMBs, mid-market, enterprise) and across verticals. Today, NIST CSF is considered a vital tool and an essential baseline for organizations worldwide when developing their cybersecurity programs.

What’s New in NIST CSF 2.0?

On August 8th, the National Institute of Standards and Technology (NIST) published a draft of version 2.0 of the CSF. The new draft includes a number of groundbreaking changes designed to make the framework more effective and adaptable to the evolving cybersecurity landscape. Let’s delve into the most important ones.

NIST CSF: Now Suitable for All Organizations

As mentioned, the NIST CSF framework was designed with a focus on safeguarding critical infrastructure. This includes organizations from national security, healthcare, finance, and similar industries. However, NIST has recognized that the challenges of cybersecurity are not confined to just these sectors; they are ubiquitous and impact organizations of all types and sizes.

Recognizing this universality, NIST has adapted the framework to be more inclusive, extending its applicability to all organizations, regardless of their industry or scale. NIST CSF 2.0 is a universally applicable guide that can help any organization improve its cybersecurity measures. Now, there’s no reason for any organization to hesitate before using this valuable resource for enhancing their security plans.

Practical Implementation Examples

While the NIST CSF framework continues to operate at a high level, NIST 2.0 has taken a significant step to bridge the gap between theory and practice. “Implementation Examples”, which are notional examples of action-oriented processes, help guide organizations on how to implement the framework. They help explain how the CSF’s guidelines, principles and best practices can be translated into actionable steps.

Before this addition, organizations might have found the framework’s recommendations to be somewhat abstract and hard to implement. Now, with these examples, the framework is easy to understand. Organizations essentially have a clear roadmap to follow.

The Newest Function: Govern

Until now, the NIST Cybersecurity Framework comprised five core functions: Identify, Protect, Detect, Respond, and Recover, which were the gold standard for cybersecurity practices. These functions became so standardized they were widely adopted not only within the context of NIST, but also in various other frameworks and industries.

The recent addition of a sixth function—Govern—marks a significant evolution in the framework. This new function aims to delve deeper into the organizational and business context, taking into account elements such as risk management strategy and supply chain risk management, as well as the delineation of roles and responsibilities across the organization and the need for policy creation.

In my opinion, the inclusion of “Govern” is a bold move and a commendable step forward. Governance in cybersecurity is often the linchpin that holds all other functions together. It ensures that there is a coherent strategy and that everyone in the organization, from the top-level management to the operational staff, is aligned in their cybersecurity efforts.

My primary strategic security advice to any organization is to involve the management or CEO in cybersecurity discussions and decision-making. The level of commitment and oversight that comes from active management involvement and having a business-led cybersecurity strategy can be a gamechanger, setting the stage for a more robust and effective cybersecurity posture.

Supply Chain Risk Management

The emphasis on supply chain risk management in the updated framework is both timely and crucial. While the concept was present in earlier versions, its significance has been amplified, as supply chain vulnerabilities have increasingly become a target for cybersecurity attacks. The decision to give supply chain risk management greater focus is the right thing to do. It equips companies with the necessary guidance and tools to better understand, assess, and mitigate this complex and evolving risk, strengthening their overall cybersecurity posture.

Secure Software Development

Software development is the cornerstone of many organizations’ operations, making software development security critical. Therefore, the updated framework’s more rigorous requirements for secure software development are very welcome.

How to Implement NIST CSF 2.0

NIST aims to assist organizations in implementing this cybersecurity framework by offering adaptable profiles and prioritizing framework outcomes. This approach is highly logical as it allows for a tailored application of the framework to meet the unique needs of different organizations. However, the customization and prioritization process is best done by professionals with a deep understanding of the framework. These experts can focus on continuous assessment, prioritization, and review of cybersecurity measures.

For CISOs

With this updated framework, CISOs can more accurately determine their organization’s cybersecurity profile and develop a risk-based plan. This enhances the robustness of their cybersecurity measures, efficiently and rapidly.

For SMBs and Mid-Market

For SMBs and mid-market companies, framework-based platforms that use the NIST methodology could become a compelling solution for NIST CSF adaptation. These organizations often lack the in-house expertise needed to fully implement and manage the NIST cybersecurity framework. By leveraging platforms that are designed around the NIST methodology, these companies can more easily align their cybersecurity practices with industry standards, saving effort and time.

For MSPs and MSSPs

MSPs and MSSPs also stand to gain significantly from the updated NIST framework. The new insights and methodologies incorporated into the latest version offer a more holistic approach to cybersecurity risk management and make it easier to understand and implement. By integrating these advancements into their service offerings, MSPs and MSSPs can deliver more accurate and efficient risk assessments. They can also deliver more effective and up-to-date cybersecurity plans, tailored to the specific needs of their clients.

By making accurate and timely use of the new framework correctly, MSPs and MSSPs can enhance their value proposition while gaining a competitive edge in the market. Their clients, in turn, benefit from the most robust, adaptive, and cutting-edge cybersecurity strategy that aligns with recognized best practices, improving their overall security posture while optimizing resource allocation.

For Cynomi Users

We were incredibly enthusiastic about the new updated version of the NIST framework, so much so that we are taking proactive steps to already implement and map it within our Cynomi platform. This allows our partners and customers to become rapidly acquainted with the updated framework in a straightforward and easy-to-use manner, and to start leveraging the framework’s benefits and the dozens of new tasks it now includes, even before its formal publication.

Essentially, we are providing users with a unique opportunity to get a head start on enhancing their cybersecurity posture based on the new NIST CSF. It can also help them provide informed feedback to NIST on this draft, which NIST is accepting throughout November 4th. We’re thrilled to be the first platform to adopt and offer this excellent updated framework to our user community.