{"id":203658,"date":"2026-04-09T15:08:00","date_gmt":"2026-04-09T19:08:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/04\/09\/connectwise-ciso-msp-cybersecurity-readiness-isnt-about-chasing-the-latest-zero-day-anymore\/"},"modified":"2026-04-09T16:20:18","modified_gmt":"2026-04-09T20:20:18","slug":"connectwise-ciso-msp-cybersecurity-readiness-isnt-about-chasing-the-latest-zero-day-anymore","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/04\/09\/connectwise-ciso-msp-cybersecurity-readiness-isnt-about-chasing-the-latest-zero-day-anymore\/","title":{"rendered":"ConnectWise CISO: MSP Cybersecurity Readiness Isn\u2019t About \u2018Chasing The Latest Zero-Day Anymore\u2019"},"content":{"rendered":"<p><a href=\"https:\/\/www.crn.com\/news\/security\/2026\/connectwise-ciso-msp-cybersecurity-readiness-isn-t-about-chasing-the-latest-zero-day-anymore\">ConnectWise CISO: MSP Cybersecurity Readiness Isn\u2019t About \u2018Chasing The Latest Zero-Day Anymore\u2019<\/a><\/p>\n<p><a href=\"https:\/\/www.crn.com\/news\/security\/2026\/connectwise-ciso-msp-cybersecurity-readiness-isn-t-about-chasing-the-latest-zero-day-anymore\">https:\/\/www.crn.com\/news\/security\/2026\/connectwise-ciso-msp-cybersecurity-readiness-isn-t-about-chasing-the-latest-zero-day-anymore<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-04-09 15:08:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.crn.com\">www.crn.com<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points. <\/p>\n<p>        \u2018Take a hard look at what you\u2019ve allowed into your environment. \u2018Not just what\u2019s exposed externally, but what\u2019s internally trusted: applications, vendors, service accounts. That\u2019s your real attack surface now,\u2019 says ConnectWise CISO Patrick Beggs.<\/p>\n<p>        Cybercriminals are increasingly skipping software exploits and going straight after identities, according to a new report.<br \/>\n        In its latest 2026 MSP Threat Report, Tampa, Fla.-based vendor ConnectWise warned MSPs that stolen credentials, session tokens, remote access tooling and software supply-chain relationships are now the fastest path to an attack. And at the center of that shift is identity abuse.<br \/>\n        \u201cAttackers aren\u2019t always forcing their way in anymore. They\u2019re walking through the front door using identities, tokens and connections that organizations already trust,\u201d ConnectWise CISO Patrick Beggs told CRN in an interview. \u201cAnd the scary part is, that behavior doesn\u2019t always look abnormal.\u201d<br \/>\n        [Related: ConnectWise Exec: AI And Hyperautomation \u2018Creating New Business Lines\u2019]<br \/>\n        Ransomware groups in 2025 prioritized speed and reliability over innovation, according to the report. Campaigns followed a \u201cscan, steal, encrypt\u201d model, with attackers targeting backup systems early to prevent recovery. In many cases, multi-factor authentication (MFA) protections were bypassed through stolen session tokens or inherited VPN credentials.<br \/>\n        Beggs added that these trends significantly change how MSPs should approach security.<br \/>\n        \u201cThis isn\u2019t about chasing the latest zero-day anymore,\u201d he said. \u201cIt\u2019s about understanding what you already trust inside your environment. What applications are connected? What APIs (application programming interface) are active? Who has access to your most critical systems? Most organizations would be surprised at how much overprovisioning exists.\u201d<br \/>\n        AI is also accelerating cybercrime, the report stated, by powering more believable phishing, speeding up malware development and letting threat actors automate attacks at a large scale. This is even when traces of AI don\u2019t show up clearly in forensic data. \u201cThat\u2019s what makes it dangerous, it lowers the barrier to entry while increasing effectiveness,\u201d he said.<br \/>\n        But despite the growth in sophisticated threats, Beggs said many MSPs still struggle with fundamentals: people and processes. He pointed to operational discipline such as identity governance, routine access reviews and documented playbooks as areas where many MSPs still have room to mature.<br \/>\n        To help mitigate this, ConnectWise this week launched its new \u201cModern Threat Protection\u201d approach, a unified, AI-powered framework that improves visibility and response across endpoints, identities and networks.<br \/>\n        The offering aims to reduce tool sprawl by integrating managed endpoint detection and response (EDR), security information and event management (SIEM) and email security into a single system, enhanced by AI-driven analysis and backed by a 15-minute response service level agreement.<br \/>\n        \u201cFragmentation creates gaps,\u201d Beggs said. \u201cWhen your tools don\u2019t talk to each other, attackers can exploit those seams. The goal now is correlation bringing identity, endpoint and network data together so you can see the full picture and act quickly.\u201d<br \/>\n        And it starts with mapping trust.<br \/>\n        \u201cTake a hard look at what you\u2019ve allowed into your environment,\u201d he said. \u201cNot just what\u2019s exposed externally, but what\u2019s internally trusted: applications, vendors, service accounts. That\u2019s your real attack surface now.\u201d<br \/>\n        The latest research reinforces what many MSPs are already seeing in practice, and partners Jason Slagle and Corey Kirkendoll said that shift is undeniable.<br \/>\n        \u201cIdentity-based attacks have been on the uptick for a while now, and that makes perfect sense,\u201d Slagle, president of Toledo, Ohio-based MSP CNWR Inc., told CRN. \u201cAs companies get better at backups and recovery, attackers pivot. Identity is harder to detect, harder to respond to and just as damaging. \u201cInside the network has always been easier to exploit Once attackers are in, they find the softer targets.<br \/>\n        Kirkendoll, CEO of Plano, Texas-based 5K Technical Services, echoed Slagle\u2019s sentiment, adding that MSP priorities must evolve.<br \/>\n        \u201cAnything we\u2019ve assumed is safe is now a target,\u201d Kirkendoll told CRN. \u201cIdentity-first security is critical. You have to monitor behavior, not just rely on signatures and operate with an assume-compromise mindset.<br \/>\n        \u201cIt comes down to discipline,\u201d he added. \u201cClean up access, know your tools and continuously reassess trust.\u201d<\/p>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>ConnectWise CISO: MSP Cybersecurity Readiness Isn\u2019t About \u2018Chasing The Latest Zero-Day Anymore\u2019 https:\/\/www.crn.com\/news\/security\/2026\/connectwise-ciso-msp-cybersecurity-readiness-isn-t-about-chasing-the-latest-zero-day-anymore Publish Date:&#8230;<\/p>\n","protected":false},"author":1,"featured_media":203659,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.crn.com\/news\/security\/2026\/media_11462c061eaa36336ac5a94c4c5aa3ca6a2fcb440.png?width=1200&format=pjpg&optimize=medium","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,24,31,32,25],"class_list":["post-203658","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-cybersecurity","tag-exploit","tag-malware","tag-phishing"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/203658"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=203658"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/203658\/revisions"}],"predecessor-version":[{"id":203660,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/203658\/revisions\/203660"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/203659"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=203658"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=203658"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=203658"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}