How can companies tackle vulnerabilities in cyber security?

Fred Voccola, CEO at Kaseya, spoke to Cyber Magazine to discuss minimising gaps and vulnerabilities, and the importance of training staff in cyber security

Can you tell me about Kaseya?

Kaseya is the leading provider of unified IT and security management software for managed service providers (MSPs) and internal IT departments. We believe technology is the backbone of all modern business. In line with that, we are focused on delivering best-in-breed solutions that empower organisations to manage IT infrastructure, secure networks, backup critical data - and most importantly - grow their businesses. Our mission is to serve the multi-function IT professional with all the tools they need to do their jobs efficiently and cost-effectively.

Our IT Complete  platform is comprised of industry-leading solutions from our family of brands - Unitrends, RapidFire Tools, Spanning Cloud Apps, IT Glue, ID Agent, Graphus and RocketCyber. More than 40,000 organisations around the globe use one - or all - of Kaseya’s industry-leading IT solutions, and that number is growing every day. Headquartered in Miami, Florida, Kaseya is privately held with a presence in more than 20 countries.

What is your role and responsibilities at the company?

I am the CEO of Kaseya, a job I have held since joining the company in 2015.  I lead the vision, strategy and growth of Kaseya and its family of brands. What this means in practice is that I’m constantly speaking with our customers to understand their challenges and making sure that our software meets their needs. I’m lucky to work with an incredible team at Kaseya, and I’m proud of the customer- and employee-centric culture we’ve created.

I am very excited by the ongoing opportunity that my role as CEO presents. When I joined Kaseya seven years ago, I knew that this company had the potential to transform the way MSPs and internal IT departments ran their businesses. I continue to be impressed by how our team works tirelessly to serve our customers and anticipate their needs. I look forward to continuing to enhance our IT Complete suite of solutions to help our customers streamline and grow their businesses.

As companies tackle rapid digital transformation, how important is it for employees to have cyber security training?

It is absolutely critical that organisations of all sizes provide cyber security training for their employees. Training should not be confined to managers or the IT team. Employees in all divisions within an organisation are subject to malicious threats. Security awareness and training should therefore not be targeted at a specific group of users, but the entire workforce. Employees need to understand the signs of a phishing email and how to create secure passwords—and frequent training that reminds them about these topics is essential. Once a year is not going to cut it anymore.

A lot of small companies think that cyber-criminals won’t go after them because of their size—but we’ve seen that cyber-criminals are targeting small and medium-sized businesses due to the perceived lack of cyber security protections. Unfortunately, when it comes to cyber-attacks, it’s not a matter of if, but when, and employees are the front line of defence in security.

MSPs can play a key role here also. By delivering cyber-security training to their clients’ employees, they can strengthen the bond of trust that they enjoy with that organisation. Training underpins and reinforces the strategic relationship.

In what ways can companies minimise gaps and vulnerabilities?

The use of passwords is still important in this context. Organisations still do need to be setting strong password requirements and discouraging password reuse. But passwords are no longer sufficient in themselves to secure logins to all of an organisation’s software and systems.

61% of all data breaches involve credentials, whether they be stolen via social engineering or hacked. We are also seeing a growing number being purchased on the Dark Web, a growing problem.

In addition to frequent cybersecurity training for all employees, companies should be implementing identity and access management (IAM) solutions that combine single sign-on (SSO), multi-factor authentication (MFA) and password management. IAM systems allow admins to define and manage the roles and access privileges of each of their end users. They can provide everyone with secure access to critical business applications and tools with a personalised one-stop Launchpad that streamlines access to everything employees need to do their jobs while mitigating password re-use and exploitation. And they can provide an extra layer of security though MFA to help combat the challenge of weak or recycled passwords.

What do you see as one of the biggest challenges in the cyber industry at the moment?

The labour shortage and skills gap are major challenges in the industry. Kaseya isn’t immune from these issues, yet we have done a good job of implementing a “Grow Your Own” philosophy that allows us to develop cybersecurity talent inside our organisation through educational programs, mentorship and leadership development. We also have been partnering with global universities to help shape college curriculum and build our talent pipelineMSPs are also struggling with a skills shortage. Many are stretched thin as they manage IT environments that are growing in complexity - all while dealing with supply chain issues and a hyper-competitive job market that has made staffing a significant challenge, It is not currently possible for them to hire their way into growth, as organisations are competing globally for talent at a higher cost.

Skilled staff therefore come at a much higher premium. Additionally, inflation is expected to increase costs for hardware, office leases and more, significantly impacting an MSPs’ expenses. MSPs will need to maximise productivity by automating manual processes like patching and reporting to allow technicians to focus on higher-level tasks that move the business forward, which, in turn, helps improve retention in an IT market with very low unemployment. 

What can we expect from Kaseya in 2022?

Kaseya will continue to strengthen its IT Complete suite of solutions, which are purpose-built to help the multi-function IT professional do more with less. The IT Complete suite continues to be the gold standard for IT professionals in need of solutions that are truly automated, secure and priced right to ensure maximum profitability. We intend to continue investing in our product suites through 2022 and also provide even more integrations between our product suites to allow customers to save more time and work more efficiently. We announced some killer features and integrations at the recent Connect IT Global conference in Las Vegas, including some incredible artificial intelligence technologies that will help our customers become even more efficient. Some of these include advancements to the much-anticipated Kaseya One platform, which allows technicians to view all their Kaseya solutions, browse for additional IT Complete modules, check support tickets and access help documentation from a single location. 

Additionally, IT professionals can view statement summaries with invoices, agents, software seats and license renewals in one place—eliminating hours of billing work. Kaseya One is also home to the Cooper Intelligence Engine, an innovative artificial intelligence (AI) utilization technology designed to help IT professionals get the most out of their Kaseya solutions. With “Cooper,” technicians can discover features, integrations and training opportunities tailored directly to their personal use patterns and receive suggestions on how to maximize how they utilize the platform.  

We expect to scale our team with over 1,300 new Kaseyans around the world who will help us enhance our best-in-breed products, provide five-star technical support and services, and ensure that we can deliver everything our customers need to make more money.

We’ll also continue to grow our company through strategic acquisitions, which I look forward to talking more about in the coming months.


Featured Articles

Tech & AI LIVE: Key Events that are Vital for Cybersecurity

Connecting the world’s technology and AI leaders, Tech & AI LIVE returns in 2024, find out more on what’s to come in 2024

MWC Barcelona 2024: The Future is Connectivity

Discover the latest in global technology and connectivity at MWC Barcelona 2024, where industry giants converge to discuss 5G, AI and more industry trends

AI-Based Phishing Scams Are On The Rise This Valentine’s Day

Research from Egress Threat Intelligence, Avast, Cequence Security & KnowBe4 outlines how AI is being used in dating app phishing scams on Valentine’s Day

Speaker Lineup Announced for Tech Show London 2024

Technology & AI

Darktrace predicts AI deepfakes and cloud vulnerabilities

Cloud Security

Secure 2024: AI’s impact on cybersecurity with Integrity360

Technology & AI