Julian and Joy Beland from Summit 7 discussed the evolving landscape of cybersecurity, emphasizing the increasing visibility of nation-state cyber attacks and their potential impacts on critical infrastructure. Joy highlighted the significant legislative shifts in 2024 that have changed how government agencies address cybersecurity threats, stressing the need for businesses of all sizes to prioritize security. The conversation underscored the urgency of addressing cybersecurity challenges in the current climate, particularly in light of alarming trends in breaches among large telecommunications companies.
Joy also raised concerns about the lack of serious investment in cybersecurity by major firms, questioning why these organizations remain vulnerable despite their resources. She noted that publicly traded companies would face greater scrutiny from stakeholders, which could drive improvements in their cybersecurity practices. She emphasized the importance of protecting consumer data and discussed the need for alignment on minimum data security requirements, particularly regarding sensitive information categories like HIPAA and PII. Joy advocated for a standardized baseline for Managed Service Providers (MSPs) to implement for their clients, as well as the importance of understanding the origins of hardware and software used in networks.
Joy emphasized the importance of training and monitoring employee behavior, as well as timely access management during employee transitions. Looking ahead to 2025, Julian and Joy explored the implications of compliance for MSPs, suggesting a potential division between those specializing in compliance and those taking a more generalist approach. Joy talked about Summit 7’s plans to achieve CMMC Level 2 certification and implement various cybersecurity frameworks, highlighting the importance of holding vendors accountable to meet necessary requirements.
Joy was a speaker at a recent Cybersecurity Defense Ecosystem Summit in USA last fall. You can read all about it here.
